Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/M_WfuBxmPqxcsEpMuyHQMgn7iO8.roa
File: M_WfuBxmPqxcsEpMuyHQMgn7iO8.roa (raw, json)
Hash identifier: D56guXifG0M4fvvQ/CCheW3KayRKVAjS3/u9zGX865k=
Subject key identifier: 33:F5:9F:B8:1C:66:3E:AC:5C:B0:4A:4C:BB:21:D0:32:09:FB:88:EF
Certificate issuer: /CN=3e34b02edc7c2878f94c5104cafa8978afb6752d
Certificate serial: 018CC56DF7B144E142485FD770A322DAE8EB
Authority key identifier: 3E:34:B0:2E:DC:7C:28:78:F9:4C:51:04:CA:FA:89:78:AF:B6:75:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/M_WfuBxmPqxcsEpMuyHQMgn7iO8.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30885
IP address blocks: 91.212.110.0/24 maxlen: 24
194.102.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f7:b1:44:e1:42:48:5f:d7:70:a3:22:da:e8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e34b02edc7c2878f94c5104cafa8978afb6752d
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f59fb81c663eac5cb04a4cbb21d03209fb88ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:dd:a7:ab:f8:16:32:e1:b6:4b:5c:1e:c1:
92:48:ba:b7:ad:58:d8:fc:17:37:fc:1a:cb:55:9f:
97:b5:90:1c:eb:fd:55:ef:2d:06:a4:40:7d:c4:05:
d5:eb:84:9c:8e:fa:a4:4e:6e:9e:71:e9:60:a9:b9:
d8:2c:7c:2c:5c:80:17:6f:06:72:68:a6:1a:be:97:
a2:f5:77:67:f3:0d:3a:93:1e:8c:3d:65:88:02:10:
15:77:2f:6a:c1:40:c6:c5:34:97:dc:e2:a5:c5:4f:
c9:cd:0a:cf:f4:a4:79:44:c0:24:30:df:11:10:32:
3a:fe:d8:cf:ac:67:74:12:26:0b:de:09:7b:db:a0:
14:2d:d4:19:27:45:bd:92:0c:27:d5:89:1a:7d:b4:
49:d6:56:1a:b4:e2:0c:0a:ff:35:a3:29:fb:ba:55:
85:4f:c0:7b:3d:e7:74:26:9b:96:56:79:4f:57:bf:
8a:ab:9d:da:0e:67:f6:3b:20:8b:b9:b6:d1:55:a0:
b6:e6:dd:e8:80:64:6a:72:f2:d0:97:74:a9:46:a3:
a0:e2:24:2a:55:0c:4a:90:66:5f:74:ec:b5:48:31:
2f:d8:ba:c2:fb:2e:66:90:97:f7:fd:6c:3d:46:8f:
a1:46:12:69:ab:a8:12:6a:c8:27:89:47:5c:4e:c4:
ab:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F5:9F:B8:1C:66:3E:AC:5C:B0:4A:4C:BB:21:D0:32:09:FB:88:EF
X509v3 Authority Key Identifier:
keyid:3E:34:B0:2E:DC:7C:28:78:F9:4C:51:04:CA:FA:89:78:AF:B6:75:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjSwLtx8KHj5TFEEyvqJeK-2dS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/M_WfuBxmPqxcsEpMuyHQMgn7iO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/42252e-0321-4da2-92f4-35a0241a4301/1/PjSwLtx8KHj5TFEEyvqJeK-2dS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.110.0/24
194.102.208.0/24
Signature Algorithm: sha256WithRSAEncryption
28:7a:58:8c:68:1d:cd:d0:06:67:9b:d5:13:cd:fc:d2:4c:a0:
d7:c7:5e:32:b6:c7:e6:da:bd:3e:6e:a2:a4:c5:a0:f4:78:04:
b7:1c:da:3d:9b:1c:91:ee:ac:52:35:40:60:07:f4:46:71:7d:
e2:59:20:84:65:81:ac:42:9f:be:b9:9a:fe:6e:0d:bd:81:b3:
2b:04:16:74:d2:88:1d:dd:06:e5:a2:98:9d:d6:cb:44:cc:34:
b5:b5:8e:ae:b1:e3:2a:da:3a:16:60:6f:f7:d0:cc:5c:8a:f1:
fb:fb:ec:65:c3:fc:dc:e8:57:9f:aa:1e:1b:b6:64:c2:a0:66:
cb:9f:74:67:7a:ad:6f:03:23:d3:4a:58:6f:04:18:a8:90:56:
f4:31:18:b8:f3:a4:45:28:2d:7a:7d:85:10:a7:0c:1d:63:d7:
34:a0:8a:60:0a:75:38:3c:02:d1:c2:e2:90:81:13:93:a2:68:
87:c3:a3:a1:da:db:09:b8:55:ad:f4:65:1e:77:84:b6:91:3b:
b7:b6:0e:80:12:e3:60:b8:87:08:ea:00:2c:75:e4:30:e1:d9:
7a:c7:4f:fa:fb:63:a1:78:ce:eb:2d:bf:8b:d4:de:f9:b0:bd:
4b:ec:d7:f1:0d:7c:2a:e9:32:18:b0:86:69:b5:e9:6f:96:13:
d9:9d:c6:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbfexROFCSF/XcKMi2ujrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzRiMDJlZGM3YzI4NzhmOTRjNTEwNGNhZmE4OTc4YWZi
Njc1MmQwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y1OWZiODFjNjYzZWFjNWNiMDRhNGNiYjIxZDAzMjA5ZmI4OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjdp6v4FjLhtktcHsGSSLq3rVjY
/Bc3/BrLVZ+XtZAc6/1V7y0GpEB9xAXV64ScjvqkTm6ecelgqbnYLHwsXIAXbwZy
aKYavpei9Xdn8w06kx6MPWWIAhAVdy9qwUDGxTSX3OKlxU/JzQrP9KR5RMAkMN8R
EDI6/tjPrGd0EiYL3gl726AULdQZJ0W9kgwn1YkafbRJ1lYatOIMCv81oyn7ulWF
T8B7Ped0JpuWVnlPV7+Kq53aDmf2OyCLubbRVaC25t3ogGRqcvLQl3SpRqOg4iQq
VQxKkGZfdOy1SDEv2LrC+y5mkJf3/Ww9Ro+hRhJpq6gSasgniUdcTsSrLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDP1n7gcZj6sXLBKTLsh0DIJ+4jvMB8GA1UdIwQY
MBaAFD40sC7cfCh4+UxRBMr6iXivtnUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpTd0x0eDhLSGo1VEZFRXl2cUplSy0yZFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi80MjI1MmUtMDMyMS00ZGEyLTkyZjQt
MzVhMDI0MWE0MzAxLzEvTV9XZnVCeG1QcXhjc0VwTXV5SFFNZ243aU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi80MjI1MmUtMDMyMS00ZGEyLTkyZjQtMzVhMDI0MWE0MzAx
LzEvUGpTd0x0eDhLSGo1VEZFRXl2cUplSy0yZFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9RuAwQA
wmbQMA0GCSqGSIb3DQEBCwUAA4IBAQAoeliMaB3N0AZnm9UTzfzSTKDXx14ytsfm
2r0+bqKkxaD0eAS3HNo9mxyR7qxSNUBgB/RGcX3iWSCEZYGsQp++uZr+bg29gbMr
BBZ00ogd3Qblopid1stEzDS1tY6useMq2joWYG/30MxcivH7++xlw/zc6Fefqh4b
tmTCoGbLn3Rneq1vAyPTSlhvBBiokFb0MRi486RFKC16fYUQpwwdY9c0oIpgCnU4
PALRwuKQgROTomiHw6Oh2tsJuFWt9GUed4S2kTu3tg6AEuNguIcI6gAsdeQw4dl6
x0/6+2OheM7rLb+L1N75sL1L7NfxDXwq6TIYsIZptelvlhPZncZn
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:56:50 2024 by rpki-client on console-ams.rpki-client.org