Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/M6qCO7d1QDGdMyNm9FwFOXyvFnc.roa
File: M6qCO7d1QDGdMyNm9FwFOXyvFnc.roa (raw, json)
Hash identifier: W3Nhl2X6s1kgswWmAGuGsxP/7r0VIhy2glvTSrSAMDQ=
Subject key identifier: 33:AA:82:3B:B7:75:40:31:9D:33:23:66:F4:5C:05:39:7C:AF:16:77
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018CC793410DD441F6A8D581B160C8BC1E09
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/M6qCO7d1QDGdMyNm9FwFOXyvFnc.roa
Signing time: Tue 02 Jan 2024 00:29:25 +0000
ROA not before: Tue 02 Jan 2024 00:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199959
IP address blocks: 45.86.162.0/24 maxlen: 24
2.58.14.0/23 maxlen: 23
46.30.188.0/24 maxlen: 24
46.30.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:41:0d:d4:41:f6:a8:d5:81:b1:60:c8:bc:1e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 00:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33aa823bb77540319d332366f45c05397caf1677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:41:a8:e4:c0:04:e3:5b:70:3b:5a:28:de:
62:24:2b:d5:a1:a9:b6:5f:6a:35:c1:95:a3:3c:ef:
01:1f:eb:1d:12:78:85:02:2a:15:26:bb:7a:18:83:
7f:ca:7a:b7:13:23:e0:d5:c9:41:ad:93:78:5e:5e:
6d:5f:e0:13:bb:4b:b8:ca:65:4b:a8:b6:a7:21:2c:
77:92:27:dc:f3:50:cf:78:7d:9b:c4:64:bc:25:3b:
cf:c8:3a:21:a2:80:cb:bc:43:47:fa:47:3d:77:1b:
d4:52:c8:1d:80:2e:04:af:34:38:50:56:97:a1:c7:
4c:19:74:3d:5a:2f:5d:d6:cf:ca:ee:a3:d3:d0:45:
0c:46:ad:c7:08:68:3a:4a:28:09:4f:fe:50:62:54:
39:51:6c:9b:09:3b:d6:1a:32:46:ee:7a:2b:31:2e:
f0:01:8c:3c:d0:f4:7e:61:a2:43:87:a9:56:41:95:
27:cc:cd:4d:e3:ab:0f:16:bd:8b:92:74:3a:36:21:
60:a6:bf:c1:d8:06:87:e5:45:a4:2e:75:4e:2e:bf:
75:e2:2c:a2:94:4d:7f:04:88:30:81:73:1f:bf:d9:
ad:b4:fa:80:b2:6d:34:a1:6c:b4:aa:f0:e7:72:f9:
25:82:c6:c3:8b:5d:cd:73:a4:a4:59:2d:81:7f:33:
49:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AA:82:3B:B7:75:40:31:9D:33:23:66:F4:5C:05:39:7C:AF:16:77
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/M6qCO7d1QDGdMyNm9FwFOXyvFnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.14.0/23
45.86.162.0/24
46.30.188.0/24
46.30.191.0/24
Signature Algorithm: sha256WithRSAEncryption
67:4d:ce:4f:b4:fe:10:56:c6:2d:b5:7e:0f:86:61:89:7b:42:
fb:c9:5b:ad:19:d5:57:54:94:bc:02:8c:40:97:9f:c3:3f:e2:
a5:42:36:fb:df:31:32:11:27:72:1a:aa:03:43:f9:67:ee:c5:
9b:4c:72:56:bb:da:39:4d:19:80:38:89:e3:b5:a1:10:7a:e1:
c6:cd:85:74:5c:93:ae:12:ce:29:94:e4:f9:f5:db:04:33:1b:
98:f9:46:a3:74:19:f0:9a:6b:82:21:93:bc:09:fd:64:92:2c:
dd:e5:1b:c7:f6:1a:29:f3:55:4c:a3:ab:3b:3c:ba:8b:a0:74:
ba:71:4d:a6:4b:ce:ec:25:3f:3d:b3:b2:31:fb:09:cb:2a:f3:
58:ce:cd:d0:3d:b8:25:fa:50:bd:6f:e2:5f:a8:0f:3d:28:7b:
41:15:50:b8:ac:9c:2c:fc:b1:02:dc:78:ff:10:1c:dd:16:8b:
5b:c4:a5:c5:b9:cd:0a:d2:95:29:a2:64:7c:9e:5d:de:cf:90:
3c:79:85:c2:7a:1c:b1:c7:e3:c3:c9:bf:44:0f:63:d9:8f:5e:
87:ee:33:9d:61:fd:52:8c:1e:62:cb:e7:f8:94:fd:0b:52:eb:
e6:fd:32:4e:73:38:2d:da:53:ff:c7:b7:7f:05:6e:41:92:f2:
63:27:a5:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHk0EN1EH2qNWBsWDIvB4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjQwMTAyMDAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FhODIzYmI3NzU0MDMxOWQzMzIzNjZmNDVjMDUzOTdjYWYxNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN9BqOTABONbcDtaKN5iJCvVoam2
X2o1wZWjPO8BH+sdEniFAioVJrt6GIN/ynq3EyPg1clBrZN4Xl5tX+ATu0u4ymVL
qLanISx3kifc81DPeH2bxGS8JTvPyDohooDLvENH+kc9dxvUUsgdgC4ErzQ4UFaX
ocdMGXQ9Wi9d1s/K7qPT0EUMRq3HCGg6SigJT/5QYlQ5UWybCTvWGjJG7norMS7w
AYw80PR+YaJDh6lWQZUnzM1N46sPFr2LknQ6NiFgpr/B2AaH5UWkLnVOLr914iyi
lE1/BIgwgXMfv9mttPqAsm00oWy0qvDncvklgsbDi13Nc6SkWS2BfzNJwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDOqgju3dUAxnTMjZvRcBTl8rxZ3MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvTTZxQ083ZDFRREdkTXlObTlGd0ZPWHl2Rm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjoOAwQA
LVaiAwQALh68AwQALh6/MA0GCSqGSIb3DQEBCwUAA4IBAQBnTc5PtP4QVsYttX4P
hmGJe0L7yVutGdVXVJS8AoxAl5/DP+KlQjb73zEyESdyGqoDQ/ln7sWbTHJWu9o5
TRmAOInjtaEQeuHGzYV0XJOuEs4plOT59dsEMxuY+UajdBnwmmuCIZO8Cf1kkizd
5RvH9hop81VMo6s7PLqLoHS6cU2mS87sJT89s7Ix+wnLKvNYzs3QPbgl+lC9b+Jf
qA89KHtBFVC4rJws/LEC3Hj/EBzdFotbxKXFuc0K0pUpomR8nl3ez5A8eYXCehyx
x+PDyb9ED2PZj16H7jOdYf1SjB5iy+f4lP0LUuvm/TJOczgt2lP/x7d/BW5BkvJj
J6Us
-----END CERTIFICATE-----
Generated at Fri May 17 18:49:43 2024 by rpki-client on console-ams.rpki-client.org