Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/MxQVcAiuW0p4EDIiEm7q3BWYvP8.roa
File: MxQVcAiuW0p4EDIiEm7q3BWYvP8.roa (raw, json)
Hash identifier: JVFsJWGBLPgzxt9uY5l+yySS0Ei3Tn04Hx81eXPjKe4=
Subject key identifier: 33:14:15:70:08:AE:5B:4A:78:10:32:22:12:6E:EA:DC:15:98:BC:FF
Certificate issuer: /CN=34db1bb29a4aea85e19c2892d0c839e2fb945ed0
Certificate serial: 019423D721012DB26D3652695C3A275F1A03
Authority key identifier: 34:DB:1B:B2:9A:4A:EA:85:E1:9C:28:92:D0:C8:39:E2:FB:94:5E:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNsbsppK6oXhnCiS0Mg54vuUXtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/MxQVcAiuW0p4EDIiEm7q3BWYvP8.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21256
IP address blocks: 193.109.144.0/22 maxlen: 22
194.187.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/NNsbsppK6oXhnCiS0Mg54vuUXtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/NNsbsppK6oXhnCiS0Mg54vuUXtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NNsbsppK6oXhnCiS0Mg54vuUXtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:21:01:2d:b2:6d:36:52:69:5c:3a:27:5f:1a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34db1bb29a4aea85e19c2892d0c839e2fb945ed0
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3314157008ae5b4a78103222126eeadc1598bcff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:55:45:d7:ac:fb:e3:3e:b5:9c:b5:55:2f:
a0:f9:19:d1:2e:0a:46:60:0d:b3:b7:d2:a5:16:3d:
ba:c3:67:bf:c4:7e:d8:45:62:4f:21:cc:02:22:fe:
11:31:f9:8d:54:f4:11:04:8d:69:5e:ea:43:10:ee:
bc:55:1c:fc:ea:dc:3e:50:9d:70:c0:27:ac:e6:e9:
2b:40:a6:41:98:e5:35:30:9e:35:22:d6:88:2b:6c:
5d:b5:d7:bc:e3:2b:57:99:14:ca:2f:16:82:68:48:
b2:83:08:eb:7d:f6:d6:c8:1a:94:90:77:3a:f3:f7:
b6:19:5a:10:80:2c:fa:d5:72:4c:ae:1b:92:83:9a:
6c:1b:53:69:c3:ec:20:57:a4:3f:38:a1:38:dd:5a:
ef:2c:08:2d:93:84:d8:75:01:c8:7c:e9:f9:ae:27:
c5:91:7c:ec:36:83:1d:2f:c1:c8:8d:f5:0e:6b:23:
4a:45:ac:a2:0f:e0:b7:e2:d5:0f:c3:89:b6:97:cb:
a6:a0:bb:0c:d9:ac:6f:3e:25:f1:68:61:ac:3e:88:
4f:eb:b9:a5:2a:e7:18:78:5a:af:60:69:e1:dc:b3:
ea:a7:79:e3:6f:d7:b7:69:56:35:06:5e:c3:d6:ff:
06:cd:e2:ac:47:55:3b:54:62:7d:b1:42:f7:8e:8a:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:14:15:70:08:AE:5B:4A:78:10:32:22:12:6E:EA:DC:15:98:BC:FF
X509v3 Authority Key Identifier:
keyid:34:DB:1B:B2:9A:4A:EA:85:E1:9C:28:92:D0:C8:39:E2:FB:94:5E:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNsbsppK6oXhnCiS0Mg54vuUXtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/MxQVcAiuW0p4EDIiEm7q3BWYvP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8db8d2-6b11-4d19-8e8d-52a10425b136/1/NNsbsppK6oXhnCiS0Mg54vuUXtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.144.0/22
194.187.104.0/22
Signature Algorithm: sha256WithRSAEncryption
39:a1:1c:1d:dc:2c:36:2f:ae:b7:04:64:5f:02:80:8e:54:ea:
15:f9:3d:ad:9b:2f:c3:68:76:1e:f7:2a:e9:ee:0b:f6:91:a6:
24:5f:a9:48:01:bc:2e:76:99:58:67:1f:e4:58:4b:34:3f:9c:
a1:7e:43:09:3a:23:fc:bf:c2:01:b5:a3:fd:f7:4e:03:38:a7:
78:8d:59:25:14:cd:82:70:f2:53:f7:9c:3e:d3:a4:04:ff:8e:
d8:96:4a:8a:ca:3d:e8:07:7a:43:78:18:22:90:7e:08:28:51:
66:40:e8:06:2d:0e:72:6f:24:b4:3a:1b:8e:b3:05:98:62:55:
36:df:e5:6a:1a:04:3f:cf:a8:36:25:8b:92:bf:6f:76:ff:35:
c4:f3:38:61:a8:d7:37:b0:5a:68:34:ee:62:fc:33:1a:b2:00:
85:05:e2:bf:fa:b6:48:d9:e5:bd:ae:62:12:e6:b3:a8:5f:88:
cf:05:26:bc:6c:40:99:53:3c:b5:48:7e:d0:86:18:e7:46:b0:
41:ff:9d:2c:7c:4a:45:3a:f8:90:9e:4e:e3:47:74:01:8c:60:
83:e3:3c:af:ac:89:dd:66:b1:bd:74:da:84:8e:f7:24:e2:c9:
82:cb:d3:e7:12:58:1b:d3:2d:db:a4:81:50:71:f4:a8:e6:0f:
13:3d:76:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1yEBLbJtNlJpXDonXxoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZGIxYmIyOWE0YWVhODVlMTljMjg5MmQwYzgzOWUyZmI5
NDVlZDAwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE0MTU3MDA4YWU1YjRhNzgxMDMyMjIxMjZlZWFkYzE1OThiY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuclVRdes++M+tZy1VS+g+RnRLgpG
YA2zt9KlFj26w2e/xH7YRWJPIcwCIv4RMfmNVPQRBI1pXupDEO68VRz86tw+UJ1w
wCes5ukrQKZBmOU1MJ41ItaIK2xdtde84ytXmRTKLxaCaEiygwjrffbWyBqUkHc6
8/e2GVoQgCz61XJMrhuSg5psG1Npw+wgV6Q/OKE43VrvLAgtk4TYdQHIfOn5rifF
kXzsNoMdL8HIjfUOayNKRayiD+C34tUPw4m2l8umoLsM2axvPiXxaGGsPohP67ml
KucYeFqvYGnh3LPqp3njb9e3aVY1Bl7D1v8GzeKsR1U7VGJ9sUL3joosBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMUFXAIrltKeBAyIhJu6twVmLz/MB8GA1UdIwQY
MBaAFDTbG7KaSuqF4ZwoktDIOeL7lF7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5zYnNwcEs2b1hobkNpUzBNZzU0dnVVWHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZGI4ZDItNmIxMS00ZDE5LThlOGQt
NTJhMTA0MjViMTM2LzEvTXhRVmNBaXVXMHA0RURJaUVtN3EzQldZdlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZGI4ZDItNmIxMS00ZDE5LThlOGQtNTJhMTA0MjViMTM2
LzEvTk5zYnNwcEs2b1hobkNpUzBNZzU0dnVVWHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwW2QAwQC
wrtoMA0GCSqGSIb3DQEBCwUAA4IBAQA5oRwd3Cw2L663BGRfAoCOVOoV+T2tmy/D
aHYe9yrp7gv2kaYkX6lIAbwudplYZx/kWEs0P5yhfkMJOiP8v8IBtaP9904DOKd4
jVklFM2CcPJT95w+06QE/47YlkqKyj3oB3pDeBgikH4IKFFmQOgGLQ5ybyS0OhuO
swWYYlU23+VqGgQ/z6g2JYuSv292/zXE8zhhqNc3sFpoNO5i/DMasgCFBeK/+rZI
2eW9rmIS5rOoX4jPBSa8bECZUzy1SH7QhhjnRrBB/50sfEpFOviQnk7jR3QBjGCD
4zyvrIndZrG9dNqEjvck4smCy9PnElgb0y3bpIFQcfSo5g8TPXZc
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:45:53 2025 by rpki-client