Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/MQ2ipOLVrR94NxYXdwuRpJU01NA.roa
File: MQ2ipOLVrR94NxYXdwuRpJU01NA.roa (raw, json)
Hash identifier: qEdTQSuyaSE3c4nhBeorwKGIQdgCioUTidOd88JCnQk=
Subject key identifier: 31:0D:A2:A4:E2:D5:AD:1F:78:37:16:17:77:0B:91:A4:95:34:D4:D0
Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997
Certificate serial: 018CC86F2422E4E4EC7000A2C85C2D217DA6
Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/MQ2ipOLVrR94NxYXdwuRpJU01NA.roa
Signing time: Tue 02 Jan 2024 04:29:36 +0000
ROA not before: Tue 02 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51601
IP address blocks: 176.56.160.0/19 maxlen: 24
91.194.116.0/23 maxlen: 24
185.65.172.0/22 maxlen: 24
195.189.120.0/22 maxlen: 24
193.33.70.0/23 maxlen: 24
87.239.184.0/21 maxlen: 24
2a03:9d40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:24:22:e4:e4:ec:70:00:a2:c8:5c:2d:21:7d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997
Validity
Not Before: Jan 2 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=310da2a4e2d5ad1f78371617770b91a49534d4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bd:d5:30:93:fc:c4:ca:10:e3:dd:c0:d7:80:
df:a6:a4:51:2a:ba:9c:83:45:f5:d3:da:7d:2a:4e:
91:9c:32:88:58:ee:ce:2e:89:d4:2d:38:f7:e6:67:
6a:c2:c2:9f:8a:40:bd:d8:a2:76:e0:da:87:38:53:
06:d1:ae:d5:18:0c:a4:09:b5:10:b7:0b:52:d7:99:
30:e0:73:ec:21:c5:9d:08:c9:c5:85:e8:74:49:e2:
94:bd:14:ed:b6:e8:90:67:a7:75:46:38:af:f8:98:
12:fb:80:e1:1f:1b:61:ba:87:ed:b5:ab:11:12:ee:
57:98:58:36:bd:96:23:14:53:02:0a:21:d4:6b:88:
a1:24:c2:ec:0e:5b:92:af:9c:90:f4:87:4e:12:22:
87:2c:85:08:40:e7:6e:c6:77:74:f7:ab:aa:c9:43:
d7:64:39:55:4c:42:9a:00:10:6d:ec:bb:d7:f4:16:
23:98:f3:42:c9:3e:b4:8e:5a:3e:0e:f1:71:b6:9c:
8b:35:f6:92:94:d1:f5:f1:09:85:ee:1e:ef:f0:d9:
94:76:28:8c:13:30:2a:e8:d3:82:be:c7:21:05:e8:
65:b6:0e:0e:64:88:2a:9f:b5:c0:cf:fa:9a:62:32:
e8:91:2c:e5:4d:7e:00:cb:d6:43:e2:24:6b:31:26:
69:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0D:A2:A4:E2:D5:AD:1F:78:37:16:17:77:0B:91:A4:95:34:D4:D0
X509v3 Authority Key Identifier:
keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/MQ2ipOLVrR94NxYXdwuRpJU01NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.184.0/21
91.194.116.0/23
176.56.160.0/19
185.65.172.0/22
193.33.70.0/23
195.189.120.0/22
IPv6:
2a03:9d40::/32
Signature Algorithm: sha256WithRSAEncryption
4b:1d:a8:c1:fa:a4:3c:69:04:b3:c7:fc:6a:aa:90:35:82:de:
3b:9c:96:66:ed:60:50:a4:a4:c3:77:25:60:58:0e:6a:5d:e7:
9b:41:a9:14:8d:54:3a:5e:51:02:5a:a9:03:20:51:e5:83:30:
3f:e9:63:8d:77:12:23:5b:25:6e:e3:69:ba:d7:83:23:04:40:
4e:00:24:d1:e1:a4:9c:78:e6:0c:05:c4:e0:fa:af:53:36:fa:
a6:35:47:f4:95:50:02:af:bb:3c:dd:bc:8e:50:90:11:1e:f2:
0f:4a:b1:03:8a:03:4d:8f:b4:b8:20:15:e4:f1:a9:ee:1a:b0:
47:9c:98:0d:6e:48:0c:60:0f:25:ab:00:70:da:ed:61:42:86:
97:ba:0b:77:0e:10:30:17:f4:0e:77:16:88:93:cc:7d:13:fa:
26:72:a2:d9:ed:42:b4:74:c6:46:3c:4a:ca:d7:5b:41:85:eb:
fe:e8:da:f0:b5:a7:d4:c3:db:76:89:9a:73:af:65:9c:07:ac:
88:61:41:bb:e2:7b:a8:bc:58:b0:6b:20:cd:c0:ca:13:8e:91:
5b:95:bb:be:30:de:e0:df:cb:70:9d:54:60:05:41:8e:12:5f:
a2:49:ed:93:be:fb:81:d9:fe:8e:9b:d0:1e:76:3d:db:fe:13:
be:54:a5:ba
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIbyQi5OTscACiyFwtIX2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk
ZTg5OTcwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBkYTJhNGUyZDVhZDFmNzgzNzE2MTc3NzBiOTFhNDk1MzRkNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw73VMJP8xMoQ493A14DfpqRRKrqc
g0X109p9Kk6RnDKIWO7OLonULTj35mdqwsKfikC92KJ24NqHOFMG0a7VGAykCbUQ
twtS15kw4HPsIcWdCMnFheh0SeKUvRTttuiQZ6d1Rjiv+JgS+4DhHxthuofttasR
Eu5XmFg2vZYjFFMCCiHUa4ihJMLsDluSr5yQ9IdOEiKHLIUIQOduxnd096uqyUPX
ZDlVTEKaABBt7LvX9BYjmPNCyT60jlo+DvFxtpyLNfaSlNH18QmF7h7v8NmUdiiM
EzAq6NOCvschBehltg4OZIgqn7XAz/qaYjLokSzlTX4Ay9ZD4iRrMSZpyQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDENoqTi1a0feDcWF3cLkaSVNNTQMB8GA1UdIwQY
MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt
ZTQ2ZDhkMTZhMTVmLzEvTVEyaXBPTFZyUjk0TnhZWGR3dVJwSlUwMU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm
LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV++4AwQB
W8J0AwQFsDigAwQCuUGsAwQBwSFGAwQCw714MA0EAgACMAcDBQAqA51AMA0GCSqG
SIb3DQEBCwUAA4IBAQBLHajB+qQ8aQSzx/xqqpA1gt47nJZm7WBQpKTDdyVgWA5q
XeebQakUjVQ6XlECWqkDIFHlgzA/6WONdxIjWyVu42m614MjBEBOACTR4aSceOYM
BcTg+q9TNvqmNUf0lVACr7s83byOUJARHvIPSrEDigNNj7S4IBXk8anuGrBHnJgN
bkgMYA8lqwBw2u1hQoaXugt3DhAwF/QOdxaIk8x9E/omcqLZ7UK0dMZGPErK11tB
hev+6NrwtafUw9t2iZpzr2WcB6yIYUG74nuovFiwayDNwMoTjpFblbu+MN7g38tw
nVRgBUGOEl+iSe2TvvuB2f6Om9Aedj3b/hO+VKW6
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:52:27 2024 by rpki-client on console-fra.rpki-client.org