Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/Mq-rHIKdmkoZTDI5BTlh-xAv8Ig.roa
File: Mq-rHIKdmkoZTDI5BTlh-xAv8Ig.roa (raw, json)
Hash identifier: /j3sjRjCERKN0/M3ASLFEvhVY1frlHIJtmIFLBR4s+0=
Subject key identifier: 32:AF:AB:1C:82:9D:9A:4A:19:4C:32:39:05:39:61:FB:10:2F:F0:88
Certificate issuer: /CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Certificate serial: 018CC870FE163AB0D15516C460C8FF9E6448
Authority key identifier: 3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/Mq-rHIKdmkoZTDI5BTlh-xAv8Ig.roa
Signing time: Tue 02 Jan 2024 04:31:37 +0000
ROA not before: Tue 02 Jan 2024 04:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202105
IP address blocks: 185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/PgmlTMIkrXs8oMV1MXuBhOKs4hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/PgmlTMIkrXs8oMV1MXuBhOKs4hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:fe:16:3a:b0:d1:55:16:c4:60:c8:ff:9e:64:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e09a54cc224ad7b3ca0c575317b8184e2ace216
Validity
Not Before: Jan 2 04:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32afab1c829d9a4a194c3239053961fb102ff088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:76:b9:cd:fb:95:a7:9a:92:6c:73:b2:43:a5:
01:2f:ad:0e:1a:00:ba:75:11:97:b3:9e:06:5d:3e:
83:4e:96:28:05:8a:b1:64:1b:11:9f:f8:33:2f:64:
54:ed:03:ba:75:7d:1e:21:40:f4:b8:15:57:5a:73:
db:ce:fb:fc:c7:3c:74:66:ba:1f:ff:73:1d:09:c0:
44:e2:39:55:b8:b5:30:2e:11:9f:22:9f:b4:b3:ca:
18:00:92:30:a7:9a:4f:7e:bb:c5:61:69:9b:94:da:
26:bb:e7:79:41:d2:2e:b0:50:2f:b5:82:71:b6:0e:
7c:7a:77:c2:ab:ee:42:cd:05:75:da:d1:87:0b:95:
c8:93:3f:fc:71:5a:23:00:a1:f1:66:c8:2d:c4:5d:
1a:30:1d:e9:b8:13:a5:ef:82:7b:33:dc:e3:6b:e6:
bc:37:d7:49:28:ee:b5:f3:b0:86:0e:bb:b4:1c:c8:
ff:d8:b2:f5:26:0b:62:b3:0b:55:23:47:71:2a:12:
56:1e:e5:00:9c:a4:aa:86:53:f8:74:a2:40:c6:ac:
ee:ba:26:cf:90:b7:07:90:45:04:ed:29:3c:e3:cb:
29:c0:07:d6:77:36:9a:45:6c:10:1a:8c:12:c9:b4:
7c:28:8d:c8:a6:90:3e:9d:32:cd:26:5e:6b:81:62:
32:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AF:AB:1C:82:9D:9A:4A:19:4C:32:39:05:39:61:FB:10:2F:F0:88
X509v3 Authority Key Identifier:
keyid:3E:09:A5:4C:C2:24:AD:7B:3C:A0:C5:75:31:7B:81:84:E2:AC:E2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgmlTMIkrXs8oMV1MXuBhOKs4hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/Mq-rHIKdmkoZTDI5BTlh-xAv8Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/5ef3e2-0603-46fd-ad9f-8d8b6e116219/1/PgmlTMIkrXs8oMV1MXuBhOKs4hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:fc:8a:fd:06:63:6f:b9:d2:a4:ee:52:2a:85:19:19:61:e3:
2f:b7:5b:6c:ce:71:63:bf:41:22:d2:1c:40:3f:b6:56:cf:41:
08:1c:3e:2f:a1:7f:16:55:36:93:14:f4:0b:0e:b4:1b:95:7d:
fb:1a:78:b3:0b:75:7b:ea:7b:ea:41:c9:5c:f8:31:b3:cf:63:
40:15:ea:27:c6:2f:a2:b9:84:af:f4:1c:cc:c5:1b:ad:1e:a2:
44:56:56:55:f3:c9:53:68:b2:74:b0:c9:b9:6a:8c:ad:1f:87:
00:49:cf:bc:88:2b:79:fc:cd:f9:4f:5a:ce:94:d1:f5:51:86:
a9:c8:bb:67:99:a4:df:50:17:05:58:8e:ee:e6:10:89:e5:99:
db:61:f7:dd:ac:f9:bf:99:9f:ca:a8:c4:a5:06:5e:09:4b:8e:
26:3b:aa:ad:5a:bf:ea:ec:53:c5:f1:ef:66:b6:a7:c3:82:2c:
f1:47:2a:20:7a:a0:81:b1:0f:8e:0b:34:ba:75:28:03:c6:8e:
87:ca:e4:71:89:24:27:cc:a1:02:eb:5d:24:1f:f1:25:65:d8:
48:47:85:91:56:ed:51:69:22:da:35:4d:f4:a0:18:4a:9f:ba:
4a:9f:f0:fd:7e:00:d6:c4:5d:b9:7c:28:51:9c:8f:a3:f1:80:
81:2a:be:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcP4WOrDRVRbEYMj/nmRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDlhNTRjYzIyNGFkN2IzY2EwYzU3NTMxN2I4MTg0ZTJh
Y2UyMTYwHhcNMjQwMTAyMDQzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFmYWIxYzgyOWQ5YTRhMTk0YzMyMzkwNTM5NjFmYjEwMmZmMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHa5zfuVp5qSbHOyQ6UBL60OGgC6
dRGXs54GXT6DTpYoBYqxZBsRn/gzL2RU7QO6dX0eIUD0uBVXWnPbzvv8xzx0Zrof
/3MdCcBE4jlVuLUwLhGfIp+0s8oYAJIwp5pPfrvFYWmblNomu+d5QdIusFAvtYJx
tg58enfCq+5CzQV12tGHC5XIkz/8cVojAKHxZsgtxF0aMB3puBOl74J7M9zja+a8
N9dJKO6187CGDru0HMj/2LL1JgtiswtVI0dxKhJWHuUAnKSqhlP4dKJAxqzuuibP
kLcHkEUE7Sk848spwAfWdzaaRWwQGowSybR8KI3IppA+nTLNJl5rgWIyZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKvqxyCnZpKGUwyOQU5YfsQL/CIMB8GA1UdIwQY
MBaAFD4JpUzCJK17PKDFdTF7gYTirOIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYt
OGQ4YjZlMTE2MjE5LzEvTXEtckhJS2Rta29aVERJNUJUbGgteEF2OElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81ZWYzZTItMDYwMy00NmZkLWFkOWYtOGQ4YjZlMTE2MjE5
LzEvUGdtbFRNSWtyWHM4b01WMU1YdUJoT0tzNGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWzwMA0G
CSqGSIb3DQEBCwUAA4IBAQCm/Ir9BmNvudKk7lIqhRkZYeMvt1tsznFjv0Ei0hxA
P7ZWz0EIHD4voX8WVTaTFPQLDrQblX37GnizC3V76nvqQclc+DGzz2NAFeonxi+i
uYSv9BzMxRutHqJEVlZV88lTaLJ0sMm5aoytH4cASc+8iCt5/M35T1rOlNH1UYap
yLtnmaTfUBcFWI7u5hCJ5ZnbYffdrPm/mZ/KqMSlBl4JS44mO6qtWr/q7FPF8e9m
tqfDgizxRyogeqCBsQ+OCzS6dSgDxo6HyuRxiSQnzKEC610kH/ElZdhIR4WRVu1R
aSLaNU30oBhKn7pKn/D9fgDWxF25fChRnI+j8YCBKr6/
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:51 2024 by rpki-client on console-fra.rpki-client.org