Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa
File: vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa (raw, json)
Hash identifier: tlSSwqX2fPXw57WEfOc5TatbS+c7K+g3B4K1GoJ0Om4=
Subject key identifier: BE:61:C1:C0:ED:25:2C:2B:BF:41:DC:28:2C:17:33:E5:5D:72:1C:99
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 018CF3E94840512BC8A311EE53D48FC670C1
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa
Signing time: Wed 10 Jan 2024 15:06:40 +0000
ROA not before: Wed 10 Jan 2024 15:06:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203596
IP address blocks: 185.122.100.0/22 maxlen: 24
185.14.178.0/24 maxlen: 24
185.14.176.0/24 maxlen: 24
91.213.223.0/24 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a402::/32 maxlen: 32
2a06:a400:20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 16:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:e9:48:40:51:2b:c8:a3:11:ee:53:d4:8f:c6:70:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 10 15:06:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be61c1c0ed252c2bbf41dc282c1733e55d721c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:b8:a0:60:6c:5e:59:58:4a:ff:61:0f:9d:
d6:e5:af:69:87:df:19:dd:3c:04:92:19:64:ea:5f:
7a:57:fa:22:a1:bb:4d:6a:f9:a1:83:3b:e8:99:5d:
09:51:19:e5:22:95:ca:98:84:49:44:f6:5d:66:38:
9d:e8:62:cd:9a:7d:0b:b6:21:3b:42:74:d8:68:72:
3b:a5:dc:36:d8:ad:83:b9:3a:69:fe:61:83:cf:1a:
93:e2:80:43:be:73:e3:93:90:dc:b7:ba:ed:fe:29:
6c:74:d9:d2:11:1f:f2:b4:14:2d:ef:85:b6:2e:05:
06:44:46:a5:49:20:30:7e:cc:c2:0d:4e:99:3e:7b:
3f:1c:cf:77:fe:92:1e:11:f3:81:38:bd:be:7f:58:
86:46:35:4a:a5:a0:26:b1:f6:18:2b:fa:f3:ab:4f:
70:20:34:11:36:61:ff:ee:8f:1e:1b:c4:10:bf:75:
5d:8b:33:99:84:20:9e:ef:db:b4:89:8a:76:db:63:
95:36:ab:ce:d5:c6:52:78:7a:7a:da:91:a7:32:81:
a0:b6:be:7d:fc:f7:69:f8:a7:d3:65:37:dc:8e:e4:
6c:af:1e:a0:9c:61:77:e8:96:0f:07:c6:a1:96:c2:
9c:98:ae:58:11:d5:78:7c:93:d9:e2:49:7d:6a:3c:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:61:C1:C0:ED:25:2C:2B:BF:41:DC:28:2C:17:33:E5:5D:72:1C:99
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
185.14.176.0/24
185.14.178.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
62:fa:17:42:d7:47:1e:c9:bc:70:f6:e3:c6:f4:cc:00:f7:bd:
94:ed:9e:80:70:4c:2c:33:bd:1a:e9:cc:85:80:f5:5f:be:cb:
e2:85:93:7c:f8:64:ae:a5:1d:3c:8c:78:1c:07:ac:e4:35:b4:
41:b2:16:02:5b:7a:1a:6b:2b:c1:4e:5f:5d:13:4a:09:0e:c9:
85:e5:b8:15:a9:3e:8a:a6:42:b4:0c:a0:5b:55:34:39:55:1c:
34:80:ee:7b:2f:3b:15:55:33:a3:14:ec:48:56:d2:2a:56:0a:
e9:9b:5d:c4:c2:50:38:c6:a3:0b:29:d8:b8:d8:b6:5f:75:0f:
47:e4:bf:c1:9a:fb:08:cc:8c:89:ad:c1:4b:ab:f6:1b:cb:b0:
f8:1a:6b:84:5b:e1:23:9c:13:69:9f:1d:bf:93:2c:d6:19:d0:
e6:23:4c:3c:cb:0a:ba:88:e6:5b:20:b2:ed:cc:3c:29:62:40:
cd:ba:de:81:6f:8a:8f:a2:56:88:e4:ac:31:0f:1f:7f:bd:d4:
02:03:99:92:45:4e:8a:b5:82:3b:7d:e3:fe:04:b0:05:f6:74:
1a:90:04:29:e6:82:bd:40:bc:d4:da:5d:cc:b1:24:a2:5a:c7:
c4:ee:bf:05:d3:0f:bc:28:c6:b9:37:95:bc:08:1c:4d:b3:8b:
19:8f:b6:20
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzz6UhAUSvIoxHuU9SPxnDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjQwMTEwMTUwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYxYzFjMGVkMjUyYzJiYmY0MWRjMjgyYzE3MzNlNTVkNzIxYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+4oGBsXllYSv9hD53W5a9ph98Z
3TwEkhlk6l96V/oiobtNavmhgzvomV0JURnlIpXKmIRJRPZdZjid6GLNmn0LtiE7
QnTYaHI7pdw22K2DuTpp/mGDzxqT4oBDvnPjk5Dct7rt/ilsdNnSER/ytBQt74W2
LgUGREalSSAwfszCDU6ZPns/HM93/pIeEfOBOL2+f1iGRjVKpaAmsfYYK/rzq09w
IDQRNmH/7o8eG8QQv3VdizOZhCCe79u0iYp222OVNqvO1cZSeHp62pGnMoGgtr59
/Pdp+KfTZTfcjuRsrx6gnGF36JYPB8ahlsKcmK5YEdV4fJPZ4kl9ajz16QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL5hwcDtJSwrv0HcKCwXM+VdchyZMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvdm1IQndPMGxMQ3VfUWR3b0xCY3o1VjF5SEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9XfAwQA
uQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqGSIb3DQEB
CwUAA4IBAQBi+hdC10ceybxw9uPG9MwA972U7Z6AcEwsM70a6cyFgPVfvsvihZN8
+GSupR08jHgcB6zkNbRBshYCW3oaayvBTl9dE0oJDsmF5bgVqT6KpkK0DKBbVTQ5
VRw0gO57LzsVVTOjFOxIVtIqVgrpm13EwlA4xqMLKdi42LZfdQ9H5L/BmvsIzIyJ
rcFLq/Yby7D4GmuEW+EjnBNpnx2/kyzWGdDmI0w8ywq6iOZbILLtzDwpYkDNut6B
b4qPolaI5KwxDx9/vdQCA5mSRU6KtYI7feP+BLAF9nQakAQp5oK9QLzU2l3MsSSi
WsfE7r8F0w+8KMa5N5W8CBxNs4sZj7Yg
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:47:52 2024 by rpki-client on console-ams.rpki-client.org