Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/mgcsv3O5U7xPrUvsdzUJt0rQvCU.roa
File: mgcsv3O5U7xPrUvsdzUJt0rQvCU.roa (raw, json)
Hash identifier: jvko7W6gAOU+XPPkllkVRjHgYmqpJTEHOlhDfoEqqUg=
Subject key identifier: 9A:07:2C:BF:73:B9:53:BC:4F:AD:4B:EC:77:35:09:B7:4A:D0:BC:25
Certificate issuer: /CN=df1e2d4bd362b62b8045021dc350b120e5530265
Certificate serial: 018CC8DEAB050802F054A6A34CC139917635
Authority key identifier: DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/mgcsv3O5U7xPrUvsdzUJt0rQvCU.roa
Signing time: Tue 02 Jan 2024 06:31:25 +0000
ROA not before: Tue 02 Jan 2024 06:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62282
IP address blocks: 37.156.216.0/21 maxlen: 21
37.156.217.0/24 maxlen: 24
37.156.219.0/24 maxlen: 24
37.156.222.0/24 maxlen: 24
37.156.220.0/24 maxlen: 24
185.193.24.0/22 maxlen: 22
37.156.221.0/24 maxlen: 24
185.193.27.0/24 maxlen: 24
185.193.25.0/24 maxlen: 24
185.193.26.0/24 maxlen: 24
185.38.166.0/24 maxlen: 24
185.38.164.0/22 maxlen: 22
185.79.244.0/22 maxlen: 22
185.79.245.0/24 maxlen: 24
185.79.246.0/24 maxlen: 24
185.79.244.0/24 maxlen: 24
185.79.247.0/24 maxlen: 24
2a01:41a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ab:05:08:02:f0:54:a6:a3:4c:c1:39:91:76:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df1e2d4bd362b62b8045021dc350b120e5530265
Validity
Not Before: Jan 2 06:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a072cbf73b953bc4fad4bec773509b74ad0bc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:47:af:c7:b5:77:db:69:e3:7e:c3:ed:4c:
68:40:70:af:6b:65:fd:59:71:3c:09:5e:ec:e8:57:
69:8f:5d:9d:bc:35:0d:67:2b:64:15:c0:42:a7:05:
17:47:df:a7:3d:d3:59:63:b9:3f:76:85:04:17:e8:
e1:e5:b8:31:86:89:f0:39:60:a8:15:0f:fb:db:6a:
31:a8:75:81:ff:34:8f:8a:24:1d:a1:fc:95:d1:dd:
00:be:da:56:98:9d:42:20:b4:ae:d2:d9:43:2b:8f:
2f:c3:5c:e3:53:a4:fa:cb:ce:d4:6d:39:fe:7a:63:
39:6f:82:91:e9:41:d9:17:2a:ca:ef:0b:8c:7d:8b:
35:0c:a7:86:49:6e:95:08:c1:b3:27:96:cb:3b:75:
58:ae:a0:1e:d8:ac:3f:7b:0a:71:b1:20:86:4b:09:
e1:1a:72:71:ff:a1:1d:7e:57:b5:a9:76:34:a7:4a:
64:5d:71:7a:24:4c:2e:69:df:85:55:e3:9c:d9:77:
d6:9e:0a:13:9a:4b:fe:d1:c2:43:92:12:a4:10:ea:
05:d0:24:58:c7:9b:96:bd:65:1e:57:df:18:42:f9:
89:9c:9c:26:3a:5a:72:22:21:02:83:37:08:16:e6:
e5:f9:87:d0:cb:ef:16:06:8c:6a:70:f2:30:0e:41:
56:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:07:2C:BF:73:B9:53:BC:4F:AD:4B:EC:77:35:09:B7:4A:D0:BC:25
X509v3 Authority Key Identifier:
keyid:DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/mgcsv3O5U7xPrUvsdzUJt0rQvCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.216.0/21
185.38.164.0/22
185.79.244.0/22
185.193.24.0/22
IPv6:
2a01:41a0::/32
Signature Algorithm: sha256WithRSAEncryption
20:20:f5:0f:66:2f:1f:6d:40:24:01:c0:85:a7:ce:f9:cc:1b:
17:10:f6:49:c2:22:0f:fa:dc:eb:d5:ba:8d:08:97:93:8a:43:
8c:d9:40:28:65:db:d3:8e:91:43:66:d0:c4:1b:d4:0b:9d:30:
7c:ba:50:4e:e0:71:31:63:80:d5:03:80:ca:f7:9b:c1:05:e8:
c1:f9:81:7d:26:f8:3d:c4:f7:1a:15:a6:b5:b8:c8:db:f6:78:
7d:17:4b:25:00:e8:78:1d:67:77:67:aa:6f:a8:88:7a:28:e3:
c3:0e:4e:a6:34:7d:56:1f:fc:16:83:fc:26:13:f9:40:14:ca:
08:9f:de:45:a5:18:63:f6:ba:0e:cc:b0:78:3d:b4:9e:48:8a:
2c:7e:87:39:20:a2:9b:07:d9:35:5b:54:c5:df:0d:be:83:0a:
92:b0:69:1c:d2:3c:37:5e:f3:e0:d7:6a:25:dd:f1:33:4a:d0:
a5:18:dd:08:f8:ef:f6:c0:5e:bb:56:5e:10:9e:77:8a:64:55:
18:48:20:2a:1f:b5:6d:1a:8e:14:7f:ae:9b:5a:dc:3b:a8:2b:
70:2f:33:bf:60:6f:09:19:d5:89:0d:5f:7c:ed:c2:8b:8f:c2:
d3:23:b3:f4:fa:a2:af:15:79:8e:8e:18:9b:b1:ec:97:3d:6e:
0d:64:eb:4e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3qsFCALwVKajTME5kXY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMWUyZDRiZDM2MmI2MmI4MDQ1MDIxZGMzNTBiMTIwZTU1
MzAyNjUwHhcNMjQwMTAyMDYzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA3MmNiZjczYjk1M2JjNGZhZDRiZWM3NzM1MDliNzRhZDBiYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGlHr8e1d9tp437D7UxoQHCva2X9
WXE8CV7s6Fdpj12dvDUNZytkFcBCpwUXR9+nPdNZY7k/doUEF+jh5bgxhonwOWCo
FQ/722oxqHWB/zSPiiQdofyV0d0AvtpWmJ1CILSu0tlDK48vw1zjU6T6y87UbTn+
emM5b4KR6UHZFyrK7wuMfYs1DKeGSW6VCMGzJ5bLO3VYrqAe2Kw/ewpxsSCGSwnh
GnJx/6Edfle1qXY0p0pkXXF6JEwuad+FVeOc2XfWngoTmkv+0cJDkhKkEOoF0CRY
x5uWvWUeV98YQvmJnJwmOlpyIiECgzcIFubl+YfQy+8WBoxqcPIwDkFWjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJoHLL9zuVO8T61L7Hc1CbdK0LwlMB8GA1UdIwQY
MBaAFN8eLUvTYrYrgEUCHcNQsSDlUwJlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3g0dFM5Tml0aXVBUlFJZHcxQ3hJT1ZUQW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8yODc5ZmItNjI5Yy00YWJmLWEzNWYt
MDNhZmFlNjg4NjU3LzEvbWdjc3YzTzVVN3hQclV2c2R6VUp0MHJRdkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8yODc5ZmItNjI5Yy00YWJmLWEzNWYtMDNhZmFlNjg4NjU3
LzEvM3g0dFM5Tml0aXVBUlFJZHcxQ3hJT1ZUQW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJZzYAwQC
uSakAwQCuU/0AwQCucEYMA0EAgACMAcDBQAqAUGgMA0GCSqGSIb3DQEBCwUAA4IB
AQAgIPUPZi8fbUAkAcCFp875zBsXEPZJwiIP+tzr1bqNCJeTikOM2UAoZdvTjpFD
ZtDEG9QLnTB8ulBO4HExY4DVA4DK95vBBejB+YF9Jvg9xPcaFaa1uMjb9nh9F0sl
AOh4HWd3Z6pvqIh6KOPDDk6mNH1WH/wWg/wmE/lAFMoIn95FpRhj9roOzLB4PbSe
SIosfoc5IKKbB9k1W1TF3w2+gwqSsGkc0jw3XvPg12ol3fEzStClGN0I+O/2wF67
Vl4QnneKZFUYSCAqH7VtGo4Uf66bWtw7qCtwLzO/YG8JGdWJDV987cKLj8LTI7P0
+qKvFXmOjhibseyXPW4NZOtO
-----END CERTIFICATE-----
Generated at Thu May 23 03:10:57 2024 by rpki-client on console-ams.rpki-client.org