Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/Mfa5v_nu7J04EtrQe8bpEaKltBY.roa
File: Mfa5v_nu7J04EtrQe8bpEaKltBY.roa (raw, json)
Hash identifier: iB/7KptWW5vPXFHXDgRRAgpXNBDaGpGMjZ4Qz9H25SU=
Subject key identifier: 31:F6:B9:BF:F9:EE:EC:9D:38:12:DA:D0:7B:C6:E9:11:A2:A5:B4:16
Certificate issuer: /CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Certificate serial: 0191FF577A7457E7DD1AF8144982BECC76B4
Authority key identifier: AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/Mfa5v_nu7J04EtrQe8bpEaKltBY.roa
Signing time: Tue 17 Sep 2024 09:36:48 +0000
ROA not before: Tue 17 Sep 2024 09:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29222
IP address blocks: 37.156.40.0/21 maxlen: 24
45.157.188.0/22 maxlen: 24
83.166.128.0/19 maxlen: 24
84.16.64.0/19 maxlen: 24
89.47.48.0/22 maxlen: 24
91.214.188.0/22 maxlen: 24
93.88.240.0/20 maxlen: 24
128.65.192.0/21 maxlen: 24
185.74.68.0/22 maxlen: 24
185.125.24.0/22 maxlen: 24
185.143.100.0/22 maxlen: 24
185.172.100.0/22 maxlen: 24
185.176.224.0/22 maxlen: 24
185.177.60.0/22 maxlen: 24
185.181.160.0/22 maxlen: 24
188.213.128.0/22 maxlen: 24
193.108.52.0/22 maxlen: 24
193.111.233.0/24 maxlen: 24
193.128.7.0/24 maxlen: 24
193.134.93.0/24 maxlen: 24
193.134.250.0/24 maxlen: 24
195.15.192.0/18 maxlen: 24
2001:1600::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:57:7a:74:57:e7:dd:1a:f8:14:49:82:be:cc:76:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aef1eefaa757d38eb104fa4cba4d962b72e52b52
Validity
Not Before: Sep 17 09:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31f6b9bff9eeec9d3812dad07bc6e911a2a5b416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:40:1d:8a:19:07:62:4d:fb:ad:78:eb:29:d2:
68:6f:01:84:bd:2a:6c:e1:b3:a7:2e:d1:9a:08:e4:
62:92:96:ee:7b:bb:fe:99:f6:7a:8b:10:e7:04:65:
16:64:c1:50:2d:ac:02:7e:62:43:1b:46:8c:b6:2d:
d9:a6:92:df:cf:fc:08:6c:61:57:83:09:0d:8e:b4:
83:83:d4:56:4a:45:9d:13:f7:6b:98:10:ee:90:e6:
1c:01:f0:0d:e5:7f:2d:a9:65:eb:af:26:7f:83:75:
ef:1f:79:b1:fd:b8:0d:68:3e:ae:b2:47:72:eb:08:
db:5e:d2:a5:1c:89:6f:c7:e1:29:e7:a5:47:e9:55:
45:56:0f:01:0b:63:be:28:63:9a:4f:e0:4c:32:a7:
f3:bd:67:05:bd:22:62:e3:31:a1:7f:75:dc:a5:6a:
a5:ea:4a:a2:09:d1:54:fb:59:ef:9b:82:e7:01:b0:
6c:cc:11:ff:7a:ca:1e:52:56:fe:4a:50:2a:01:82:
42:5b:a7:c5:cf:6b:c6:1f:8d:22:ce:de:a5:a3:ee:
ca:fb:c8:f6:ff:15:97:c1:55:b9:48:a0:94:66:15:
ef:f1:d4:d7:f4:f6:89:41:30:9b:30:a5:33:c5:74:
1e:49:fc:21:7a:16:f6:dc:d2:bf:b6:b7:e7:c4:f7:
e4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F6:B9:BF:F9:EE:EC:9D:38:12:DA:D0:7B:C6:E9:11:A2:A5:B4:16
X509v3 Authority Key Identifier:
keyid:AE:F1:EE:FA:A7:57:D3:8E:B1:04:FA:4C:BA:4D:96:2B:72:E5:2B:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rvHu-qdX046xBPpMuk2WK3LlK1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/Mfa5v_nu7J04EtrQe8bpEaKltBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c9f33b-2f1b-4a11-a21d-9a6bd011f8f6/1/rvHu-qdX046xBPpMuk2WK3LlK1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.40.0/21
45.157.188.0/22
83.166.128.0/19
84.16.64.0/19
89.47.48.0/22
91.214.188.0/22
93.88.240.0/20
128.65.192.0/21
185.74.68.0/22
185.125.24.0/22
185.143.100.0/22
185.172.100.0/22
185.176.224.0/22
185.177.60.0/22
185.181.160.0/22
188.213.128.0/22
193.108.52.0/22
193.111.233.0/24
193.128.7.0/24
193.134.93.0/24
193.134.250.0/24
195.15.192.0/18
IPv6:
2001:1600::/29
Signature Algorithm: sha256WithRSAEncryption
6d:bb:26:9c:03:8c:f3:72:11:2e:4f:63:0a:70:80:7b:93:36:
9d:a3:fb:c2:13:23:24:35:cc:5c:db:29:9f:c3:f1:ff:08:1d:
46:16:c0:76:4d:7a:c6:6a:c7:ef:8f:83:76:08:91:2b:fe:d7:
55:aa:8f:b4:46:86:7a:8c:9b:32:53:46:d0:55:a2:48:3e:b9:
e6:36:ad:4e:51:1e:f0:9b:59:4b:5c:49:cd:61:e5:0c:c5:12:
73:4d:c2:97:b0:9a:61:6e:fe:2f:a7:68:49:8c:49:66:cf:d1:
79:d9:8b:0b:58:44:85:55:4d:85:56:64:55:c5:fe:da:a5:bf:
c1:ca:83:24:9e:1f:43:c7:31:d2:0a:de:0f:39:57:b2:8a:b6:
4f:c2:5c:99:b9:a2:c9:cd:bf:84:12:be:21:43:ea:46:fb:c1:
d7:db:4a:cb:64:82:25:66:58:9e:c5:c8:ea:8c:44:f4:21:c2:
b7:9e:bc:08:94:04:86:5c:6e:d0:82:67:21:5e:bd:84:57:68:
61:61:bd:0f:b0:0a:fa:8b:8f:9a:61:2e:e3:2c:39:f1:f7:ce:
c7:f1:6b:6d:66:86:10:10:36:52:2b:59:c0:5f:65:88:72:a4:
23:00:db:91:43:c6:d2:8f:a9:d9:23:7f:9d:8a:e5:c1:a9:15:
5c:94:03:0f
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZH/V3p0V+fdGvgUSYK+zHa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZjFlZWZhYTc1N2QzOGViMTA0ZmE0Y2JhNGQ5NjJiNzJl
NTJiNTIwHhcNMjQwOTE3MDkzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY2YjliZmY5ZWVlYzlkMzgxMmRhZDA3YmM2ZTkxMWEyYTViNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EAdihkHYk37rXjrKdJobwGEvSps
4bOnLtGaCORikpbue7v+mfZ6ixDnBGUWZMFQLawCfmJDG0aMti3ZppLfz/wIbGFX
gwkNjrSDg9RWSkWdE/drmBDukOYcAfAN5X8tqWXrryZ/g3XvH3mx/bgNaD6uskdy
6wjbXtKlHIlvx+Ep56VH6VVFVg8BC2O+KGOaT+BMMqfzvWcFvSJi4zGhf3XcpWql
6kqiCdFU+1nvm4LnAbBszBH/esoeUlb+SlAqAYJCW6fFz2vGH40izt6lo+7K+8j2
/xWXwVW5SKCUZhXv8dTX9PaJQTCbMKUzxXQeSfwhehb23NK/trfnxPfkFwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFDH2ub/57uydOBLa0HvG6RGipbQWMB8GA1UdIwQY
MBaAFK7x7vqnV9OOsQT6TLpNlity5StSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnZIdS1xZFgwNDZ4QlBwTXVrMldLM0xsSzFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jOWYzM2ItMmYxYi00YTExLWEyMWQt
OWE2YmQwMTFmOGY2LzEvTWZhNXZfbnU3SjA0RXRyUWU4YnBFYUtsdEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jOWYzM2ItMmYxYi00YTExLWEyMWQtOWE2YmQwMTFmOGY2
LzEvcnZIdS1xZFgwNDZ4QlBwTXVrMldLM0xsSzFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAMl
nCgDBAItnbwDBAVTpoADBAVUEEADBAJZLzADBAJb1rwDBARdWPADBAOAQcADBAK5
SkQDBAK5fRgDBAK5j2QDBAK5rGQDBAK5sOADBAK5sTwDBAK5taADBAK81YADBALB
bDQDBADBb+kDBADBgAcDBADBhl0DBADBhvoDBAbDD8AwDQQCAAIwBwMFAyABFgAw
DQYJKoZIhvcNAQELBQADggEBAG27JpwDjPNyES5PYwpwgHuTNp2j+8ITIyQ1zFzb
KZ/D8f8IHUYWwHZNesZqx++Pg3YIkSv+11Wqj7RGhnqMmzJTRtBVokg+ueY2rU5R
HvCbWUtcSc1h5QzFEnNNwpewmmFu/i+naEmMSWbP0XnZiwtYRIVVTYVWZFXF/tql
v8HKgySeH0PHMdIK3g85V7KKtk/CXJm5osnNv4QSviFD6kb7wdfbSstkgiVmWJ7F
yOqMRPQhwreevAiUBIZcbtCCZyFevYRXaGFhvQ+wCvqLj5phLuMsOfH3zsfxa21m
hhAQNlIrWcBfZYhypCMA25FDxtKPqdkjf52K5cGpFVyUAw8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:11 2024 by rpki-client on console-fra.rpki-client.org