Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/MgFzPXYO-3Fvd_Y9Pw1u4tZIrB0.roa
File: MgFzPXYO-3Fvd_Y9Pw1u4tZIrB0.roa (raw, json)
Hash identifier: wsP1DuSsf8JIE24UeNyo60Djw6zszgxXTLMfUlZqs84=
Subject key identifier: 32:01:73:3D:76:0E:FB:71:6F:77:F6:3D:3F:0D:6E:E2:D6:48:AC:1D
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018ED14F6C2DC6F64898EA98C04437539B1C
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/MgFzPXYO-3Fvd_Y9Pw1u4tZIrB0.roa
Signing time: Fri 12 Apr 2024 07:57:06 +0000
ROA not before: Fri 12 Apr 2024 07:57:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 193.203.50.0/23 maxlen: 23
193.203.50.0/24 maxlen: 24
193.203.51.0/24 maxlen: 24
195.211.40.0/23 maxlen: 23
2a13:f580:5::/48 maxlen: 48
2a13:f580:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 01:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:4f:6c:2d:c6:f6:48:98:ea:98:c0:44:37:53:9b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 12 07:57:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3201733d760efb716f77f63d3f0d6ee2d648ac1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:29:e9:58:d9:61:b8:29:21:57:b9:87:23:8e:
d3:bb:d3:1c:d6:2f:db:b2:f6:5c:dc:40:b7:61:80:
03:b5:1f:92:9c:eb:fc:24:f1:bd:93:cf:84:40:5b:
e7:9c:9f:35:6a:ea:9f:fe:4c:77:59:6e:ab:f7:1b:
20:d2:00:0f:a8:64:04:f8:e5:e7:b3:7e:19:96:0e:
53:9a:77:70:64:77:aa:0b:54:d6:fb:9e:54:f8:13:
27:c3:c6:92:ae:56:14:bf:f9:80:b3:4f:8a:25:f9:
ae:36:8a:56:2b:ef:6f:10:b1:7e:76:57:e5:a1:d4:
45:d8:a3:65:be:2a:e6:94:a4:38:4a:e2:e0:c9:55:
c6:11:4d:9b:12:3f:35:74:aa:dc:ff:ba:d0:24:de:
42:fe:e1:57:65:99:90:ea:93:87:10:ec:c0:52:ba:
f3:96:2d:23:b3:68:e5:ee:4c:16:d1:b9:d1:2f:da:
cc:fd:f4:64:40:77:5f:1c:4e:8e:98:1a:a0:f8:19:
5e:74:78:6c:46:d7:3c:49:17:26:10:68:f2:07:60:
52:d3:71:d5:bc:8e:4a:0e:69:b9:10:5e:e3:1c:9b:
ee:41:21:8a:80:5a:e1:67:a5:79:ee:d2:90:d1:d3:
b8:f1:ca:af:3c:39:85:70:25:ff:c1:44:1b:b1:c6:
98:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:01:73:3D:76:0E:FB:71:6F:77:F6:3D:3F:0D:6E:E2:D6:48:AC:1D
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/MgFzPXYO-3Fvd_Y9Pw1u4tZIrB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.50.0/23
195.211.40.0/23
IPv6:
2a13:f580:5::/48
2a13:f580:7::/48
Signature Algorithm: sha256WithRSAEncryption
a5:6c:3a:d6:2b:d2:b9:ed:2f:f0:e3:a6:98:f2:c0:01:e2:16:
a5:0a:fd:96:c3:bd:48:13:64:3d:43:d1:18:1e:b8:f3:78:87:
a3:54:98:5d:71:7d:31:6f:58:df:25:e8:7d:9c:f1:bd:1a:f2:
c6:be:8e:f9:82:ad:7b:d6:99:c4:e7:e4:ab:b6:7c:96:89:35:
64:ba:a3:2c:a1:31:58:d5:fb:af:6c:1d:39:b2:84:bf:4e:30:
0c:0c:74:c2:35:a8:f1:65:15:77:c3:da:e3:6a:98:16:9c:89:
3e:76:b1:7f:0f:c9:a9:18:85:0e:ef:6e:a4:3f:62:b5:38:e4:
8b:33:97:a5:e3:52:11:18:0c:40:50:89:1f:26:36:5a:a3:61:
73:df:95:7e:c1:aa:82:af:18:79:e5:e7:d1:5d:3a:4f:8b:5b:
5f:3c:7e:3c:26:c5:05:95:00:d3:05:8c:34:78:46:c9:23:26:
fa:28:62:63:af:3c:e5:c7:d3:b8:0d:e0:8c:1c:d6:b7:49:6e:
dd:ce:3f:50:7c:c4:cb:fa:b8:d7:c3:64:8b:75:0d:77:ea:df:
35:50:b1:6e:ea:cb:c9:24:cb:ee:c9:34:02:73:bb:e7:e9:52:
57:68:a0:7a:58:58:3a:90:e8:00:7e:f8:da:d3:67:1d:7a:ec:
eb:96:a9:d4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY7RT2wtxvZImOqYwEQ3U5scMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjQwNDEyMDc1NzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAxNzMzZDc2MGVmYjcxNmY3N2Y2M2QzZjBkNmVlMmQ2NDhhYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAginpWNlhuCkhV7mHI47Tu9Mc1i/b
svZc3EC3YYADtR+SnOv8JPG9k8+EQFvnnJ81auqf/kx3WW6r9xsg0gAPqGQE+OXn
s34Zlg5TmndwZHeqC1TW+55U+BMnw8aSrlYUv/mAs0+KJfmuNopWK+9vELF+dlfl
odRF2KNlvirmlKQ4SuLgyVXGEU2bEj81dKrc/7rQJN5C/uFXZZmQ6pOHEOzAUrrz
li0js2jl7kwW0bnRL9rM/fRkQHdfHE6OmBqg+BledHhsRtc8SRcmEGjyB2BS03HV
vI5KDmm5EF7jHJvuQSGKgFrhZ6V57tKQ0dO48cqvPDmFcCX/wUQbscaYbwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDIBcz12Dvtxb3f2PT8NbuLWSKwdMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvTWdGelBYWU8tM0Z2ZF9ZOVB3MXU0dFpJckIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBwcsyAwQB
w9MoMBgEAgACMBIDBwAqE/WAAAUDBwAqE/WAAAcwDQYJKoZIhvcNAQELBQADggEB
AKVsOtYr0rntL/DjppjywAHiFqUK/ZbDvUgTZD1D0RgeuPN4h6NUmF1xfTFvWN8l
6H2c8b0a8sa+jvmCrXvWmcTn5Ku2fJaJNWS6oyyhMVjV+69sHTmyhL9OMAwMdMI1
qPFlFXfD2uNqmBaciT52sX8PyakYhQ7vbqQ/YrU45Iszl6XjUhEYDEBQiR8mNlqj
YXPflX7BqoKvGHnl59FdOk+LW188fjwmxQWVANMFjDR4RskjJvooYmOvPOXH07gN
4Iwc1rdJbt3OP1B8xMv6uNfDZIt1DXfq3zVQsW7qy8kky+7JNAJzu+fpUldooHpY
WDqQ6AB++NrTZx167OuWqdQ=
-----END CERTIFICATE-----
Generated at Tue Jun 4 10:47:40 2024 by rpki-client on console-ams.rpki-client.org