Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/MwEt7Mk8bRaeUqGg711FfPJuumA.roa
File: MwEt7Mk8bRaeUqGg711FfPJuumA.roa (raw, json)
Hash identifier: QNuDZqBymeM1l34bxhe+enaiVfiUKVm7wIx8201bbXQ=
Subject key identifier: 33:01:2D:EC:C9:3C:6D:16:9E:52:A1:A0:EF:5D:45:7C:F2:6E:BA:60
Certificate issuer: /CN=b1e526405d45174247994feedb2d7e5dd40793dd
Certificate serial: 018CC4939453F83BDE31F610FDB42D702D6E
Authority key identifier: B1:E5:26:40:5D:45:17:42:47:99:4F:EE:DB:2D:7E:5D:D4:07:93:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/seUmQF1FF0JHmU_u2y1-XdQHk90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/MwEt7Mk8bRaeUqGg711FfPJuumA.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208574
IP address blocks: 147.78.40.0/22 maxlen: 24
2a09:1cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/seUmQF1FF0JHmU_u2y1-XdQHk90.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/seUmQF1FF0JHmU_u2y1-XdQHk90.mft
rsync://rpki.ripe.net/repository/DEFAULT/seUmQF1FF0JHmU_u2y1-XdQHk90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:94:53:f8:3b:de:31:f6:10:fd:b4:2d:70:2d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1e526405d45174247994feedb2d7e5dd40793dd
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33012decc93c6d169e52a1a0ef5d457cf26eba60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5c:ac:af:53:ff:04:1d:b5:06:b7:31:bf:23:
f2:ba:cb:b8:56:2f:74:ac:39:b5:b3:82:9a:57:e9:
fe:73:76:67:64:c7:00:48:d3:28:91:9d:97:29:64:
69:cd:54:5a:94:0b:9f:6b:e4:d7:80:b8:10:a4:7f:
77:98:6e:9f:a4:b3:60:82:ef:db:46:2a:d1:24:13:
cb:94:17:54:dc:6d:a4:15:aa:7a:8e:0a:36:10:fe:
7f:fb:8f:5e:88:71:fa:8a:3f:6e:f1:50:2a:90:0e:
92:02:08:8c:17:fc:70:92:34:11:b2:54:32:dd:a1:
d1:f7:ae:5b:dc:f0:f4:b6:cd:57:8e:59:11:f6:6a:
b6:cd:50:02:a4:86:23:6d:d9:60:ba:79:64:d7:d5:
ff:d0:00:c8:a2:cf:c5:67:e1:c0:d1:8b:85:2e:78:
bf:52:66:dd:d0:21:da:0e:27:12:be:9b:15:3f:44:
88:b9:5e:7d:26:9f:99:c7:39:b6:21:94:03:c4:c3:
ab:d4:2b:41:2d:35:33:2b:14:82:58:a5:8c:e2:d7:
79:0f:99:fb:44:9d:6a:d3:24:fc:01:65:69:6e:75:
80:03:e0:83:48:07:d0:a6:2c:83:0f:6c:f9:85:b4:
64:00:32:b3:8b:c0:59:38:7c:78:ec:cb:8c:19:72:
cf:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:01:2D:EC:C9:3C:6D:16:9E:52:A1:A0:EF:5D:45:7C:F2:6E:BA:60
X509v3 Authority Key Identifier:
keyid:B1:E5:26:40:5D:45:17:42:47:99:4F:EE:DB:2D:7E:5D:D4:07:93:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/seUmQF1FF0JHmU_u2y1-XdQHk90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/MwEt7Mk8bRaeUqGg711FfPJuumA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/38b4de-68c4-4df8-9e0c-40ee5646c747/1/seUmQF1FF0JHmU_u2y1-XdQHk90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.40.0/22
IPv6:
2a09:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
33:26:ef:91:54:83:06:8a:ec:2b:cb:64:dd:23:e0:6f:7a:08:
37:10:e4:58:c4:94:8c:80:ed:1c:7c:0c:66:38:a6:4c:c4:74:
35:3a:eb:21:b8:c9:59:a7:1d:5c:37:74:14:d6:6b:69:69:f5:
ba:49:dd:2f:86:de:cb:3c:63:31:82:3b:3b:4a:df:db:4f:ba:
cc:40:b1:6d:c3:64:c0:35:da:88:9e:74:9f:ec:16:ba:e8:4b:
67:d7:aa:e9:48:c3:53:8e:48:dd:5e:72:19:11:6f:45:e6:f2:
8c:e9:7e:ca:f8:fd:05:fa:3a:87:ba:b9:f6:ab:cc:48:ad:0a:
11:b6:f7:52:4e:1d:9f:42:2d:35:9f:28:83:c7:a9:cd:1a:54:
7a:f4:49:53:d9:67:dd:09:b9:80:e2:97:50:63:2c:35:88:c4:
bf:7e:ec:6a:15:a8:89:7d:4d:7c:ef:93:68:dd:14:23:ad:c8:
12:94:23:b8:fa:5e:0c:04:7c:6a:84:51:49:b0:8f:55:52:dd:
da:75:8a:14:6a:4e:39:cb:83:15:bc:21:33:92:8f:3c:8c:a2:
19:84:d5:51:89:25:8a:f3:bb:33:be:30:a8:2e:be:cc:be:ea:
36:a4:d8:c2:52:64:ea:f8:07:08:bd:c3:f9:b7:0e:28:c2:15:
d1:20:3f:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk5RT+DveMfYQ/bQtcC1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZTUyNjQwNWQ0NTE3NDI0Nzk5NGZlZWRiMmQ3ZTVkZDQw
NzkzZGQwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAxMmRlY2M5M2M2ZDE2OWU1MmExYTBlZjVkNDU3Y2YyNmViYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1ysr1P/BB21BrcxvyPyusu4Vi90
rDm1s4KaV+n+c3ZnZMcASNMokZ2XKWRpzVRalAufa+TXgLgQpH93mG6fpLNggu/b
RirRJBPLlBdU3G2kFap6jgo2EP5/+49eiHH6ij9u8VAqkA6SAgiMF/xwkjQRslQy
3aHR965b3PD0ts1XjlkR9mq2zVACpIYjbdlgunlk19X/0ADIos/FZ+HA0YuFLni/
Umbd0CHaDicSvpsVP0SIuV59Jp+Zxzm2IZQDxMOr1CtBLTUzKxSCWKWM4td5D5n7
RJ1q0yT8AWVpbnWAA+CDSAfQpiyDD2z5hbRkADKzi8BZOHx47MuMGXLPjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDMBLezJPG0WnlKhoO9dRXzybrpgMB8GA1UdIwQY
MBaAFLHlJkBdRRdCR5lP7tstfl3UB5PdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VVbVFGMUZGMEpIbVVfdTJ5MS1YZFFIazkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zOGI0ZGUtNjhjNC00ZGY4LTllMGMt
NDBlZTU2NDZjNzQ3LzEvTXdFdDdNazhiUmFlVXFHZzcxMUZmUEp1dW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zOGI0ZGUtNjhjNC00ZGY4LTllMGMtNDBlZTU2NDZjNzQ3
LzEvc2VVbVFGMUZGMEpIbVVfdTJ5MS1YZFFIazkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk04oMA0E
AgACMAcDBQMqCRzAMA0GCSqGSIb3DQEBCwUAA4IBAQAzJu+RVIMGiuwry2TdI+Bv
egg3EORYxJSMgO0cfAxmOKZMxHQ1OushuMlZpx1cN3QU1mtpafW6Sd0vht7LPGMx
gjs7St/bT7rMQLFtw2TANdqInnSf7Ba66Etn16rpSMNTjkjdXnIZEW9F5vKM6X7K
+P0F+jqHurn2q8xIrQoRtvdSTh2fQi01nyiDx6nNGlR69ElT2WfdCbmA4pdQYyw1
iMS/fuxqFaiJfU1875No3RQjrcgSlCO4+l4MBHxqhFFJsI9VUt3adYoUak45y4MV
vCEzko88jKIZhNVRiSWK87szvjCoLr7Mvuo2pNjCUmTq+AcIvcP5tw4owhXRID9n
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:59:14 2024 by rpki-client on console-fra.rpki-client.org