Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/MvcaI2N4EfqX08jotML1wB0d3WU.roa
File: MvcaI2N4EfqX08jotML1wB0d3WU.roa (raw, json)
Hash identifier: CNaclhHpjIWC9BIT4Mt9m+qzjWIUFxa4/xhT4My+IDE=
Subject key identifier: 32:F7:1A:23:63:78:11:FA:97:D3:C8:E8:B4:C2:F5:C0:1D:1D:DD:65
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 018CC5001DD306355A80B94925B5E00E7A9F
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/MvcaI2N4EfqX08jotML1wB0d3WU.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 217.116.112.0/20 maxlen: 24
212.9.32.0/19 maxlen: 24
217.10.64.0/20 maxlen: 24
82.116.96.0/19 maxlen: 24
95.174.128.0/19 maxlen: 24
2001:ab0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1d:d3:06:35:5a:80:b9:49:25:b5:e0:0e:7a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f71a23637811fa97d3c8e8b4c2f5c01d1ddd65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f3:2b:aa:24:b2:f3:21:80:4c:d4:b2:ca:df:
d9:54:e2:80:f6:05:10:28:23:94:9d:ce:d3:d3:68:
58:d8:bd:d9:0d:bd:2d:9c:d5:a8:5d:c1:1a:aa:81:
9c:eb:44:9e:5b:83:5f:49:0d:fb:00:99:ee:93:be:
6b:ef:c2:8e:14:9f:d9:7f:43:11:cd:36:21:eb:2d:
c4:84:b9:d3:86:ed:8a:9d:60:3f:12:25:0a:31:df:
7b:75:4a:7c:14:dc:32:43:c7:35:01:73:77:99:68:
3e:de:e6:ff:0e:ac:24:17:cc:4d:66:bf:1a:a6:62:
34:a2:bb:65:6f:2e:70:0d:26:bf:79:53:49:0a:9c:
2e:36:3c:e5:91:88:ba:a9:82:2d:d9:a9:d3:d1:31:
51:17:0e:d6:0e:f8:25:6b:46:0c:b8:20:2e:ce:1a:
91:19:ce:5d:03:30:12:28:cf:dc:56:41:34:ee:19:
2a:20:d9:da:3f:a6:14:b1:ea:70:a1:da:d4:86:ea:
40:6a:db:6c:4d:a7:79:c7:6f:f4:eb:58:d6:61:bd:
e5:59:49:8a:dd:82:23:cd:b1:c0:a2:d8:11:f4:82:
8a:8b:89:a6:47:ec:16:90:28:97:0a:0e:a5:98:cd:
c7:48:23:bc:e1:49:11:1d:47:40:b0:84:08:37:a2:
fe:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F7:1A:23:63:78:11:FA:97:D3:C8:E8:B4:C2:F5:C0:1D:1D:DD:65
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/MvcaI2N4EfqX08jotML1wB0d3WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:99:70:bd:f0:92:90:44:b5:dd:cf:e1:5e:32:8c:94:cd:d2:
c4:ad:a1:95:e3:df:ed:ca:12:bf:d4:6e:c4:5f:46:04:3f:e2:
78:70:91:f9:74:97:a8:3a:34:72:a8:f1:e1:2e:f6:74:f8:24:
1c:73:40:d6:27:f7:65:d0:b2:2f:55:92:14:22:be:b8:54:c1:
90:83:b6:2d:08:e1:05:96:49:b8:b4:bd:2a:1a:2c:25:61:aa:
79:8e:07:d6:72:09:e3:e9:0f:a1:1e:18:56:53:c7:96:f0:73:
db:19:82:1f:43:74:cb:6a:68:83:3a:d9:2d:a6:32:88:19:4d:
37:a7:9f:69:43:82:7f:66:26:b8:1f:94:6c:c6:6b:ba:96:92:
92:81:33:35:08:47:42:96:90:1e:ad:e8:c2:49:0c:a4:5d:d4:
5a:43:23:37:73:81:ad:4b:4c:24:c6:97:b3:70:1c:47:c3:32:
b9:28:02:bc:56:5f:74:11:6c:e8:4d:19:27:68:fa:3f:f6:20:
a5:98:0f:ef:59:84:f7:c2:14:9d:96:6f:e2:5d:87:1f:39:a8:
f6:79:6b:83:62:08:13:cc:ab:e3:03:44:65:dc:5d:5d:2e:71:
b0:40:04:3d:a2:76:3d:6b:81:5b:19:05:ac:c4:71:18:03:fb:
0e:18:ff:b3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFAB3TBjVagLlJJbXgDnqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY3MWEyMzYzNzgxMWZhOTdkM2M4ZThiNGMyZjVjMDFkMWRkZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfMrqiSy8yGATNSyyt/ZVOKA9gUQ
KCOUnc7T02hY2L3ZDb0tnNWoXcEaqoGc60SeW4NfSQ37AJnuk75r78KOFJ/Zf0MR
zTYh6y3EhLnThu2KnWA/EiUKMd97dUp8FNwyQ8c1AXN3mWg+3ub/DqwkF8xNZr8a
pmI0ortlby5wDSa/eVNJCpwuNjzlkYi6qYIt2anT0TFRFw7WDvgla0YMuCAuzhqR
Gc5dAzASKM/cVkE07hkqINnaP6YUsepwodrUhupAattsTad5x2/061jWYb3lWUmK
3YIjzbHAotgR9IKKi4mmR+wWkCiXCg6lmM3HSCO84UkRHUdAsIQIN6L+8wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDL3GiNjeBH6l9PI6LTC9cAdHd1lMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvTXZjYUkyTjRFZnFYMDhqb3RNTDF3QjBkM1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQAtmXC98JKQRLXdz+FeMoyUzdLEraGV49/tyhK/1G7EX0YEP+J4cJH5
dJeoOjRyqPHhLvZ0+CQcc0DWJ/dl0LIvVZIUIr64VMGQg7YtCOEFlkm4tL0qGiwl
Yap5jgfWcgnj6Q+hHhhWU8eW8HPbGYIfQ3TLamiDOtktpjKIGU03p59pQ4J/Zia4
H5Rsxmu6lpKSgTM1CEdClpAerejCSQykXdRaQyM3c4GtS0wkxpezcBxHwzK5KAK8
Vl90EWzoTRknaPo/9iClmA/vWYT3whSdlm/iXYcfOaj2eWuDYggTzKvjA0Rl3F1d
LnGwQAQ9onY9a4FbGQWsxHEYA/sOGP+z
-----END CERTIFICATE-----
Generated at Sun May 19 08:34:41 2024 by rpki-client on console-ams.rpki-client.org