Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa
File: MqpvYWBE1L0W3tHVq9wHDGidZCM.roa (raw, json)
Hash identifier: dXEcqvjOBlzlXnZETeK/oUdYW/Oyv1r/WufmaBAkKtk=
Subject key identifier: 32:AA:6F:61:60:44:D4:BD:16:DE:D1:D5:AB:DC:07:0C:68:9D:64:23
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018EF51B3969C454E5463DD46EAE432E2547
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa
Signing time: Fri 19 Apr 2024 06:46:25 +0000
ROA not before: Fri 19 Apr 2024 06:46:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25311
IP address blocks: 86.105.206.0/23 maxlen: 24
89.34.180.0/22 maxlen: 24
188.209.96.0/20 maxlen: 24
195.182.220.0/23 maxlen: 24
2a03:9c20:2002::/48 maxlen: 56
2a03:9c20:3000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:1b:39:69:c4:54:e5:46:3d:d4:6e:ae:43:2e:25:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Apr 19 06:46:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32aa6f616044d4bd16ded1d5abdc070c689d6423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5b:d7:73:6b:80:ac:ac:50:74:16:ac:3d:28:
34:70:22:3b:51:cb:bb:52:64:29:a5:e6:63:87:df:
fa:b9:9b:3b:6c:85:90:50:45:4e:4b:9b:df:cb:02:
cf:b9:98:e7:af:fe:e0:2f:0e:c9:31:c7:4a:44:5c:
6e:34:a9:67:1b:1a:bd:a3:94:33:05:d8:d2:1e:3c:
b0:ad:e7:5c:eb:09:90:01:61:6d:54:85:07:3e:07:
52:1e:e1:2f:d7:6f:4f:e3:32:6e:d2:e8:19:21:5d:
24:f6:d5:23:a0:d5:d7:ca:5a:7e:4e:64:a5:7e:8c:
8f:0f:01:cf:fb:a0:82:0a:32:23:89:35:03:29:86:
64:d5:19:c3:93:8f:d5:a9:31:45:8f:1f:6e:e1:7d:
bf:87:0e:35:48:96:d2:70:64:69:e0:9b:7f:9e:ed:
7d:fe:84:cd:85:0f:e9:5a:3a:0b:e8:dd:dc:05:f6:
56:b4:88:5d:cc:0e:4c:7c:4a:a7:5e:04:20:49:fd:
3b:46:bd:3b:80:80:e0:44:54:42:60:a9:f9:7d:1b:
c5:10:0e:7f:f2:04:55:5a:76:5b:2b:e1:d4:b4:59:
90:57:26:36:b0:22:25:9e:75:fa:2f:03:a5:46:9c:
cb:45:25:db:5c:a5:e4:18:db:f3:2a:5e:8b:09:16:
8c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AA:6F:61:60:44:D4:BD:16:DE:D1:D5:AB:DC:07:0C:68:9D:64:23
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/MqpvYWBE1L0W3tHVq9wHDGidZCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.206.0/23
89.34.180.0/22
188.209.96.0/20
195.182.220.0/23
IPv6:
2a03:9c20:2002::/48
2a03:9c20:3000::/36
Signature Algorithm: sha256WithRSAEncryption
35:67:01:a9:2e:dd:77:2d:27:c0:e5:aa:e0:6a:db:eb:76:c1:
15:f6:9b:14:f3:87:46:81:9a:4f:02:ae:d4:45:6c:08:1f:a3:
fa:60:59:a3:39:03:4d:26:f8:49:9f:41:0f:4e:a9:06:28:59:
05:d7:4c:65:96:0d:b1:ae:b7:28:72:25:b3:c3:76:9d:96:2c:
7d:26:b9:50:a8:1d:f4:26:7f:e3:22:ce:f8:95:8a:8a:22:aa:
49:8d:f8:ec:8e:59:4d:3c:b5:f4:66:a0:e5:e9:c7:32:87:2e:
b3:5d:ae:db:86:0b:ae:23:29:35:36:8a:e2:dc:79:55:29:21:
69:78:b4:f8:cf:ac:03:eb:a1:47:a9:93:5c:6b:2e:9c:63:db:
e4:ce:9c:4e:b0:32:c7:45:54:f3:89:b9:95:84:d6:5f:4b:d7:
3e:e7:30:a0:d1:d5:3c:ec:88:06:26:5e:6e:a6:3e:91:41:f9:
80:4f:ff:5d:f3:7c:5b:35:8f:42:9f:5e:27:cc:81:15:5c:10:
d3:e7:f0:52:d3:8b:e1:75:90:fd:11:e9:2b:6d:9c:ba:6c:43:
04:91:e5:f2:97:3c:f9:ef:f9:59:f1:66:6c:a6:14:cc:be:94:
e7:e0:e0:a7:36:40:92:a2:d3:ec:3d:99:94:07:9b:ce:fb:3d:
d0:8f:6c:04
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY71GzlpxFTlRj3Ubq5DLiVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQwNDE5MDY0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFhNmY2MTYwNDRkNGJkMTZkZWQxZDVhYmRjMDcwYzY4OWQ2NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVvXc2uArKxQdBasPSg0cCI7Ucu7
UmQppeZjh9/6uZs7bIWQUEVOS5vfywLPuZjnr/7gLw7JMcdKRFxuNKlnGxq9o5Qz
BdjSHjywredc6wmQAWFtVIUHPgdSHuEv129P4zJu0ugZIV0k9tUjoNXXylp+TmSl
foyPDwHP+6CCCjIjiTUDKYZk1RnDk4/VqTFFjx9u4X2/hw41SJbScGRp4Jt/nu19
/oTNhQ/pWjoL6N3cBfZWtIhdzA5MfEqnXgQgSf07Rr07gIDgRFRCYKn5fRvFEA5/
8gRVWnZbK+HUtFmQVyY2sCIlnnX6LwOlRpzLRSXbXKXkGNvzKl6LCRaMyQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDKqb2FgRNS9Ft7R1avcBwxonWQjMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvTXFwdllXQkUxTDBXM3RIVnE5d0hER2lkWkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQBVmnOAwQC
WSK0AwQEvNFgAwQBw7bcMBcEAgACMBEDBwAqA5wgIAIDBgQqA5wgMDANBgkqhkiG
9w0BAQsFAAOCAQEANWcBqS7ddy0nwOWq4Grb63bBFfabFPOHRoGaTwKu1EVsCB+j
+mBZozkDTSb4SZ9BD06pBihZBddMZZYNsa63KHIls8N2nZYsfSa5UKgd9CZ/4yLO
+JWKiiKqSY347I5ZTTy19Gag5enHMocus12u24YLriMpNTaK4tx5VSkhaXi0+M+s
A+uhR6mTXGsunGPb5M6cTrAyx0VU84m5lYTWX0vXPucwoNHVPOyIBiZebqY+kUH5
gE//XfN8WzWPQp9eJ8yBFVwQ0+fwUtOL4XWQ/RHpK22cumxDBJHl8pc8+e/5WfFm
bKYUzL6U5+DgpzZAkqLT7D2ZlAebzvs90I9sBA==
-----END CERTIFICATE-----
Generated at Fri Apr 26 09:06:14 2024 by rpki-client on console-ams.rpki-client.org