Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mEFvUQksnL2h9oK7DASLJqhA5UM.roa
File: mEFvUQksnL2h9oK7DASLJqhA5UM.roa (raw, json)
Hash identifier: 358i64yA28lSOLu0llqKJ8kVC2fvKbBCDHQpcA+d1kw=
Subject key identifier: 98:41:6F:51:09:2C:9C:BD:A1:F6:82:BB:0C:04:8B:26:A8:40:E5:43
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E0DB57B9A06AE735C01B4923AAD06A626
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mEFvUQksnL2h9oK7DASLJqhA5UM.roa
Signing time: Tue 05 Mar 2024 08:23:01 +0000
ROA not before: Tue 05 Mar 2024 08:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200023
IP address blocks: 45.130.196.0/22 maxlen: 24
188.214.208.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:b5:7b:9a:06:ae:73:5c:01:b4:92:3a:ad:06:a6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 5 08:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98416f51092c9cbda1f682bb0c048b26a840e543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:33:ab:bd:67:38:57:54:2f:e9:96:c1:1b:
11:91:15:f2:9a:11:53:26:60:be:1a:7d:41:eb:97:
b9:96:df:ae:97:b6:02:fa:68:3f:2a:0b:42:aa:59:
49:db:4c:81:ca:ff:6f:f4:ca:14:20:f5:26:5a:1e:
93:e3:94:74:b5:fd:31:03:1f:2f:65:29:4f:f6:b6:
23:3f:d8:4b:82:32:29:f6:44:d2:e8:b7:8d:02:c5:
16:d9:71:94:df:b1:d9:0b:4b:35:ed:15:ac:9a:8f:
f1:3b:ea:fd:6a:7f:4c:58:c5:20:ab:b1:70:7c:4d:
82:de:e2:c3:e5:98:1e:08:83:d2:98:b7:e4:9e:74:
7e:64:2f:58:75:a0:42:58:b2:7d:51:72:1a:da:54:
1f:13:72:ef:a1:b5:db:eb:8f:37:22:bd:00:92:41:
00:e3:1e:e9:8e:ce:01:ac:d2:7c:d7:d7:35:f7:75:
2b:0a:2c:22:d8:57:e5:d7:46:b9:1d:bb:b8:bd:69:
46:b2:71:1a:42:10:65:16:de:23:0e:ae:c9:43:13:
c0:9c:c6:a8:55:bc:db:f1:96:90:36:c4:51:94:29:
5a:24:e0:2b:68:18:09:3b:5a:2a:a7:bc:05:a1:21:
ff:9e:d7:ab:53:34:bd:bd:ee:2e:73:dc:68:ca:b8:
83:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:41:6F:51:09:2C:9C:BD:A1:F6:82:BB:0C:04:8B:26:A8:40:E5:43
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mEFvUQksnL2h9oK7DASLJqhA5UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.196.0/22
188.214.208.0/23
Signature Algorithm: sha256WithRSAEncryption
95:a2:4d:7e:f1:b0:9a:b7:59:49:34:7c:79:c4:f4:9a:f2:9e:
06:c8:c4:80:7a:69:a9:8a:d2:d0:05:9e:5e:9d:50:98:d3:d7:
9a:52:d6:1e:31:f3:f4:dd:51:75:c6:cb:8f:f6:a6:c6:2f:82:
e0:7c:49:9d:0e:38:02:58:a4:66:db:2e:61:18:77:bd:30:93:
1d:37:98:95:9b:b7:48:bd:f3:40:27:c7:08:92:d3:94:58:4b:
61:7c:ad:13:1d:f5:4f:0e:bb:c2:64:42:66:c8:62:d8:08:2e:
8f:96:89:93:77:13:be:e5:52:22:22:49:7a:2e:90:94:64:e9:
f0:db:9c:ef:46:57:92:4a:40:66:90:19:53:00:1d:06:83:5d:
62:ef:b5:97:b1:a4:57:94:5f:44:4a:90:92:62:2f:09:65:06:
91:13:15:dd:c5:73:a0:7b:ff:56:8a:49:1e:33:a6:bf:61:d8:
93:15:ab:8e:6a:47:47:0e:ab:f1:c3:4f:b2:0d:3b:73:25:53:
b7:ba:45:7e:ed:d8:26:6d:b2:d4:6f:f5:1f:ba:ca:9a:55:c5:
92:32:1c:5c:08:1d:89:b9:2d:8b:a8:a7:40:55:59:f7:24:33:
94:85:fc:04:cb:92:34:70:b5:a3:b4:a1:e6:64:2c:4c:7b:57:
32:29:c4:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4NtXuaBq5zXAG0kjqtBqYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzA1MDgyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQxNmY1MTA5MmM5Y2JkYTFmNjgyYmIwYzA0OGIyNmE4NDBlNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqIzq71nOFdUL+mWwRsRkRXymhFT
JmC+Gn1B65e5lt+ul7YC+mg/KgtCqllJ20yByv9v9MoUIPUmWh6T45R0tf0xAx8v
ZSlP9rYjP9hLgjIp9kTS6LeNAsUW2XGU37HZC0s17RWsmo/xO+r9an9MWMUgq7Fw
fE2C3uLD5ZgeCIPSmLfknnR+ZC9YdaBCWLJ9UXIa2lQfE3LvobXb6483Ir0AkkEA
4x7pjs4BrNJ819c193UrCiwi2Ffl10a5Hbu4vWlGsnEaQhBlFt4jDq7JQxPAnMao
Vbzb8ZaQNsRRlClaJOAraBgJO1oqp7wFoSH/nterUzS9ve4uc9xoyriDWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhBb1EJLJy9ofaCuwwEiyaoQOVDMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbUVGdlVRa3NuTDJoOW9LN0RBU0xKcWhBNVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYLEAwQB
vNbQMA0GCSqGSIb3DQEBCwUAA4IBAQCVok1+8bCat1lJNHx5xPSa8p4GyMSAemmp
itLQBZ5enVCY09eaUtYeMfP03VF1xsuP9qbGL4LgfEmdDjgCWKRm2y5hGHe9MJMd
N5iVm7dIvfNAJ8cIktOUWEthfK0THfVPDrvCZEJmyGLYCC6PlomTdxO+5VIiIkl6
LpCUZOnw25zvRleSSkBmkBlTAB0Gg11i77WXsaRXlF9ESpCSYi8JZQaRExXdxXOg
e/9WikkeM6a/YdiTFauOakdHDqvxw0+yDTtzJVO3ukV+7dgmbbLUb/UfusqaVcWS
MhxcCB2JuS2LqKdAVVn3JDOUhfwEy5I0cLWjtKHmZCxMe1cyKcTi
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:11 2024 by rpki-client on console-ams.rpki-client.org