Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/MCMxDwSKwIAKJmqVzo3JaqsGDJk.roa
File: MCMxDwSKwIAKJmqVzo3JaqsGDJk.roa (raw, json)
Hash identifier: Ygio4UJ6gp/d4JEhHQ9MDohsa4Dv2g/iak+IcIo/cTY=
Subject key identifier: 30:23:31:0F:04:8A:C0:80:0A:26:6A:95:CE:8D:C9:6A:AB:06:0C:99
Certificate issuer: /CN=66d9758b8c8c373583c0575166d62343600c7f01
Certificate serial: 018CC86EF77BB1C726EFF8B29E828D2C824F
Authority key identifier: 66:D9:75:8B:8C:8C:37:35:83:C0:57:51:66:D6:23:43:60:0C:7F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/MCMxDwSKwIAKJmqVzo3JaqsGDJk.roa
Signing time: Tue 02 Jan 2024 04:29:24 +0000
ROA not before: Tue 02 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47302
IP address blocks: 194.126.200.0/24 maxlen: 24
149.126.0.0/21 maxlen: 21
185.174.216.0/22 maxlen: 22
91.206.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f7:7b:b1:c7:26:ef:f8:b2:9e:82:8d:2c:82:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d9758b8c8c373583c0575166d62343600c7f01
Validity
Not Before: Jan 2 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3023310f048ac0800a266a95ce8dc96aab060c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f2:cb:26:53:86:a0:b4:9d:39:bd:ef:90:c2:
af:e4:37:ba:e1:00:ec:48:c9:40:b0:0d:1a:c8:c9:
7e:0c:42:be:93:b1:77:ce:48:81:f2:eb:1a:d5:53:
d2:ef:77:69:5d:48:00:63:82:78:99:0f:36:c9:ea:
5e:7a:a4:f7:d2:e9:db:48:10:5f:4a:06:dc:4f:3b:
cf:95:5b:0c:49:e5:b5:8d:3f:bc:f7:ac:ac:17:96:
08:22:bb:54:be:cb:a0:88:9f:57:b4:27:e4:a4:ca:
23:0e:0c:c9:ed:34:53:d1:d0:bb:35:a9:a2:ce:a0:
fd:d1:52:d1:d7:fe:41:e1:08:a7:ca:e0:b1:ae:bb:
06:95:23:e1:d2:47:09:a0:61:26:5b:a3:7c:fc:20:
d2:eb:dc:c4:8d:c5:69:0b:a5:ae:90:1b:2b:1c:d6:
ce:1f:79:4a:45:68:94:cc:51:42:2c:de:2b:4d:4f:
66:95:26:91:fb:b5:11:bd:16:42:9e:fe:6e:9e:1e:
4e:bc:56:ce:7f:6a:69:39:20:69:67:1f:0d:81:10:
ae:bb:28:ba:2b:62:32:04:e7:2c:f5:1c:40:d0:be:
3b:c2:1f:e5:05:a1:a9:f2:23:7b:6f:68:45:62:60:
e7:ae:11:f1:f2:88:a8:ec:d2:16:23:c3:65:78:68:
d3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:23:31:0F:04:8A:C0:80:0A:26:6A:95:CE:8D:C9:6A:AB:06:0C:99
X509v3 Authority Key Identifier:
keyid:66:D9:75:8B:8C:8C:37:35:83:C0:57:51:66:D6:23:43:60:0C:7F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/MCMxDwSKwIAKJmqVzo3JaqsGDJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5d4d2f-ba18-4211-bc9b-ee8831924b32/1/Ztl1i4yMNzWDwFdRZtYjQ2AMfwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.24.0/23
149.126.0.0/21
185.174.216.0/22
194.126.200.0/24
Signature Algorithm: sha256WithRSAEncryption
00:13:e1:ed:7e:6c:02:df:65:29:ce:b8:88:e3:b4:4a:5a:32:
6f:2d:a3:a5:1f:13:1a:72:13:57:62:82:8b:a1:a1:b8:55:97:
45:78:f3:63:50:fc:dd:43:28:af:5e:72:c6:c1:db:6b:5d:f0:
34:ab:13:cb:20:09:44:ad:ae:68:8d:72:24:50:fe:cd:de:bb:
e9:b0:17:69:39:ab:37:00:4f:b9:09:92:49:df:8f:b4:bb:26:
c1:a0:19:b0:33:84:a0:65:85:39:b4:20:d1:37:f1:fc:0b:1d:
81:38:35:ce:57:c2:57:be:c4:04:88:65:2e:35:59:74:8c:c5:
26:f0:d5:62:a8:c0:ef:1e:20:f9:c6:bc:75:dc:bf:fc:ea:89:
96:06:8a:1a:05:b6:5c:1d:77:56:a7:56:7c:9b:3e:cb:a0:be:
e2:21:65:ec:f1:8c:a7:f8:ff:f1:fa:5b:80:21:78:e0:63:59:
d7:e2:b7:86:24:5b:d0:78:5b:86:70:3f:81:0d:6e:51:4a:3d:
4d:a5:f8:9e:94:5f:85:22:41:45:f5:67:bd:88:08:74:11:82:
58:5a:a4:be:dc:7b:c8:c7:2d:12:08:0f:fe:be:69:01:1c:7d:
aa:1b:6f:69:39:14:e0:5e:63:d8:a3:d3:b1:10:01:d9:aa:ce:
c3:e1:05:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIbvd7sccm7/iynoKNLIJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDk3NThiOGM4YzM3MzU4M2MwNTc1MTY2ZDYyMzQzNjAw
YzdmMDEwHhcNMjQwMTAyMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDIzMzEwZjA0OGFjMDgwMGEyNjZhOTVjZThkYzk2YWFiMDYwYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPLLJlOGoLSdOb3vkMKv5De64QDs
SMlAsA0ayMl+DEK+k7F3zkiB8usa1VPS73dpXUgAY4J4mQ82yepeeqT30unbSBBf
SgbcTzvPlVsMSeW1jT+896ysF5YIIrtUvsugiJ9XtCfkpMojDgzJ7TRT0dC7Nami
zqD90VLR1/5B4QinyuCxrrsGlSPh0kcJoGEmW6N8/CDS69zEjcVpC6WukBsrHNbO
H3lKRWiUzFFCLN4rTU9mlSaR+7URvRZCnv5unh5OvFbOf2ppOSBpZx8NgRCuuyi6
K2IyBOcs9RxA0L47wh/lBaGp8iN7b2hFYmDnrhHx8oio7NIWI8NleGjTTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDAjMQ8EisCACiZqlc6NyWqrBgyZMB8GA1UdIwQY
MBaAFGbZdYuMjDc1g8BXUWbWI0NgDH8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRsMWk0eU1OeldEd0ZkUlp0WWpRMkFNZndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81ZDRkMmYtYmExOC00MjExLWJjOWIt
ZWU4ODMxOTI0YjMyLzEvTUNNeER3U0t3SUFLSm1xVnpvM0phcXNHREprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81ZDRkMmYtYmExOC00MjExLWJjOWItZWU4ODMxOTI0YjMy
LzEvWnRsMWk0eU1OeldEd0ZkUlp0WWpRMkFNZndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW84YAwQD
lX4AAwQCua7YAwQAwn7IMA0GCSqGSIb3DQEBCwUAA4IBAQAAE+HtfmwC32UpzriI
47RKWjJvLaOlHxMachNXYoKLoaG4VZdFePNjUPzdQyivXnLGwdtrXfA0qxPLIAlE
ra5ojXIkUP7N3rvpsBdpOas3AE+5CZJJ34+0uybBoBmwM4SgZYU5tCDRN/H8Cx2B
ODXOV8JXvsQEiGUuNVl0jMUm8NViqMDvHiD5xrx13L/86omWBooaBbZcHXdWp1Z8
mz7LoL7iIWXs8Yyn+P/x+luAIXjgY1nX4reGJFvQeFuGcD+BDW5RSj1NpfielF+F
IkFF9We9iAh0EYJYWqS+3HvIxy0SCA/+vmkBHH2qG29pORTgXmPYo9OxEAHZqs7D
4QVj
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:16:30 2024 by rpki-client on console-ams.rpki-client.org