Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/mhgVA4E_CrWInkAB737mvGA8b3Y.roa
File: mhgVA4E_CrWInkAB737mvGA8b3Y.roa (raw, json)
Hash identifier: E0Y4kUCq3peLZzQFAe1CNAeEj42h25UH0utmTVCRTrw=
Subject key identifier: 9A:18:15:03:81:3F:0A:B5:88:9E:40:01:EF:7E:E6:BC:60:3C:6F:76
Certificate issuer: /CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Certificate serial: 018CC94DC7F1F0DCB707AAC5F28E0FA42322
Authority key identifier: 7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/mhgVA4E_CrWInkAB737mvGA8b3Y.roa
Signing time: Tue 02 Jan 2024 08:32:47 +0000
ROA not before: Tue 02 Jan 2024 08:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.99.184.0/22 maxlen: 24
185.57.172.0/23 maxlen: 24
185.103.36.0/22 maxlen: 24
185.2.150.0/23 maxlen: 24
185.2.148.0/23 maxlen: 24
185.104.132.0/23 maxlen: 24
185.104.132.0/22 maxlen: 24
185.104.134.0/24 maxlen: 24
185.104.134.0/23 maxlen: 24
5.57.228.0/22 maxlen: 24
146.255.16.0/22 maxlen: 24
185.47.12.0/22 maxlen: 24
146.255.21.0/24 maxlen: 24
146.255.20.0/22 maxlen: 24
146.255.19.0/24 maxlen: 24
185.57.174.0/23 maxlen: 24
5.57.224.0/22 maxlen: 24
185.105.222.0/23 maxlen: 24
185.105.220.0/22 maxlen: 24
2a00:de40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c7:f1:f0:dc:b7:07:aa:c5:f2:8e:0f:a4:23:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Validity
Not Before: Jan 2 08:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a181503813f0ab5889e4001ef7ee6bc603c6f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:45:ca:96:cb:ff:22:1c:9e:fb:67:87:e1:d3:
f1:44:07:7e:ce:e1:5b:16:89:1a:4c:25:b6:cf:21:
c8:20:ad:07:19:83:19:c5:0d:b3:8c:1a:4c:85:35:
52:09:02:96:9c:e8:15:ae:e2:0d:12:54:26:77:73:
5e:b1:a5:60:ff:82:f9:91:39:24:12:29:c7:f1:0e:
57:3d:78:9d:b4:1b:54:7e:45:e5:05:14:c3:60:1c:
01:d5:84:c5:0c:ba:d0:33:dd:19:e1:5f:8a:b5:8d:
b5:10:88:13:dd:0e:96:e1:3f:2d:e4:dd:13:42:f2:
0c:ad:38:fc:4f:66:9a:3c:f0:a4:c2:f4:3b:8e:d7:
b2:0b:ea:3a:50:06:ca:f9:df:b0:e5:5e:64:3d:fb:
07:e0:c5:a4:1f:e0:e0:0e:61:32:92:a5:f8:2a:31:
f7:0d:82:35:c8:15:70:76:be:ad:75:a2:87:58:45:
59:66:87:49:59:c1:30:8a:58:ad:7f:e2:8c:e1:dd:
a3:27:86:46:c9:92:a1:46:64:1b:5a:10:5a:39:6c:
2c:d0:3d:f1:c4:fd:d2:19:be:15:de:f4:ae:75:c2:
a7:39:c6:63:73:62:63:e4:db:72:ef:d9:f4:7f:30:
40:37:2e:99:cb:8f:20:eb:65:05:e2:74:8b:b8:35:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:18:15:03:81:3F:0A:B5:88:9E:40:01:EF:7E:E6:BC:60:3C:6F:76
X509v3 Authority Key Identifier:
keyid:7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/mhgVA4E_CrWInkAB737mvGA8b3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.224.0/21
146.255.16.0/21
185.2.148.0/22
185.47.12.0/22
185.57.172.0/22
185.99.184.0/22
185.103.36.0/22
185.104.132.0/22
185.105.220.0/22
IPv6:
2a00:de40::/32
Signature Algorithm: sha256WithRSAEncryption
4c:b0:f5:ee:2b:be:d9:05:82:16:dc:0b:d4:19:34:19:86:8a:
55:fb:cf:e1:9c:68:8b:04:a1:a9:87:dc:85:4e:ff:2f:52:85:
9c:a9:5b:6d:df:8c:e0:3e:18:e9:34:3d:aa:24:2b:a6:3b:64:
0c:a1:c3:13:c9:ed:53:67:cc:dd:ca:41:f8:84:96:eb:c6:e1:
85:5a:59:d2:ee:58:14:34:c8:c8:67:bb:4a:58:56:2b:bb:9c:
1c:52:32:67:f5:0d:ca:76:b9:e3:d0:54:ab:f6:03:78:ae:eb:
c5:5a:10:66:74:01:41:84:4e:3f:f2:55:d0:49:91:8c:2f:82:
c3:d2:3f:c8:71:8c:6e:0d:7d:14:f5:82:b6:33:1a:e9:3a:95:
71:f6:d5:ec:11:b7:18:8a:29:1d:16:38:65:fa:4f:09:b1:0a:
83:43:8b:b0:04:6a:b1:52:3e:a1:4c:fe:80:d0:c3:3f:ff:83:
6d:74:70:a9:e1:d1:29:f3:74:2e:b6:15:0e:3c:39:40:55:84:
15:08:df:66:0f:a8:42:12:e0:d4:5f:66:96:25:34:77:fa:01:
17:15:07:96:34:4c:c2:88:fa:15:9f:27:2f:be:98:1c:64:b2:
5a:d5:20:ca:f4:93:27:6d:c1:a5:64:79:7b:8c:99:a6:26:02:
d7:81:51:79
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzJTcfx8Ny3B6rF8o4PpCMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMTY4MDI4ZWMwZGFiNjY4YTY3ZDViZjZmNTM1OGNhYWJl
MzM3YTgwHhcNMjQwMTAyMDgzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE4MTUwMzgxM2YwYWI1ODg5ZTQwMDFlZjdlZTZiYzYwM2M2Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0XKlsv/Ihye+2eH4dPxRAd+zuFb
FokaTCW2zyHIIK0HGYMZxQ2zjBpMhTVSCQKWnOgVruINElQmd3NesaVg/4L5kTkk
EinH8Q5XPXidtBtUfkXlBRTDYBwB1YTFDLrQM90Z4V+KtY21EIgT3Q6W4T8t5N0T
QvIMrTj8T2aaPPCkwvQ7jteyC+o6UAbK+d+w5V5kPfsH4MWkH+DgDmEykqX4KjH3
DYI1yBVwdr6tdaKHWEVZZodJWcEwilitf+KM4d2jJ4ZGyZKhRmQbWhBaOWws0D3x
xP3SGb4V3vSudcKnOcZjc2Jj5Nty79n0fzBANy6Zy48g62UF4nSLuDWxKwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJoYFQOBPwq1iJ5AAe9+5rxgPG92MB8GA1UdIwQY
MBaAFH8WgCjsDatmimfVv29TWMqr4zeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUt
N2ZhZGY1MGEyZTM3LzEvbWhnVkE0RV9DcldJbmtBQjczN212R0E4YjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTUyODYtZmQ0ZC00OWZlLWE2OWUtN2ZhZGY1MGEyZTM3
LzEvZnhhQUtPd05xMmFLWjlXX2IxTll5cXZqTjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBTngAwQD
kv8QAwQCuQKUAwQCuS8MAwQCuTmsAwQCuWO4AwQCuWckAwQCuWiEAwQCuWncMA0E
AgACMAcDBQAqAN5AMA0GCSqGSIb3DQEBCwUAA4IBAQBMsPXuK77ZBYIW3AvUGTQZ
hopV+8/hnGiLBKGph9yFTv8vUoWcqVtt34zgPhjpND2qJCumO2QMocMTye1TZ8zd
ykH4hJbrxuGFWlnS7lgUNMjIZ7tKWFYru5wcUjJn9Q3Kdrnj0FSr9gN4ruvFWhBm
dAFBhE4/8lXQSZGML4LD0j/IcYxuDX0U9YK2MxrpOpVx9tXsEbcYiikdFjhl+k8J
sQqDQ4uwBGqxUj6hTP6A0MM//4NtdHCp4dEp83QuthUOPDlAVYQVCN9mD6hCEuDU
X2aWJTR3+gEXFQeWNEzCiPoVnycvvpgcZLJa1SDK9JMnbcGlZHl7jJmmJgLXgVF5
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:33 2024 by rpki-client on console-fra.rpki-client.org