Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/M_d2Kh6Ca1TRQXO9NP-3v9PR3jA.roa
File: M_d2Kh6Ca1TRQXO9NP-3v9PR3jA.roa (raw, json)
Hash identifier: qLLe/B/cRKjLVL0b+lK/xu1RvDI6u2VKb2zILLVIAHU=
Subject key identifier: 33:F7:76:2A:1E:82:6B:54:D1:41:73:BD:34:FF:B7:BF:D3:D1:DE:30
Certificate issuer: /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial: 018CC2DAE9A1DFBEF33446E80F1BD5C9F8FE
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/M_d2Kh6Ca1TRQXO9NP-3v9PR3jA.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211656
IP address blocks: 185.165.228.0/22 maxlen: 24
185.117.252.0/22 maxlen: 24
62.112.24.0/22 maxlen: 24
2a10:ad40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e9:a1:df:be:f3:34:46:e8:0f:1b:d5:c9:f8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f7762a1e826b54d14173bd34ffb7bfd3d1de30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:f9:2a:93:c1:ec:b8:97:cc:69:14:3a:f3:
80:fc:ca:46:13:b5:1d:8f:7b:08:81:fb:80:29:c5:
89:13:ae:42:77:81:33:d3:14:54:d1:3e:65:18:44:
a8:5e:ed:2a:00:df:18:cf:92:2c:47:89:66:89:09:
20:9d:39:b6:5e:c6:3f:56:ad:f9:49:af:b9:f1:47:
4c:c7:c0:a6:0e:35:e8:3b:c8:ba:a0:b8:e4:be:58:
b8:26:cc:f2:35:8e:e9:c4:3c:51:6e:03:27:82:ec:
59:b5:a4:46:30:f2:d5:e6:af:34:f2:1b:d0:73:9d:
f9:34:c8:28:68:a2:77:4c:c1:de:39:fb:eb:c1:10:
3c:4d:11:55:96:17:4e:d7:54:4c:36:20:6b:7f:93:
ed:6a:09:98:ee:c0:1f:06:ca:e9:61:a1:c6:fc:92:
fd:98:20:32:8a:bd:48:0f:ef:76:24:c2:f0:50:e4:
f6:f4:be:de:52:c3:6f:d8:dc:ed:d1:86:fe:83:ba:
ec:fc:e9:ea:66:43:56:f7:6b:7d:db:9b:b8:3a:54:
a9:ad:cf:49:a1:06:44:c1:7a:de:18:a0:2b:71:fc:
52:de:1a:80:dd:ea:20:22:98:d5:f1:e7:dc:07:87:
47:f0:0c:b5:e9:a9:d3:f4:4e:ed:ee:88:5e:92:c5:
3d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F7:76:2A:1E:82:6B:54:D1:41:73:BD:34:FF:B7:BF:D3:D1:DE:30
X509v3 Authority Key Identifier:
keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/M_d2Kh6Ca1TRQXO9NP-3v9PR3jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.24.0/22
185.117.252.0/22
185.165.228.0/22
IPv6:
2a10:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
0b:01:2e:e9:fd:b2:b3:d0:6d:0a:83:45:50:28:22:a1:c2:0a:
0b:16:b9:f1:5c:4d:ce:ca:95:3c:c5:39:b5:c7:cb:c0:5c:77:
49:7e:80:cf:27:ff:df:80:ea:0b:3f:59:c3:89:05:89:46:9e:
da:6c:17:65:d3:53:e9:a1:86:3e:a9:8c:de:91:62:6e:8e:f0:
ae:18:4b:41:ec:fc:7e:79:65:e6:d3:e2:af:72:f5:21:6a:9e:
1e:3e:8f:42:ec:a3:7a:50:9f:0a:df:8e:7b:57:97:50:b3:49:
50:99:54:a2:0f:4c:0c:7e:2e:d0:f9:57:af:a3:7e:8b:03:cf:
34:82:84:ae:57:55:b8:f9:ca:38:44:f5:e9:3c:b0:5f:ec:88:
83:2c:97:d6:9b:41:48:7d:0a:2f:22:c6:59:dd:d8:8c:9f:d1:
be:a7:ac:5c:b4:9e:14:1e:82:87:61:93:03:1a:6a:ec:c8:86:
e1:d8:57:d4:70:53:cf:94:d9:38:3c:8a:9a:e3:13:3a:1a:34:
bb:13:d9:6a:2b:50:8c:63:17:c3:28:b7:07:98:6f:87:a5:54:
b7:a7:dd:9c:2f:5c:50:26:ad:d0:f9:5f:c8:a8:d7:02:e6:5e:
eb:d7:82:63:23:15:ea:47:46:df:89:f4:d0:a9:c0:75:80:b1:
e7:6b:20:cb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2umh377zNEboDxvVyfj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDRlZTRhZmZmNTVlNjc0NDRkNDdkNDliNTEyYTgzNjhi
ZjllZjYwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y3NzYyYTFlODI2YjU0ZDE0MTczYmQzNGZmYjdiZmQzZDFkZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZL5KpPB7LiXzGkUOvOA/MpGE7Ud
j3sIgfuAKcWJE65Cd4Ez0xRU0T5lGESoXu0qAN8Yz5IsR4lmiQkgnTm2XsY/Vq35
Sa+58UdMx8CmDjXoO8i6oLjkvli4JszyNY7pxDxRbgMnguxZtaRGMPLV5q808hvQ
c535NMgoaKJ3TMHeOfvrwRA8TRFVlhdO11RMNiBrf5PtagmY7sAfBsrpYaHG/JL9
mCAyir1ID+92JMLwUOT29L7eUsNv2Nzt0Yb+g7rs/OnqZkNW92t925u4OlSprc9J
oQZEwXreGKArcfxS3hqA3eogIpjV8efcB4dH8Ay16anT9E7t7oheksU9vQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDP3dioegmtU0UFzvTT/t7/T0d4wMB8GA1UdIwQY
MBaAFDHU7kr/9V5nRE1H1JtRKoNov572MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDIt
YmFiNTc2ZTIwMzkzLzEvTV9kMktoNkNhMVRSUVhPOU5QLTN2OVBSM2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDItYmFiNTc2ZTIwMzkz
LzEvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPnAYAwQC
uXX8AwQCuaXkMA0EAgACMAcDBQMqEK1AMA0GCSqGSIb3DQEBCwUAA4IBAQALAS7p
/bKz0G0Kg0VQKCKhwgoLFrnxXE3OypU8xTm1x8vAXHdJfoDPJ//fgOoLP1nDiQWJ
Rp7abBdl01PpoYY+qYzekWJujvCuGEtB7Px+eWXm0+KvcvUhap4ePo9C7KN6UJ8K
3457V5dQs0lQmVSiD0wMfi7Q+Vevo36LA880goSuV1W4+co4RPXpPLBf7IiDLJfW
m0FIfQovIsZZ3diMn9G+p6xctJ4UHoKHYZMDGmrsyIbh2FfUcFPPlNk4PIqa4xM6
GjS7E9lqK1CMYxfDKLcHmG+HpVS3p92cL1xQJq3Q+V/IqNcC5l7r14JjIxXqR0bf
ifTQqcB1gLHnayDL
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:45:26 2024 by rpki-client on console-ams.rpki-client.org