Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/1DkMQysxmZYwcLX2PCGh3Dgk7jk.roa
File: 1DkMQysxmZYwcLX2PCGh3Dgk7jk.roa (raw, json)
Hash identifier: mhCQyeMBZFqco+M2itqfi+i+gfLfKR/d4X7Vcu8ciUo=
Subject key identifier: D4:39:0C:43:2B:31:99:96:30:70:B5:F6:3C:21:A1:DC:38:24:EE:39
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 018CC4247BA339DEE54F30F3B20BCC3A13CB
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/1DkMQysxmZYwcLX2PCGh3Dgk7jk.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34606
IP address blocks: 77.108.0.0/18 maxlen: 18
85.208.232.0/22 maxlen: 22
194.116.0.0/18 maxlen: 18
88.87.96.0/19 maxlen: 19
185.73.244.0/22 maxlen: 22
95.140.136.0/21 maxlen: 21
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
185.127.32.0/22 maxlen: 22
194.176.126.0/24 maxlen: 24
81.30.0.0/20 maxlen: 20
85.159.176.0/21 maxlen: 21
77.72.32.0/21 maxlen: 21
2a03:4560::/32 maxlen: 32
2a06:8580::/29 maxlen: 29
2a02:260::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7b:a3:39:de:e5:4f:30:f3:b2:0b:cc:3a:13:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4390c432b3199963070b5f63c21a1dc3824ee39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:b5:2f:4a:e9:42:ad:8b:e0:4e:c8:3b:f6:
19:69:ea:1f:24:a6:9f:2b:24:97:51:db:86:0f:50:
21:4d:a9:93:43:55:c1:37:df:f6:cf:e6:6f:44:fc:
29:14:97:a2:94:96:c0:70:3e:09:af:2c:41:46:f0:
75:0b:31:3f:45:3f:98:54:d9:c9:73:82:24:2b:dd:
6d:e8:d2:0c:b7:a8:07:c6:93:9a:1d:3d:36:54:19:
78:f2:0f:10:ba:fc:70:ea:ed:fa:a2:17:9a:88:c7:
af:64:9e:65:d0:bc:14:48:90:a4:5b:84:d9:41:a7:
54:e7:f9:25:2a:71:d3:ec:81:f6:c1:7e:ea:24:91:
e5:9a:a8:08:58:a0:fe:8c:34:f6:1e:99:be:29:ff:
03:cb:55:80:5b:49:ee:ea:c2:50:37:28:61:dd:c3:
b4:1c:66:13:e5:89:b5:9f:3d:8a:44:50:80:4f:05:
44:2d:a1:1d:6b:d5:72:6b:39:3e:2b:68:1a:3d:8a:
22:98:12:5e:2d:ea:c1:f2:df:d6:65:85:38:55:93:
d8:9b:bd:88:1a:1a:0f:12:d6:9d:27:44:47:89:c9:
68:05:ee:3e:0a:86:54:47:1e:98:4b:df:22:34:f0:
c0:63:06:f3:4e:88:b6:90:b6:a5:e3:28:52:59:0c:
31:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:39:0C:43:2B:31:99:96:30:70:B5:F6:3C:21:A1:DC:38:24:EE:39
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/1DkMQysxmZYwcLX2PCGh3Dgk7jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
81.30.0.0/20
82.215.128.0/18
85.159.176.0/21
85.208.232.0/22
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
185.127.32.0/22
194.116.0.0/18
194.176.126.0/24
IPv6:
2a02:260::/32
2a03:4560::/32
2a06:8580::/29
Signature Algorithm: sha256WithRSAEncryption
82:fe:2f:a4:64:28:86:cf:bc:78:8a:aa:ce:b9:13:05:76:65:
d1:67:07:a0:aa:bc:36:61:20:a4:fb:48:2a:c0:ff:34:6b:5e:
1c:6e:15:b7:41:8c:a2:c0:4b:8b:2e:e4:2f:46:8e:3c:f1:0f:
0b:3b:55:59:7d:64:77:eb:63:42:ad:d3:f2:3a:7f:37:47:eb:
f9:a1:18:6f:69:06:9b:28:2b:30:2d:d3:e0:4d:d5:6b:0c:2e:
23:42:1b:c1:1b:d5:70:e5:ef:03:0b:31:07:eb:ce:ca:d3:c7:
0c:9f:13:fb:7c:88:53:8e:6c:11:65:26:8c:9a:dd:b1:53:ab:
0b:0f:af:cb:52:97:da:7d:e9:bd:21:19:69:6f:99:55:78:5e:
43:e4:bd:3b:10:ab:a5:be:18:3c:d2:41:9e:b1:3e:ac:8f:49:
01:51:dd:17:f6:c2:26:65:cc:be:e9:f9:49:d5:39:34:2f:94:
6a:ba:ea:02:51:63:f1:94:46:be:b4:59:d3:dc:d0:93:c5:a8:
a8:96:c2:d9:23:95:59:13:4a:0b:d0:0a:dd:b5:7d:43:7a:db:
c3:15:f2:75:20:70:5f:4a:a9:62:d1:26:26:23:8a:0c:05:32:
54:0c:03:dd:71:7a:e8:4b:f3:80:a1:3d:e9:e7:3d:ac:f9:f7:
83:12:e3:12
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzEJHujOd7lTzDzsgvMOhPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM5MGM0MzJiMzE5OTk2MzA3MGI1ZjYzYzIxYTFkYzM4MjRlZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJG1L0rpQq2L4E7IO/YZaeofJKaf
KySXUduGD1AhTamTQ1XBN9/2z+ZvRPwpFJeilJbAcD4JryxBRvB1CzE/RT+YVNnJ
c4IkK91t6NIMt6gHxpOaHT02VBl48g8Quvxw6u36oheaiMevZJ5l0LwUSJCkW4TZ
QadU5/klKnHT7IH2wX7qJJHlmqgIWKD+jDT2Hpm+Kf8Dy1WAW0nu6sJQNyhh3cO0
HGYT5Ym1nz2KRFCATwVELaEda9Vyazk+K2gaPYoimBJeLerB8t/WZYU4VZPYm72I
GhoPEtadJ0RHicloBe4+CoZURx6YS98iNPDAYwbzToi2kLal4yhSWQwxXwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFNQ5DEMrMZmWMHC19jwhodw4JO45MB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvMURrTVF5c3htWll3Y0xYMlBDR2gzRGdrN2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEA01IIAME
Bk1sAAMEBFEeAAMEBlLXgAMEA1WfsAMEAlXQ6AMEBVhXYAMEA1+MiAMEArlJ9AME
Arl12AMEArl/IAMEBsJ0AAMEAMKwfjAbBAIAAjAVAwUAKgICYAMFACoDRWADBQMq
BoWAMA0GCSqGSIb3DQEBCwUAA4IBAQCC/i+kZCiGz7x4iqrOuRMFdmXRZwegqrw2
YSCk+0gqwP80a14cbhW3QYyiwEuLLuQvRo488Q8LO1VZfWR362NCrdPyOn83R+v5
oRhvaQabKCswLdPgTdVrDC4jQhvBG9Vw5e8DCzEH687K08cMnxP7fIhTjmwRZSaM
mt2xU6sLD6/LUpfafem9IRlpb5lVeF5D5L07EKulvhg80kGesT6sj0kBUd0X9sIm
Zcy+6flJ1Tk0L5RquuoCUWPxlEa+tFnT3NCTxaiolsLZI5VZE0oL0ArdtX1DetvD
FfJ1IHBfSqli0SYmI4oMBTJUDAPdcXroS/OAoT3p5z2s+feDEuMS
-----END CERTIFICATE-----
Generated at Fri Nov 15 23:29:46 2024 by rpki-client on console-fra.rpki-client.org