Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MFF504OnLYWQBtDhwcNiyROCiqw.roa
File: MFF504OnLYWQBtDhwcNiyROCiqw.roa (raw, json)
Hash identifier: EI+FvA8EMtD0wbVav3OQXVQo8iwhkIgNkqHcg40sHdw=
Subject key identifier: 30:51:79:D3:83:A7:2D:85:90:06:D0:E1:C1:C3:62:C9:13:82:8A:AC
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018CC6B7FBBFE2CF5F526BEA2A09872A017A
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MFF504OnLYWQBtDhwcNiyROCiqw.roa
Signing time: Mon 01 Jan 2024 20:29:55 +0000
ROA not before: Mon 01 Jan 2024 20:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.100.0/22 maxlen: 24
103.82.0.0/22 maxlen: 24
185.42.16.0/22 maxlen: 24
125.62.72.0/22 maxlen: 24
185.17.172.0/22 maxlen: 24
185.222.112.0/22 maxlen: 24
2a03:ec40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 08:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:fb:bf:e2:cf:5f:52:6b:ea:2a:09:87:2a:01:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 1 20:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=305179d383a72d859006d0e1c1c362c913828aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a9:ed:c7:12:8a:4e:8f:e2:0c:3b:9a:9e:d9:
32:cd:06:d9:a6:a9:ff:61:6e:e3:35:7e:3f:b2:8f:
42:33:65:96:1f:45:d5:1e:47:ae:74:01:85:ef:5e:
1b:ac:cc:6c:b0:87:6f:06:6e:df:3f:dd:ce:3e:8f:
d9:87:ba:2f:40:78:26:51:bc:b3:3c:ec:3e:dd:58:
28:c5:d6:55:b4:3f:12:55:28:bf:38:1e:42:ae:cc:
bb:9a:7a:7c:25:ae:0f:c2:7b:34:87:a7:06:a6:c5:
1f:f6:97:72:e7:d6:aa:b9:e6:4e:04:f2:80:d7:21:
e7:33:36:11:46:1d:7d:3f:30:ee:cf:6f:b6:e6:02:
e2:99:fb:cc:fa:d0:a8:b1:6d:a5:1a:c1:05:05:bf:
9f:de:2a:0d:0b:48:28:1a:cb:ad:b7:38:ed:22:91:
e8:89:8a:56:40:12:74:68:33:55:23:4b:58:76:91:
bf:c7:25:13:d4:77:20:5a:44:8f:cd:1c:c1:5c:b1:
29:83:4a:76:0a:d8:02:eb:6a:49:0a:fc:7b:f5:b7:
66:45:1d:d6:09:e1:6a:88:78:df:c2:90:b4:29:2f:
93:e7:2e:25:93:2c:a7:d9:be:dd:bb:81:3b:38:fb:
f8:ff:22:ee:c7:2f:cf:91:c2:02:af:78:b0:16:ab:
03:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:51:79:D3:83:A7:2D:85:90:06:D0:E1:C1:C3:62:C9:13:82:8A:AC
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MFF504OnLYWQBtDhwcNiyROCiqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/22
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
09:7c:0b:71:66:99:cb:d2:7c:0c:f2:20:27:1e:2f:32:0b:91:
84:02:e0:15:5b:1e:1e:f3:fc:2a:96:a9:04:6a:0d:7e:d1:49:
9c:26:90:7b:94:9e:7f:2b:b1:74:62:ef:b8:d2:3a:fa:7d:aa:
87:26:be:2f:4f:1f:29:41:8d:e5:7c:d4:ef:02:46:bf:11:37:
aa:77:70:e8:db:b1:54:7f:28:29:00:33:eb:b7:27:20:e7:04:
da:02:39:04:77:a3:85:7e:5c:41:3d:b8:da:33:ab:fc:ff:65:
3e:7b:e6:c4:7e:b2:a0:88:3f:68:df:70:db:8b:ae:6d:56:65:
85:c9:3e:a1:b5:f3:e3:11:48:5d:be:74:15:f9:57:33:26:9b:
0c:fa:04:82:dc:ef:3b:24:fc:91:95:f8:51:02:98:23:6c:f5:
b9:47:1d:b8:8a:a2:bd:9c:70:1f:29:f5:cd:ae:0f:f6:71:92:
1d:e7:bb:51:ca:32:ed:da:40:48:2a:50:9d:21:a6:95:de:b5:
1e:d6:8d:15:02:84:57:2b:81:70:8a:f6:3c:b2:e8:5d:3e:12:
b0:dc:9f:37:61:a8:d2:27:3a:c5:77:fa:4c:5b:be:a1:a9:09:
ab:36:29:53:85:7e:c9:5c:a1:5f:df:82:84:30:6c:7a:62:b8:
c9:21:74:55
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGt/u/4s9fUmvqKgmHKgF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMTAxMjAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUxNzlkMzgzYTcyZDg1OTAwNmQwZTFjMWMzNjJjOTEzODI4YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqntxxKKTo/iDDuantkyzQbZpqn/
YW7jNX4/so9CM2WWH0XVHkeudAGF714brMxssIdvBm7fP93OPo/Zh7ovQHgmUbyz
POw+3VgoxdZVtD8SVSi/OB5Crsy7mnp8Ja4Pwns0h6cGpsUf9pdy59aqueZOBPKA
1yHnMzYRRh19PzDuz2+25gLimfvM+tCosW2lGsEFBb+f3ioNC0goGsuttzjtIpHo
iYpWQBJ0aDNVI0tYdpG/xyUT1HcgWkSPzRzBXLEpg0p2CtgC62pJCvx79bdmRR3W
CeFqiHjfwpC0KS+T5y4lkyyn2b7du4E7OPv4/yLuxy/PkcICr3iwFqsDMQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDBRedODpy2FkAbQ4cHDYskTgoqsMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvTUZGNTA0T25MWVdRQnREaHdjTml5Uk9DaXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW9JkAwQC
Z1IAAwQCfT5IAwQCuRGsAwQCuSoQAwQCud5wMA0EAgACMAcDBQMqA+xAMA0GCSqG
SIb3DQEBCwUAA4IBAQAJfAtxZpnL0nwM8iAnHi8yC5GEAuAVWx4e8/wqlqkEag1+
0UmcJpB7lJ5/K7F0Yu+40jr6faqHJr4vTx8pQY3lfNTvAka/ETeqd3Do27FUfygp
ADPrtycg5wTaAjkEd6OFflxBPbjaM6v8/2U+e+bEfrKgiD9o33Dbi65tVmWFyT6h
tfPjEUhdvnQV+VczJpsM+gSC3O87JPyRlfhRApgjbPW5Rx24iqK9nHAfKfXNrg/2
cZId57tRyjLt2kBIKlCdIaaV3rUe1o0VAoRXK4FwivY8suhdPhKw3J83YajSJzrF
d/pMW76hqQmrNilThX7JXKFf34KEMGx6YrjJIXRV
-----END CERTIFICATE-----
Generated at Tue May 7 16:45:49 2024 by rpki-client on console-fra.rpki-client.org