Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/Meagup66JRu5SbvxueDsIHTLXOU.roa
File: Meagup66JRu5SbvxueDsIHTLXOU.roa (raw, json)
Hash identifier: 3mazj32yrtkkddyG6bTwZVsDDPYPiLx1feWnShzPQmE=
Subject key identifier: 31:E6:A0:BA:9E:BA:25:1B:B9:49:BB:F1:B9:E0:EC:20:74:CB:5C:E5
Certificate issuer: /CN=54b8e04b0e1a4d4e3a28df15eb58493e76377eb0
Certificate serial: 018CC49363C7AAD6587F975F9A74C4B32962
Authority key identifier: 54:B8:E0:4B:0E:1A:4D:4E:3A:28:DF:15:EB:58:49:3E:76:37:7E:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLjgSw4aTU46KN8V61hJPnY3frA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/Meagup66JRu5SbvxueDsIHTLXOU.roa
Signing time: Mon 01 Jan 2024 10:30:42 +0000
ROA not before: Mon 01 Jan 2024 10:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41698
IP address blocks: 95.128.208.0/21 maxlen: 21
193.227.124.0/24 maxlen: 24
194.62.220.0/24 maxlen: 24
2a02:608::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/VLjgSw4aTU46KN8V61hJPnY3frA.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/VLjgSw4aTU46KN8V61hJPnY3frA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VLjgSw4aTU46KN8V61hJPnY3frA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:63:c7:aa:d6:58:7f:97:5f:9a:74:c4:b3:29:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b8e04b0e1a4d4e3a28df15eb58493e76377eb0
Validity
Not Before: Jan 1 10:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31e6a0ba9eba251bb949bbf1b9e0ec2074cb5ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:70:41:74:2e:81:83:75:bd:b4:c1:ff:44:
92:6f:f4:e7:38:17:3d:12:54:22:5c:76:9d:98:83:
ab:46:28:25:df:d6:eb:01:81:b8:ce:d5:49:5b:69:
23:ff:7f:58:57:c8:10:4c:aa:f9:3a:43:17:ab:0e:
ab:86:73:1e:9f:ae:38:5b:45:1d:4f:9c:c4:44:e7:
b5:a7:dc:f8:e2:31:ef:0e:5c:9a:76:9c:25:7e:6f:
1a:cd:11:e8:b6:0e:e9:e0:7a:f9:b8:d8:f3:a8:22:
90:7e:1e:ba:1d:e7:e9:09:0c:a5:1f:3b:79:fc:fa:
81:fc:01:e8:41:1f:74:59:1d:f3:f1:05:45:8b:aa:
13:19:c3:53:1c:9a:3b:d1:b9:ea:a3:19:53:fe:8a:
96:1a:f6:2e:24:3b:f0:60:d3:9e:cb:93:c8:1d:93:
70:92:c2:9a:ae:76:a3:02:d4:b7:7b:68:f0:b7:11:
69:36:a2:58:80:ac:bd:90:10:7f:11:71:3a:1b:7a:
60:c3:68:e1:c1:08:a2:03:a8:33:2f:b5:5e:1d:30:
92:d8:f7:bc:58:3b:bf:8a:c2:93:23:08:2f:0b:fd:
43:1f:2e:44:f7:8e:f6:ed:57:7a:8a:48:ea:24:a7:
d2:92:29:d0:75:85:9b:82:5c:44:22:0e:a5:d5:f9:
d3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E6:A0:BA:9E:BA:25:1B:B9:49:BB:F1:B9:E0:EC:20:74:CB:5C:E5
X509v3 Authority Key Identifier:
keyid:54:B8:E0:4B:0E:1A:4D:4E:3A:28:DF:15:EB:58:49:3E:76:37:7E:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLjgSw4aTU46KN8V61hJPnY3frA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/Meagup66JRu5SbvxueDsIHTLXOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b72b97-f9a5-4486-aaab-63916f7f174b/1/VLjgSw4aTU46KN8V61hJPnY3frA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.208.0/21
193.227.124.0/24
194.62.220.0/24
IPv6:
2a02:608::/32
Signature Algorithm: sha256WithRSAEncryption
84:b9:e1:cf:6c:d1:d4:68:1f:3d:5b:30:bb:9c:2a:a7:52:c8:
8e:d6:6c:b9:af:70:fd:25:ba:15:15:d4:ff:79:ab:a9:f5:1d:
13:05:bd:6e:c9:5d:25:ff:df:fc:12:2d:2e:e5:1e:18:13:2d:
f7:02:63:5b:8f:48:55:df:0a:63:35:08:e8:51:ac:aa:d6:dd:
9b:85:3f:b5:f0:6a:4a:1b:6e:8c:f4:33:49:6c:51:fd:a5:03:
e6:b2:77:ca:ab:36:41:b0:6d:75:63:a4:dd:f9:fd:b9:85:16:
48:ff:a7:4a:2e:80:71:8b:b5:ae:63:7b:0e:ff:bf:4c:93:36:
bc:72:f4:0b:cd:2d:e1:86:e0:6e:98:f8:6a:d7:b9:19:82:0b:
b2:fe:93:60:39:46:2e:52:57:1d:19:ec:69:a6:29:44:23:8e:
29:23:8c:ed:85:58:8e:dc:5a:42:fe:67:9d:2d:c1:e4:f7:2a:
b6:a0:c3:35:79:28:98:df:66:ad:8f:d0:8f:c0:51:7a:b4:ed:
49:bf:8a:be:60:29:ae:a5:aa:2d:f2:3d:2d:21:71:af:43:60:
93:4e:ba:c2:67:d5:d0:12:90:2c:c2:30:29:1b:20:df:fd:23:
46:b6:fc:f4:e3:67:a5:f9:59:e3:1d:6a:8e:bf:e1:fe:0e:02:
35:67:4a:49
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEk2PHqtZYf5dfmnTEsyliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjhlMDRiMGUxYTRkNGUzYTI4ZGYxNWViNTg0OTNlNzYz
NzdlYjAwHhcNMjQwMTAxMTAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU2YTBiYTllYmEyNTFiYjk0OWJiZjFiOWUwZWMyMDc0Y2I1Y2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslpwQXQugYN1vbTB/0SSb/TnOBc9
ElQiXHadmIOrRigl39brAYG4ztVJW2kj/39YV8gQTKr5OkMXqw6rhnMen644W0Ud
T5zEROe1p9z44jHvDlyadpwlfm8azRHotg7p4Hr5uNjzqCKQfh66HefpCQylHzt5
/PqB/AHoQR90WR3z8QVFi6oTGcNTHJo70bnqoxlT/oqWGvYuJDvwYNOey5PIHZNw
ksKarnajAtS3e2jwtxFpNqJYgKy9kBB/EXE6G3pgw2jhwQiiA6gzL7VeHTCS2Pe8
WDu/isKTIwgvC/1DHy5E94727Vd6ikjqJKfSkinQdYWbglxEIg6l1fnTQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDHmoLqeuiUbuUm78bng7CB0y1zlMB8GA1UdIwQY
MBaAFFS44EsOGk1OOijfFetYST52N36wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxqZ1N3NGFUVTQ2S044VjYxaEpQblkzZnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNzJiOTctZjlhNS00NDg2LWFhYWIt
NjM5MTZmN2YxNzRiLzEvTWVhZ3VwNjZKUnU1U2J2eHVlRHNJSFRMWE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNzJiOTctZjlhNS00NDg2LWFhYWItNjM5MTZmN2YxNzRi
LzEvVkxqZ1N3NGFUVTQ2S044VjYxaEpQblkzZnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4DQAwQA
weN8AwQAwj7cMA0EAgACMAcDBQAqAgYIMA0GCSqGSIb3DQEBCwUAA4IBAQCEueHP
bNHUaB89WzC7nCqnUsiO1my5r3D9JboVFdT/eaup9R0TBb1uyV0l/9/8Ei0u5R4Y
Ey33AmNbj0hV3wpjNQjoUayq1t2bhT+18GpKG26M9DNJbFH9pQPmsnfKqzZBsG11
Y6Td+f25hRZI/6dKLoBxi7WuY3sO/79Mkza8cvQLzS3hhuBumPhq17kZgguy/pNg
OUYuUlcdGexppilEI44pI4zthViO3FpC/medLcHk9yq2oMM1eSiY32atj9CPwFF6
tO1Jv4q+YCmupaot8j0tIXGvQ2CTTrrCZ9XQEpAswjApGyDf/SNGtvz042el+Vnj
HWqOv+H+DgI1Z0pJ
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:00:27 2024 by rpki-client on console-fra.rpki-client.org