Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mcKfdpCKw-FWUDs34TZ1QjUT53c.roa
File: mcKfdpCKw-FWUDs34TZ1QjUT53c.roa (raw, json)
Hash identifier: ywHsqauSt5Ctdv+BjSywf0WurPbV/zC3gI5si6WOjiM=
Subject key identifier: 99:C2:9F:76:90:8A:C3:E1:56:50:3B:37:E1:36:75:42:35:13:E7:77
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0191A20ACDEFA0B32AC4EF6A7A3D6E4EF106
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mcKfdpCKw-FWUDs34TZ1QjUT53c.roa
Signing time: Fri 30 Aug 2024 06:48:22 +0000
ROA not before: Fri 30 Aug 2024 06:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.135.184.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.145.0/24 maxlen: 24
62.197.146.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.149.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.153.0/24 maxlen: 24
62.197.154.0/23 maxlen: 24
62.197.156.0/23 maxlen: 24
62.197.158.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
92.62.120.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
92.62.122.0/23 maxlen: 24
185.244.139.0/24 maxlen: 24
193.218.35.0/24 maxlen: 24
194.169.168.0/24 maxlen: 24
194.169.169.0/24 maxlen: 24
194.169.170.0/23 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
213.109.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:0a:cd:ef:a0:b3:2a:c4:ef:6a:7a:3d:6e:4e:f1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 30 06:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99c29f76908ac3e156503b37e13675423513e777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:09:42:10:5b:03:cc:32:2e:2d:29:c7:0d:
0c:c4:14:40:e8:31:e5:3c:d3:be:a8:82:ab:6b:3a:
6a:d3:9b:27:ba:9b:8c:a3:75:d3:46:cf:e7:3f:f4:
19:bb:3e:41:87:43:80:45:6f:83:4d:dc:1a:d0:9d:
84:6d:68:f6:ee:dd:2b:4f:ee:26:3b:a8:a7:c2:2e:
09:97:3f:fc:fd:ef:78:2d:94:b0:95:55:ea:a0:70:
c3:12:5d:8c:aa:ac:f3:64:fa:be:bd:70:4a:9b:0b:
b6:1b:ea:ae:0d:66:f1:03:70:4f:4c:0c:fa:e7:8d:
69:bb:33:19:1a:c9:95:fa:89:24:be:3e:6c:be:97:
23:7b:41:76:1c:88:da:5d:b3:04:85:0d:4f:f5:e3:
90:17:1b:d4:8c:05:b7:9a:03:03:27:48:5a:88:14:
98:86:32:bb:57:2a:b8:04:43:78:38:8e:ef:1d:30:
42:fa:7e:81:28:44:59:58:86:fe:9e:a0:9f:21:25:
5e:d5:48:32:52:ca:1c:8c:ea:69:4e:21:a8:8d:c3:
ce:24:86:ee:25:a0:f6:d7:df:d5:52:f9:b7:7b:ad:
0c:e5:56:bc:d6:d5:ee:a4:2c:1e:63:ec:3b:55:ea:
a5:aa:c1:6c:5d:ee:5e:af:1d:be:53:97:10:17:14:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C2:9F:76:90:8A:C3:E1:56:50:3B:37:E1:36:75:42:35:13:E7:77
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mcKfdpCKw-FWUDs34TZ1QjUT53c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.184.0/24
45.144.227.0/24
62.197.144.0/20
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0-212.119.34.255
213.109.151.0/24
Signature Algorithm: sha256WithRSAEncryption
03:36:e4:ca:fb:33:14:1d:88:3a:87:c9:03:5f:ec:4f:fe:1f:
55:29:1b:90:4c:9b:99:cc:6f:91:93:0c:dc:e6:a8:4c:29:aa:
35:a0:5f:bb:65:1e:60:e4:24:eb:24:c9:c8:c5:3e:a5:91:4c:
ff:df:70:94:39:39:e3:67:d6:61:77:1d:03:af:4a:b9:bb:d5:
e4:89:57:b6:c7:a4:bd:ba:c9:e4:68:cb:b4:f0:b8:62:d8:42:
c4:84:7c:d3:54:4a:14:c6:a0:0b:34:b8:2c:df:67:c8:98:d8:
85:ba:c9:c4:f3:52:4b:40:64:39:ec:b8:b4:ed:bd:b2:c9:1f:
69:d9:a0:8d:e2:2e:6f:79:18:3d:a1:a6:28:ff:39:32:9c:7f:
40:e6:56:5f:1f:65:53:6c:19:e2:85:90:93:7c:ed:28:a4:fc:
ad:60:3e:37:60:e7:2c:b7:b2:5a:85:ec:a0:c0:7a:9b:62:ea:
4a:35:52:c6:7e:a4:07:44:1c:75:1c:86:12:21:13:1f:0f:db:
6f:18:6f:42:d5:94:df:a0:25:f6:5a:3b:03:26:43:60:9f:f0:
0d:c1:56:b5:93:a0:11:8c:d6:c8:11:21:fc:ad:fb:bb:9d:96:
ff:1b:3f:08:5e:f1:22:11:14:5a:20:b5:f8:b0:4c:55:c0:ab:
d5:71:fd:92
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZGiCs3voLMqxO9qej1uTvEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODMwMDY0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWMyOWY3NjkwOGFjM2UxNTY1MDNiMzdlMTM2NzU0MjM1MTNlNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/IJQhBbA8wyLi0pxw0MxBRA6DHl
PNO+qIKrazpq05snupuMo3XTRs/nP/QZuz5Bh0OARW+DTdwa0J2EbWj27t0rT+4m
O6inwi4Jlz/8/e94LZSwlVXqoHDDEl2MqqzzZPq+vXBKmwu2G+quDWbxA3BPTAz6
541puzMZGsmV+okkvj5svpcje0F2HIjaXbMEhQ1P9eOQFxvUjAW3mgMDJ0haiBSY
hjK7Vyq4BEN4OI7vHTBC+n6BKERZWIb+nqCfISVe1UgyUsocjOppTiGojcPOJIbu
JaD219/VUvm3e60M5Va81tXupCweY+w7VeqlqsFsXe5erx2+U5cQFxSnDwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJnCn3aQisPhVlA7N+E2dUI1E+d3MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbWNLZmRwQ0t3LUZXVURzMzRUWjFRalVUNTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALYe4AwQA
LZDjAwQEPsWQAwQAW75lAwQCXD54AwQAufSLAwQAwdojAwQCwqmoMAwDBAXUdyAD
BADUdyIDBADVbZcwDQYJKoZIhvcNAQELBQADggEBAAM25Mr7MxQdiDqHyQNf7E/+
H1UpG5BMm5nMb5GTDNzmqEwpqjWgX7tlHmDkJOskycjFPqWRTP/fcJQ5OeNn1mF3
HQOvSrm71eSJV7bHpL26yeRoy7TwuGLYQsSEfNNUShTGoAs0uCzfZ8iY2IW6ycTz
UktAZDnsuLTtvbLJH2nZoI3iLm95GD2hpij/OTKcf0DmVl8fZVNsGeKFkJN87Sik
/K1gPjdg5yy3slqF7KDAepti6ko1UsZ+pAdEHHUchhIhEx8P228Yb0LVlN+gJfZa
OwMmQ2Cf8A3BVrWToBGM1sgRIfyt+7udlv8bPwhe8SIRFFogtfiwTFXAq9Vx/ZI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:05 2024 by rpki-client on console-fra.rpki-client.org