Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mEngIS5ZmTUCZbDf6Dfbeys18Zw.roa
File: mEngIS5ZmTUCZbDf6Dfbeys18Zw.roa (raw, json)
Hash identifier: DKaeWpdddEQfhHP5OgTQFq9sIAS9PNO/2OTn0m5V7bU=
Subject key identifier: 98:49:E0:21:2E:59:99:35:02:65:B0:DF:E8:37:DB:7B:2B:35:F1:9C
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72DF13063FF0A0CA70A357F4C530D
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mEngIS5ZmTUCZbDf6Dfbeys18Zw.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9180
IP address blocks: 195.101.188.0/24 maxlen: 24
195.101.189.0/24 maxlen: 24
194.250.118.0/24 maxlen: 24
194.3.190.0/24 maxlen: 24
217.109.127.0/24 maxlen: 24
194.206.120.0/24 maxlen: 24
195.101.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2d:f1:30:63:ff:0a:0c:a7:0a:35:7f:4c:53:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9849e0212e5999350265b0dfe837db7b2b35f19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f9:87:63:63:5a:3f:10:4e:76:03:da:c5:65:
97:31:77:f8:08:78:15:a6:7d:d6:b8:db:d1:8f:2f:
97:6e:95:35:e8:e2:a0:db:5f:17:1f:bd:7a:c5:54:
8e:d0:3a:83:ef:2b:de:a2:71:7f:8e:57:da:68:b6:
f1:cc:6e:2a:4d:3b:7f:af:5b:c8:f4:de:d1:97:2b:
6e:79:37:0c:08:94:a2:56:d3:00:e3:6b:51:3d:d1:
81:b7:3c:86:64:d2:8e:cf:58:2a:bb:30:6b:ac:7a:
15:4c:cc:99:b8:3f:59:76:8f:80:38:60:72:0a:cf:
20:47:4f:62:ee:48:65:d0:37:7e:d6:40:4c:24:f3:
0d:0a:55:50:e8:2c:d7:9f:af:49:d5:61:98:52:4d:
b5:e4:1b:37:82:c4:91:48:ea:22:54:29:17:19:28:
a0:36:dc:fe:75:85:f1:eb:2d:92:d5:c8:da:c6:22:
0b:96:0e:65:69:e7:2b:ed:78:f9:24:1e:48:dd:58:
8f:90:ce:48:a9:c2:fe:23:bc:d8:8a:27:85:1f:1d:
43:4f:83:9f:8a:5b:2e:62:b0:30:45:fd:c8:8f:78:
f2:cf:ae:4e:a9:1b:08:9f:5c:87:d4:cf:54:78:f9:
da:e4:8b:c6:ab:bb:af:f7:35:b1:32:3b:f5:14:55:
ee:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:49:E0:21:2E:59:99:35:02:65:B0:DF:E8:37:DB:7B:2B:35:F1:9C
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/mEngIS5ZmTUCZbDf6Dfbeys18Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.3.190.0/24
194.206.120.0/24
194.250.118.0/24
195.101.64.0/24
195.101.188.0/23
217.109.127.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:36:bc:33:76:c3:ef:ab:17:7c:f6:1e:7c:f1:7d:4a:5e:6a:
7f:91:e3:48:2a:76:d9:12:58:29:2f:7e:73:6b:5f:a6:30:e9:
df:14:e4:de:37:7a:3e:c2:c9:c1:6f:4a:09:62:a2:ad:fe:d8:
0a:fd:05:1c:2b:25:a0:58:f0:5c:dd:79:d0:21:b8:14:fc:72:
26:c5:58:f1:0a:10:3a:6f:c3:23:a8:45:80:3a:a0:74:f2:68:
a5:ad:c9:d7:03:26:d2:9b:ed:ec:8e:63:f9:5a:7a:16:c7:e9:
5b:32:b7:fd:9c:46:ff:e8:66:c8:a8:8e:0b:d0:9b:d9:6a:92:
67:88:fd:88:2c:cc:22:5b:e5:cd:b8:a9:c0:9e:fd:4c:13:73:
57:9d:f7:6f:39:f0:1d:2e:28:35:87:98:bf:6d:65:97:20:4a:
75:f8:bd:dd:a7:24:7b:f3:8f:93:4a:1c:4e:ba:21:f4:a2:af:
28:50:d0:a3:54:ae:b8:d8:b9:ae:11:a0:48:1f:05:d1:6b:5c:
8c:7a:b7:9f:04:34:48:d2:e5:9e:50:fc:96:fe:ed:1c:9e:64:
c3:54:c2:93:1f:a6:06:1a:b7:3a:b4:3c:2f:ec:c1:4d:ed:a8:
cf:e0:c0:07:53:49:46:25:41:20:b7:d8:c6:ee:c4:35:d0:29:
e7:aa:c1:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDty3xMGP/CgynCjV/TFMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ5ZTAyMTJlNTk5OTM1MDI2NWIwZGZlODM3ZGI3YjJiMzVmMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfmHY2NaPxBOdgPaxWWXMXf4CHgV
pn3WuNvRjy+XbpU16OKg218XH716xVSO0DqD7yveonF/jlfaaLbxzG4qTTt/r1vI
9N7RlytueTcMCJSiVtMA42tRPdGBtzyGZNKOz1gquzBrrHoVTMyZuD9Zdo+AOGBy
Cs8gR09i7khl0Dd+1kBMJPMNClVQ6CzXn69J1WGYUk215Bs3gsSRSOoiVCkXGSig
Ntz+dYXx6y2S1cjaxiILlg5laecr7Xj5JB5I3ViPkM5IqcL+I7zYiieFHx1DT4Of
ilsuYrAwRf3Ij3jyz65OqRsIn1yH1M9UePna5IvGq7uv9zWxMjv1FFXu2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJhJ4CEuWZk1AmWw3+g323srNfGcMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvbUVuZ0lTNVptVFVDWmJEZjZEZmJleXMxOFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwgO+AwQA
ws54AwQAwvp2AwQAw2VAAwQBw2W8AwQA2W1/MA0GCSqGSIb3DQEBCwUAA4IBAQAu
NrwzdsPvqxd89h588X1KXmp/keNIKnbZElgpL35za1+mMOnfFOTeN3o+wsnBb0oJ
YqKt/tgK/QUcKyWgWPBc3XnQIbgU/HImxVjxChA6b8MjqEWAOqB08milrcnXAybS
m+3sjmP5WnoWx+lbMrf9nEb/6GbIqI4L0JvZapJniP2ILMwiW+XNuKnAnv1ME3NX
nfdvOfAdLig1h5i/bWWXIEp1+L3dpyR784+TShxOuiH0oq8oUNCjVK642LmuEaBI
HwXRa1yMerefBDRI0uWeUPyW/u0cnmTDVMKTH6YGGrc6tDwv7MFN7ajP4MAHU0lG
JUEgt9jG7sQ10CnnqsHC
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:00 2024 by rpki-client on console-fra.rpki-client.org