Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MvioBnJ7CLQH13SrS6xpEMB2BqI.roa
File: MvioBnJ7CLQH13SrS6xpEMB2BqI.roa (raw, json)
Hash identifier: 8fxE0jF5+TeYjJnO7FZzHjbWZ7ZoSOKeM/zrRlXFGDk=
Subject key identifier: 32:F8:A8:06:72:7B:08:B4:07:D7:74:AB:4B:AC:69:10:C0:76:06:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190A28837CE65DA66157D49981F79553E9B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MvioBnJ7CLQH13SrS6xpEMB2BqI.roa
Signing time: Thu 11 Jul 2024 16:02:34 +0000
ROA not before: Thu 11 Jul 2024 16:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50917
IP address blocks: 80.240.86.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
212.38.89.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:88:37:ce:65:da:66:15:7d:49:98:1f:79:55:3e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 11 16:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f8a806727b08b407d774ab4bac6910c07606a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6c:31:41:4c:de:4f:04:ef:a0:c1:40:e5:0e:
bd:63:7d:c9:b1:59:45:b7:39:57:c1:6a:ad:bb:50:
46:bf:3b:32:a7:79:11:54:02:52:ce:a9:33:34:9a:
86:5b:2a:81:83:93:29:98:87:e5:3b:7b:c8:d7:8f:
33:a4:92:52:06:b0:f8:b1:21:06:a4:73:fc:c9:b9:
0b:77:9d:ae:b1:0f:c0:6a:08:d3:f9:56:4d:2b:26:
64:6b:8f:2a:ec:a5:6b:d1:3e:3e:d1:12:ba:f8:42:
4a:b7:dc:cb:fa:04:eb:7b:9e:8a:9d:f9:00:4a:9e:
7c:7b:c7:c6:a4:b5:a5:fa:7a:14:d5:f2:2c:5a:1f:
6e:e3:e4:45:16:2b:a6:9e:48:03:17:9f:ba:32:42:
2d:fc:2d:3c:ff:47:59:f8:4c:f5:a7:9a:96:19:da:
b2:0b:b5:5c:30:3e:20:96:1a:b4:2c:c5:7a:80:1f:
0a:b6:55:a8:e8:1b:cb:af:29:51:19:f7:89:a5:9a:
1f:77:6a:8f:6e:1a:31:52:ac:fe:3f:61:81:77:6f:
d4:81:cd:d9:e8:06:a9:c7:93:4c:4b:7b:78:40:2f:
22:2a:95:76:43:a9:b6:d4:fc:10:c7:7e:d3:aa:22:
85:d8:cd:1b:fe:89:0b:92:f6:6c:ae:fb:da:bd:89:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F8:A8:06:72:7B:08:B4:07:D7:74:AB:4B:AC:69:10:C0:76:06:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MvioBnJ7CLQH13SrS6xpEMB2BqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.153.207.0/24
212.38.89.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
78:29:e5:e7:4f:c8:e7:d7:36:b8:31:41:36:1a:26:ec:38:cd:
be:d4:f1:55:32:39:66:2d:f4:84:fa:98:3b:fe:35:fd:8b:6c:
2e:ab:ca:68:a1:35:96:fc:16:3a:20:53:ac:24:2b:eb:f7:34:
48:c7:ab:cf:a1:c7:fe:c6:82:82:75:d5:c3:65:12:3b:ef:84:
71:a6:89:99:93:ed:52:25:fa:3c:0c:07:3e:40:2c:4f:ae:0e:
2b:35:d4:24:8a:34:74:a1:15:84:f3:6e:19:4c:0d:4a:e3:65:
80:b6:89:6e:45:47:83:95:58:af:4a:34:1c:8a:d1:79:31:69:
ac:e6:ab:d6:4e:c4:00:87:bc:20:9d:c7:37:4f:4d:86:7f:b1:
b7:d9:9a:31:69:55:6d:9a:a7:44:f4:51:ba:ee:ae:59:7d:89:
32:da:1b:8e:06:4d:c4:53:7c:d1:67:bd:1e:92:af:02:ce:7a:
9a:1d:37:af:40:ee:7b:60:65:37:0f:ec:e2:62:76:51:b5:d3:
f0:30:cc:b8:31:10:e7:47:0a:8e:07:bb:c1:69:96:7b:53:d8:
60:1f:8a:11:19:1f:f9:32:01:15:2f:50:f6:e3:00:c4:c4:4c:
7f:66:09:a6:8c:17:c6:05:bf:f6:32:8e:03:44:b8:81:a1:6a:
5c:22:f1:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCiiDfOZdpmFX1JmB95VT6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzExMTYwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY4YTgwNjcyN2IwOGI0MDdkNzc0YWI0YmFjNjkxMGMwNzYwNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WwxQUzeTwTvoMFA5Q69Y33JsVlF
tzlXwWqtu1BGvzsyp3kRVAJSzqkzNJqGWyqBg5MpmIflO3vI148zpJJSBrD4sSEG
pHP8ybkLd52usQ/AagjT+VZNKyZka48q7KVr0T4+0RK6+EJKt9zL+gTre56KnfkA
Sp58e8fGpLWl+noU1fIsWh9u4+RFFiumnkgDF5+6MkIt/C08/0dZ+Ez1p5qWGdqy
C7VcMD4glhq0LMV6gB8KtlWo6BvLrylRGfeJpZofd2qPbhoxUqz+P2GBd2/Ugc3Z
6Aapx5NMS3t4QC8iKpV2Q6m21PwQx37TqiKF2M0b/okLkvZsrvvavYluFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDL4qAZyewi0B9d0q0usaRDAdgaiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTXZpb0JuSjdDTFFIMTNTclM2eHBFTUIyQnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBWAwQA
UpnPAwQA1CZZAwQA1drRMA0GCSqGSIb3DQEBCwUAA4IBAQB4KeXnT8jn1za4MUE2
GibsOM2+1PFVMjlmLfSE+pg7/jX9i2wuq8pooTWW/BY6IFOsJCvr9zRIx6vPocf+
xoKCddXDZRI774RxpomZk+1SJfo8DAc+QCxPrg4rNdQkijR0oRWE824ZTA1K42WA
toluRUeDlVivSjQcitF5MWms5qvWTsQAh7wgncc3T02Gf7G32ZoxaVVtmqdE9FG6
7q5ZfYky2huOBk3EU3zRZ70ekq8CznqaHTevQO57YGU3D+ziYnZRtdPwMMy4MRDn
RwqOB7vBaZZ7U9hgH4oRGR/5MgEVL1D24wDExEx/ZgmmjBfGBb/2Mo4DRLiBoWpc
IvGM
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:00 2024 by rpki-client on console-fra.rpki-client.org