Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MHkPxhcP8SP4lNgxP5KpoAnzCCs.roa
File: MHkPxhcP8SP4lNgxP5KpoAnzCCs.roa (raw, json)
Hash identifier: fqtQPrBiS6BsUxcKTpq6BsjqoJzgjlUOdDFyyvkLH9w=
Subject key identifier: 30:79:0F:C6:17:0F:F1:23:F8:94:D8:31:3F:92:A9:A0:09:F3:08:2B
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0192F60D540C3027FA7ADD36E40FA3843A8C
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MHkPxhcP8SP4lNgxP5KpoAnzCCs.roa
Signing time: Mon 04 Nov 2024 07:22:01 +0000
ROA not before: Mon 04 Nov 2024 07:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50670
IP address blocks: 81.21.8.0/24 maxlen: 24
81.21.14.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
176.241.71.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:0d:54:0c:30:27:fa:7a:dd:36:e4:0f:a3:84:3a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Nov 4 07:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30790fc6170ff123f894d8313f92a9a009f3082b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6c:5c:c9:4f:99:eb:51:6f:ef:97:9d:ca:cf:
e9:47:2b:77:75:40:f2:a8:eb:13:0b:d1:b7:24:bc:
84:fb:37:b1:6f:7a:b9:b3:f4:0b:d7:f1:d9:15:4d:
23:08:8f:4e:b0:55:5c:64:37:1f:28:55:aa:7e:86:
57:f9:97:ab:7f:51:4f:e6:d1:5d:1b:94:fb:bb:97:
19:4c:c0:46:77:6e:63:bf:e7:3b:ba:d6:c7:d1:f6:
4f:b7:1e:ac:6b:f5:99:43:1b:1a:d2:24:4c:ef:f4:
d1:e7:77:9e:c3:9e:f1:a4:79:23:6e:a4:29:a9:13:
08:d3:40:55:78:cc:e6:1d:aa:68:65:0d:1e:fb:1c:
26:bf:0d:82:5b:76:3a:22:f4:a7:36:9a:b9:2b:0e:
43:22:bf:aa:ad:97:1e:fb:bc:41:7d:09:39:8e:83:
38:32:89:1a:dc:62:7c:d6:f3:a8:22:4e:a1:3e:73:
51:fd:d8:90:b9:63:c7:a4:fc:dc:20:3d:5e:e4:b8:
69:32:d5:2e:7f:37:a2:b0:74:fc:66:c3:e2:45:3c:
1d:50:59:f9:a6:c5:d5:40:dc:16:2d:85:70:03:60:
89:92:2a:aa:37:63:3f:ee:c4:77:59:c3:f1:38:2c:
7b:5b:21:b4:d2:e5:96:70:ef:66:19:ca:e3:da:f3:
c6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:79:0F:C6:17:0F:F1:23:F8:94:D8:31:3F:92:A9:A0:09:F3:08:2B
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MHkPxhcP8SP4lNgxP5KpoAnzCCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.8.0/24
81.21.14.0/24
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
19:2e:fd:bf:21:9c:04:7a:ae:5e:12:53:1f:43:85:bc:61:23:
57:2f:d5:5c:ff:ee:6b:21:5c:6b:9c:f4:96:43:84:c3:c7:b1:
0a:b6:4f:61:6d:7a:0c:5c:96:c1:6f:69:21:62:cc:da:52:04:
19:6b:64:56:ff:e9:ad:8f:f5:eb:2b:57:8e:86:3a:80:af:1b:
bd:5d:23:13:8d:13:d0:40:f8:31:00:c7:e9:dd:c8:0a:7e:66:
fc:61:92:bf:d1:f6:d2:4a:28:86:92:86:8f:e2:24:51:e5:07:
95:88:6e:1f:9c:ab:54:86:fb:b2:55:60:22:fb:f5:72:37:31:
19:53:8a:71:5f:7d:32:5a:f3:1e:38:fa:ca:37:9d:54:fd:c1:
32:d2:7f:67:81:53:e3:30:39:d3:ae:7a:8a:84:9f:86:39:3e:
1f:63:09:9b:b2:6c:b5:5c:18:f8:1c:a1:21:10:0f:3c:f3:ab:
13:31:79:fa:f4:58:1e:72:7d:bb:74:6a:59:6e:f6:52:54:dc:
e6:5f:79:e5:84:2d:69:91:04:ef:f6:da:65:b0:ec:d4:eb:cb:
26:59:e8:17:0e:95:57:38:82:ed:d4:db:f1:09:0d:a8:b0:43:
dc:ed:b3:84:a1:79:f4:9b:2b:6b:dd:6c:0d:66:81:13:5e:e6:
0d:df:e4:30
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZL2DVQMMCf6et025A+jhDqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQxMTA0MDcyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc5MGZjNjE3MGZmMTIzZjg5NGQ4MzEzZjkyYTlhMDA5ZjMwODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WxcyU+Z61Fv75edys/pRyt3dUDy
qOsTC9G3JLyE+zexb3q5s/QL1/HZFU0jCI9OsFVcZDcfKFWqfoZX+Zerf1FP5tFd
G5T7u5cZTMBGd25jv+c7utbH0fZPtx6sa/WZQxsa0iRM7/TR53eew57xpHkjbqQp
qRMI00BVeMzmHapoZQ0e+xwmvw2CW3Y6IvSnNpq5Kw5DIr+qrZce+7xBfQk5joM4
Moka3GJ81vOoIk6hPnNR/diQuWPHpPzcID1e5LhpMtUufzeisHT8ZsPiRTwdUFn5
psXVQNwWLYVwA2CJkiqqN2M/7sR3WcPxOCx7WyG00uWWcO9mGcrj2vPGCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDB5D8YXD/Ej+JTYMT+SqaAJ8wgrMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvTUhrUHhoY1A4U1A0bE5neFA1S3BvQW56Q0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAURUIAwQA
URUOAwQEbe3AAwQDsPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAZLv2/IZwEeq5eElMfQ4W8YSNXL9Vc/+5rIVxr
nPSWQ4TDx7EKtk9hbXoMXJbBb2khYszaUgQZa2RW/+mtj/XrK1eOhjqArxu9XSMT
jRPQQPgxAMfp3cgKfmb8YZK/0fbSSiiGkoaP4iRR5QeViG4fnKtUhvuyVWAi+/Vy
NzEZU4pxX30yWvMeOPrKN51U/cEy0n9ngVPjMDnTrnqKhJ+GOT4fYwmbsmy1XBj4
HKEhEA8886sTMXn69Fgecn27dGpZbvZSVNzmX3nlhC1pkQTv9tplsOzU68smWegX
DpVXOILt1NvxCQ2osEPc7bOEoXn0mytr3WwNZoETXuYN3+Qw
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:31:18 2024 by rpki-client on console-fra.rpki-client.org