Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/mevJRdOZ166MQUr_uRI7fI7Kruk.roa
File: mevJRdOZ166MQUr_uRI7fI7Kruk.roa (raw, json)
Hash identifier: mak6S+xAs84BGBMmnKemSmK7J9U3dvKD3pVC9QlL9dU=
Subject key identifier: 99:EB:C9:45:D3:99:D7:AE:8C:41:4A:FF:B9:12:3B:7C:8E:CA:AE:E9
Certificate issuer: /CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Certificate serial: 018CC5DBE0F073155EAA2E5608E247D5C98F
Authority key identifier: 33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/mevJRdOZ166MQUr_uRI7fI7Kruk.roa
Signing time: Mon 01 Jan 2024 16:29:30 +0000
ROA not before: Mon 01 Jan 2024 16:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39257
IP address blocks: 91.212.106.0/24 maxlen: 24
78.31.200.0/22 maxlen: 22
185.26.200.0/22 maxlen: 22
87.238.184.0/21 maxlen: 21
87.238.190.0/24 maxlen: 24
87.238.187.0/24 maxlen: 24
91.214.127.0/24 maxlen: 24
2a02:8c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/M7n5GBbdTYImpB47TDsJx73MZKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/M7n5GBbdTYImpB47TDsJx73MZKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e0:f0:73:15:5e:aa:2e:56:08:e2:47:d5:c9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b9f91816dd4d8226a41e3b4c3b09c7bdcc64a9
Validity
Not Before: Jan 1 16:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99ebc945d399d7ae8c414affb9123b7c8ecaaee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:9a:f8:99:43:a2:db:ae:32:53:dd:26:78:
ed:14:55:33:d0:93:9e:00:40:e0:de:d3:cf:b7:42:
99:8a:be:ae:b2:22:ce:1f:c4:41:4b:e5:2d:6c:89:
8d:3a:45:5f:97:f4:d4:00:04:4a:9b:45:d2:5b:db:
9a:d5:6a:20:13:02:96:35:0e:ca:7a:24:c7:12:d3:
c3:4f:12:5f:5a:2f:35:00:18:a7:74:4f:e0:ba:b2:
76:53:65:7c:0d:9c:21:1e:c1:c5:3c:06:6e:4b:d0:
fd:c8:60:95:90:e4:8b:46:ee:11:54:15:51:35:e7:
14:7c:c4:c1:43:5e:fb:fe:1b:44:b6:ff:9d:e7:0f:
80:69:9b:43:f2:5f:b8:ca:41:ab:8f:7f:d5:84:cf:
d7:3f:7a:22:bc:8c:6a:4f:ce:0f:92:3e:8b:69:f1:
91:bf:7d:b2:0a:8b:31:ba:96:0d:d6:33:34:a9:3c:
a2:95:1c:dc:64:15:49:46:88:08:98:12:2f:4e:7a:
94:7c:4a:03:f7:7e:b5:3a:fa:a8:a7:4c:51:bf:90:
a3:90:49:f8:50:8f:c6:3e:d2:84:63:3e:7f:6c:0a:
1e:e4:72:05:f6:e0:93:fb:eb:1f:62:08:ab:c8:25:
d0:5b:55:29:10:9d:c2:8a:bb:ea:52:14:88:0a:af:
68:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EB:C9:45:D3:99:D7:AE:8C:41:4A:FF:B9:12:3B:7C:8E:CA:AE:E9
X509v3 Authority Key Identifier:
keyid:33:B9:F9:18:16:DD:4D:82:26:A4:1E:3B:4C:3B:09:C7:BD:CC:64:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7n5GBbdTYImpB47TDsJx73MZKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/mevJRdOZ166MQUr_uRI7fI7Kruk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/8132f0-702e-4044-b6d6-ca8cf6acfaeb/1/M7n5GBbdTYImpB47TDsJx73MZKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.200.0/22
87.238.184.0/21
91.212.106.0/24
91.214.127.0/24
185.26.200.0/22
IPv6:
2a02:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:a8:c8:74:f5:d3:d8:2c:b4:45:bb:61:dc:f3:fd:d4:0c:67:
3d:c4:42:22:20:91:0a:3b:a7:1a:4a:10:96:e6:30:28:16:11:
58:84:37:f5:f5:a7:2f:e0:8c:1a:29:85:09:bc:6f:ee:1f:bf:
fb:78:5c:68:ca:4f:e7:91:93:ce:90:6a:6d:7c:37:59:87:50:
ef:f7:65:4e:7e:15:36:db:a8:9e:d2:9d:11:76:06:f0:40:21:
8a:45:e8:ed:5d:ef:91:a8:d5:ed:9d:f3:2d:64:ef:10:27:e4:
24:02:b4:8d:34:fe:7e:b5:6b:47:a6:39:77:e3:96:12:1e:71:
aa:49:56:bf:23:4a:80:a4:7a:fb:c2:2e:9b:d8:32:ab:9a:f8:
78:5e:58:87:8d:39:93:51:d8:a6:9c:aa:22:1c:2e:ec:b8:07:
06:b9:b6:c8:d9:e1:7e:42:6a:da:a9:cb:cb:09:0e:7e:8d:81:
39:e4:65:1a:d4:d0:76:2b:78:d2:a3:31:f9:38:41:f4:df:a7:
43:a4:32:1d:82:bd:c4:db:55:1b:5e:f5:2b:20:73:97:10:b5:
aa:53:92:10:36:88:c2:ff:71:77:53:60:ec:ae:20:a9:5b:75:
d6:95:34:b8:69:f6:08:b8:d1:59:e6:8a:47:d5:e0:76:00:c7:
3d:77:07:a1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzF2+DwcxVeqi5WCOJH1cmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjlmOTE4MTZkZDRkODIyNmE0MWUzYjRjM2IwOWM3YmRj
YzY0YTkwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWViYzk0NWQzOTlkN2FlOGM0MTRhZmZiOTEyM2I3YzhlY2FhZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwya+JlDotuuMlPdJnjtFFUz0JOe
AEDg3tPPt0KZir6usiLOH8RBS+UtbImNOkVfl/TUAARKm0XSW9ua1WogEwKWNQ7K
eiTHEtPDTxJfWi81ABindE/gurJ2U2V8DZwhHsHFPAZuS9D9yGCVkOSLRu4RVBVR
NecUfMTBQ177/htEtv+d5w+AaZtD8l+4ykGrj3/VhM/XP3oivIxqT84Pkj6LafGR
v32yCosxupYN1jM0qTyilRzcZBVJRogImBIvTnqUfEoD9361Ovqop0xRv5CjkEn4
UI/GPtKEYz5/bAoe5HIF9uCT++sfYgiryCXQW1UpEJ3CirvqUhSICq9oVwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJnryUXTmdeujEFK/7kSO3yOyq7pMB8GA1UdIwQY
MBaAFDO5+RgW3U2CJqQeO0w7Cce9zGSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTduNUdCYmRUWUltcEI0N1REc0p4NzNNWktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi84MTMyZjAtNzAyZS00MDQ0LWI2ZDYt
Y2E4Y2Y2YWNmYWViLzEvbWV2SlJkT1oxNjZNUVVyX3VSSTdmSTdLcnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi84MTMyZjAtNzAyZS00MDQ0LWI2ZDYtY2E4Y2Y2YWNmYWVi
LzEvTTduNUdCYmRUWUltcEI0N1REc0p4NzNNWktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCTh/IAwQD
V+64AwQAW9RqAwQAW9Z/AwQCuRrIMA0EAgACMAcDBQAqAgjAMA0GCSqGSIb3DQEB
CwUAA4IBAQCvqMh09dPYLLRFu2Hc8/3UDGc9xEIiIJEKO6caShCW5jAoFhFYhDf1
9acv4IwaKYUJvG/uH7/7eFxoyk/nkZPOkGptfDdZh1Dv92VOfhU226ie0p0Rdgbw
QCGKRejtXe+RqNXtnfMtZO8QJ+QkArSNNP5+tWtHpjl345YSHnGqSVa/I0qApHr7
wi6b2DKrmvh4XliHjTmTUdimnKoiHC7suAcGubbI2eF+QmraqcvLCQ5+jYE55GUa
1NB2K3jSozH5OEH036dDpDIdgr3E21UbXvUrIHOXELWqU5IQNojC/3F3U2DsriCp
W3XWlTS4afYIuNFZ5opH1eB2AMc9dweh
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:48:57 2024 by rpki-client on console-fra.rpki-client.org