Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/MWrkeyBdAmR9VTpTYbgg2IHSGaA.roa
File: MWrkeyBdAmR9VTpTYbgg2IHSGaA.roa (raw, json)
Hash identifier: N8/9fX2WzSI76m6+dMagGNHmu10QspYlM/v96ehkLBI=
Subject key identifier: 31:6A:E4:7B:20:5D:02:64:7D:55:3A:53:61:B8:20:D8:81:D2:19:A0
Certificate issuer: /CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Certificate serial: 018F100363D750AE57B19AA44235811FA4AE
Authority key identifier: 34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/MWrkeyBdAmR9VTpTYbgg2IHSGaA.roa
Signing time: Wed 24 Apr 2024 12:10:08 +0000
ROA not before: Wed 24 Apr 2024 12:10:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 185.145.184.0/22 maxlen: 22
185.186.48.0/24 maxlen: 24
185.186.49.0/24 maxlen: 24
185.186.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:03:63:d7:50:ae:57:b1:9a:a4:42:35:81:1f:a4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344fdad10ee55b3282a64246a41dc61a8922d25d
Validity
Not Before: Apr 24 12:10:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=316ae47b205d02647d553a5361b820d881d219a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:06:0b:00:51:3f:4f:48:53:ed:27:c9:f8:
ef:06:b0:2e:fd:86:84:50:03:ac:8a:41:41:27:d8:
21:43:d2:4a:1c:7d:15:61:9d:56:30:3a:fa:e6:ae:
ff:76:a2:17:ea:05:5e:db:fd:0b:83:ec:0e:47:c8:
76:df:73:21:64:54:92:e3:86:ce:a1:2e:56:91:b6:
86:b1:d2:de:e5:9d:6b:23:91:e8:bb:9d:56:74:78:
a2:d7:5e:58:1a:8a:d5:25:6f:9e:ae:3f:bf:67:e2:
d6:28:0a:53:ab:98:9e:a1:10:6c:dc:ae:a2:f9:7d:
20:fa:db:4c:e7:9b:a7:dc:af:cd:e0:c9:0b:cb:5a:
bf:8b:1e:b6:68:45:91:1c:d4:06:e3:8f:75:d6:9c:
40:1a:13:b4:db:e6:77:47:b6:a3:92:5d:08:eb:ac:
64:20:c2:9b:f5:04:bc:a0:97:7e:b1:07:f0:c5:db:
2e:0e:5d:89:84:5e:9f:a8:55:18:5b:ca:50:36:2c:
f3:a1:74:7e:5b:a3:1a:0b:d9:ab:99:b1:4d:d5:b8:
20:a3:22:27:8a:30:03:0f:7f:5e:d1:d8:db:13:1a:
cd:fd:32:a7:96:da:85:c1:fa:9d:fa:e6:3d:e7:a6:
da:58:86:b3:6c:0b:de:b9:35:af:14:4a:7f:5b:85:
46:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6A:E4:7B:20:5D:02:64:7D:55:3A:53:61:B8:20:D8:81:D2:19:A0
X509v3 Authority Key Identifier:
keyid:34:4F:DA:D1:0E:E5:5B:32:82:A6:42:46:A4:1D:C6:1A:89:22:D2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE_a0Q7lWzKCpkJGpB3GGoki0l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/MWrkeyBdAmR9VTpTYbgg2IHSGaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/067630-306e-4c37-8bcc-4f021c73ef74/1/NE_a0Q7lWzKCpkJGpB3GGoki0l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.184.0/22
185.186.48.0-185.186.50.255
Signature Algorithm: sha256WithRSAEncryption
2f:ca:f8:af:c7:ef:57:9e:c1:5a:8e:84:5d:02:b3:53:87:e6:
15:6a:96:b3:04:b4:03:83:66:38:e2:29:b1:af:9a:83:8f:a8:
6a:ab:ef:ae:a0:d5:05:fd:d4:25:53:35:ba:e1:d5:5b:92:42:
bf:8c:f8:ab:de:ea:52:71:db:cb:73:85:06:68:8c:83:3c:0f:
0d:e0:3f:41:b7:d0:0a:7d:da:87:3a:f8:98:53:d1:73:a6:5c:
0c:d6:74:21:2f:56:e4:ec:79:01:f9:55:86:e8:cf:79:04:aa:
17:a0:a7:fc:7c:93:fb:c1:70:0f:d7:08:97:08:43:73:88:41:
de:f2:8d:c6:34:46:d5:07:dd:2c:16:4d:91:c4:35:e1:5c:99:
7c:71:9a:e4:24:3a:8f:0e:a2:89:12:de:b6:69:b6:dc:c4:f3:
6c:2d:57:b4:1e:df:04:a8:0c:a6:ef:7b:36:82:d9:39:e2:36:
8c:53:91:0e:e2:86:e4:97:f5:65:c7:a1:63:01:eb:0e:39:37:
20:0f:aa:0c:1d:c9:da:17:c5:d7:3f:bc:5a:c7:d6:ba:0a:a6:
f1:c2:f1:54:29:59:e9:36:a9:04:d1:a3:0f:5a:57:37:55:6b:
14:39:16:a3:01:33:61:73:a8:dc:13:e9:ee:85:89:46:8e:c8:
49:41:c0:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY8QA2PXUK5XsZqkQjWBH6SuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NGZkYWQxMGVlNTViMzI4MmE2NDI0NmE0MWRjNjFhODky
MmQyNWQwHhcNMjQwNDI0MTIxMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZhZTQ3YjIwNWQwMjY0N2Q1NTNhNTM2MWI4MjBkODgxZDIxOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR0GCwBRP09IU+0nyfjvBrAu/YaE
UAOsikFBJ9ghQ9JKHH0VYZ1WMDr65q7/dqIX6gVe2/0Lg+wOR8h233MhZFSS44bO
oS5WkbaGsdLe5Z1rI5Hou51WdHii115YGorVJW+erj+/Z+LWKApTq5ieoRBs3K6i
+X0g+ttM55un3K/N4MkLy1q/ix62aEWRHNQG44911pxAGhO02+Z3R7ajkl0I66xk
IMKb9QS8oJd+sQfwxdsuDl2JhF6fqFUYW8pQNizzoXR+W6MaC9mrmbFN1bggoyIn
ijADD39e0djbExrN/TKnltqFwfqd+uY956baWIazbAveuTWvFEp/W4VGTQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDFq5HsgXQJkfVU6U2G4INiB0hmgMB8GA1UdIwQY
MBaAFDRP2tEO5VsygqZCRqQdxhqJItJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2Mt
NGYwMjFjNzNlZjc0LzEvTVdya2V5QmRBbVI5VlRwVFliZ2cySUhTR2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wNjc2MzAtMzA2ZS00YzM3LThiY2MtNGYwMjFjNzNlZjc0
LzEvTkVfYTBRN2xXektDcGtKR3BCM0dHb2tpMGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuZG4MAwD
BAS5ujADBAC5ujIwDQYJKoZIhvcNAQELBQADggEBAC/K+K/H71eewVqOhF0Cs1OH
5hVqlrMEtAODZjjiKbGvmoOPqGqr766g1QX91CVTNbrh1VuSQr+M+Kve6lJx28tz
hQZojIM8Dw3gP0G30Ap92oc6+JhT0XOmXAzWdCEvVuTseQH5VYboz3kEqhegp/x8
k/vBcA/XCJcIQ3OIQd7yjcY0RtUH3SwWTZHENeFcmXxxmuQkOo8OookS3rZpttzE
82wtV7Qe3wSoDKbvezaC2TniNoxTkQ7ihuSX9WXHoWMB6w45NyAPqgwdydoXxdc/
vFrH1roKpvHC8VQpWek2qQTRow9aVzdVaxQ5FqMBM2FzqNwT6e6FiUaOyElBwME=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:09:27 2024 by rpki-client on console-fra.rpki-client.org