Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/MJeoFmAHxt-xVdrkai6TIbkkFo4.roa
File: MJeoFmAHxt-xVdrkai6TIbkkFo4.roa (raw, json)
Hash identifier: 5e57/QYYp//l7mCBkKiStu937+65o07HfVO+VyBFqhc=
Subject key identifier: 30:97:A8:16:60:07:C6:DF:B1:55:DA:E4:6A:2E:93:21:B9:24:16:8E
Certificate issuer: /CN=c32cc7a964f4f370929291e19fff7de53f19be44
Certificate serial: 018CC49397AA06C8F36937DFFA508D0DBD13
Authority key identifier: C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/MJeoFmAHxt-xVdrkai6TIbkkFo4.roa
Signing time: Mon 01 Jan 2024 10:30:56 +0000
ROA not before: Mon 01 Jan 2024 10:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48037
IP address blocks: 193.177.248.0/21 maxlen: 24
193.176.225.0/24 maxlen: 24
193.176.224.0/24 maxlen: 24
193.176.223.0/24 maxlen: 24
193.176.222.0/24 maxlen: 24
193.176.226.0/24 maxlen: 24
193.176.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:97:aa:06:c8:f3:69:37:df:fa:50:8d:0d:bd:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c32cc7a964f4f370929291e19fff7de53f19be44
Validity
Not Before: Jan 1 10:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3097a8166007c6dfb155dae46a2e9321b924168e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:4b:3d:80:32:04:6b:14:da:0b:0c:8e:dc:
fb:30:4b:11:23:14:5f:15:9d:ac:2f:b6:49:63:fb:
06:d7:86:0d:53:d3:dc:b8:70:87:0e:c0:44:5f:dd:
52:b0:08:09:ed:58:3e:26:e1:8a:f6:7d:c5:8c:1b:
ed:b5:85:84:1d:49:86:87:a6:26:78:86:d7:7e:79:
cb:fe:1e:90:ca:de:7e:1a:92:d0:d6:36:10:c8:3a:
d5:ce:bc:04:00:15:71:4b:f8:3e:da:da:05:38:a1:
3a:26:8e:22:af:c9:8a:19:9e:3a:98:26:f5:f2:9d:
7f:f0:a6:80:db:61:b2:09:25:2c:e9:29:3d:2c:96:
63:9c:99:9c:80:5d:28:5f:82:d6:0b:65:9f:35:e5:
6f:d5:76:61:22:5e:a2:54:ab:56:f3:31:5d:8c:32:
8f:47:b6:87:10:21:44:2c:7f:53:69:22:65:10:3e:
3d:55:b3:67:82:75:25:77:65:7c:5a:8f:48:29:2f:
f4:3e:d5:97:0a:93:cc:c9:1c:ff:26:50:1d:9d:1b:
03:ab:cb:18:ee:98:5a:2c:1e:b9:e5:ff:89:d5:aa:
5a:b9:48:cb:be:0f:61:bb:40:ca:f4:99:e8:be:94:
21:09:5a:12:67:c7:90:3e:86:7b:43:1f:08:ed:75:
34:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:97:A8:16:60:07:C6:DF:B1:55:DA:E4:6A:2E:93:21:B9:24:16:8E
X509v3 Authority Key Identifier:
keyid:C3:2C:C7:A9:64:F4:F3:70:92:92:91:E1:9F:FF:7D:E5:3F:19:BE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wyzHqWT083CSkpHhn_995T8ZvkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/MJeoFmAHxt-xVdrkai6TIbkkFo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c762-d79e-46dc-af19-d7f78ac20707/1/wyzHqWT083CSkpHhn_995T8ZvkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.222.0-193.176.226.255
193.176.234.0/24
193.177.248.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:71:7c:d2:9b:d3:5f:02:13:d8:20:72:09:ba:e6:19:97:52:
24:94:40:b2:d4:f3:9a:38:6c:ad:34:0a:59:6c:77:e0:bd:d7:
7f:73:7d:0e:3b:ea:8c:79:2b:80:21:a5:98:b5:2a:be:b2:20:
de:6b:01:c0:42:5a:19:71:09:6b:91:e7:88:6d:2f:07:80:75:
46:be:b1:84:b6:3e:b9:b7:44:0e:52:81:0f:b5:2b:9e:7a:f4:
47:65:61:10:46:63:5c:b5:96:6a:5e:1c:6c:80:9b:d5:b3:40:
fc:4c:13:99:4c:78:3b:a3:8e:d8:90:11:4b:c7:6c:28:56:ce:
53:bd:ca:e2:8d:df:d3:23:d0:ba:79:4a:3d:d0:32:0c:95:96:
86:b9:c7:cd:86:b2:6a:cf:0d:bc:75:ea:bf:50:d3:10:ce:a7:
80:a2:af:8d:3d:fd:d9:f8:bd:b2:e6:12:25:be:fa:a5:ff:29:
8b:42:c8:0a:cc:0f:a4:ac:df:3c:d5:f8:f0:b7:5f:15:72:00:
dc:70:40:01:d9:40:1e:04:0d:42:44:63:0b:5b:bb:d8:4c:0f:
e9:fa:df:69:f8:ac:6f:73:9f:4c:92:ed:d6:cf:e3:b4:3a:da:
d2:cf:b8:28:7f:31:b7:51:06:fe:41:ed:fd:71:8b:c3:8a:89:
5b:18:e8:93
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEk5eqBsjzaTff+lCNDb0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmNjN2E5NjRmNGYzNzA5MjkyOTFlMTlmZmY3ZGU1M2Yx
OWJlNDQwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk3YTgxNjYwMDdjNmRmYjE1NWRhZTQ2YTJlOTMyMWI5MjQxNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukhLPYAyBGsU2gsMjtz7MEsRIxRf
FZ2sL7ZJY/sG14YNU9PcuHCHDsBEX91SsAgJ7Vg+JuGK9n3FjBvttYWEHUmGh6Ym
eIbXfnnL/h6Qyt5+GpLQ1jYQyDrVzrwEABVxS/g+2toFOKE6Jo4ir8mKGZ46mCb1
8p1/8KaA22GyCSUs6Sk9LJZjnJmcgF0oX4LWC2WfNeVv1XZhIl6iVKtW8zFdjDKP
R7aHECFELH9TaSJlED49VbNngnUld2V8Wo9IKS/0PtWXCpPMyRz/JlAdnRsDq8sY
7phaLB655f+J1apauUjLvg9hu0DK9JnovpQhCVoSZ8eQPoZ7Qx8I7XU0lwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDCXqBZgB8bfsVXa5GoukyG5JBaOMB8GA1UdIwQY
MBaAFMMsx6lk9PNwkpKR4Z//feU/Gb5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3l6SHFXVDA4M0NTa3BIaG5fOTk1VDhadmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M3NjItZDc5ZS00NmRjLWFmMTkt
ZDdmNzhhYzIwNzA3LzEvTUplb0ZtQUh4dC14VmRya2FpNlRJYmtrRm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M3NjItZDc5ZS00NmRjLWFmMTktZDdmNzhhYzIwNzA3
LzEvd3l6SHFXVDA4M0NTa3BIaG5fOTk1VDhadmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAHBsN4D
BADBsOIDBADBsOoDBAPBsfgwDQYJKoZIhvcNAQELBQADggEBAI9xfNKb018CE9gg
cgm65hmXUiSUQLLU85o4bK00Cllsd+C9139zfQ476ox5K4AhpZi1Kr6yIN5rAcBC
WhlxCWuR54htLweAdUa+sYS2Prm3RA5SgQ+1K5569EdlYRBGY1y1lmpeHGyAm9Wz
QPxME5lMeDujjtiQEUvHbChWzlO9yuKN39Mj0Lp5Sj3QMgyVloa5x82GsmrPDbx1
6r9Q0xDOp4Cir409/dn4vbLmEiW++qX/KYtCyArMD6Ss3zzV+PC3XxVyANxwQAHZ
QB4EDUJEYwtbu9hMD+n632n4rG9zn0yS7dbP47Q62tLPuCh/MbdRBv5B7f1xi8OK
iVsY6JM=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:59:53 2024 by rpki-client on console-fra.rpki-client.org