Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/MPepR8rhMLDzWYx0lEqFXdZgAQ8.roa
File: MPepR8rhMLDzWYx0lEqFXdZgAQ8.roa (raw, json)
Hash identifier: LfwQLoNaEpplX9lijioB7rEqGzVGUiws5bUeBP7Bzv0=
Subject key identifier: 30:F7:A9:47:CA:E1:30:B0:F3:59:8C:74:94:4A:85:5D:D6:60:01:0F
Certificate issuer: /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial: 01922390DA9B1EE24C89A805A54619DD5B4F
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/MPepR8rhMLDzWYx0lEqFXdZgAQ8.roa
Signing time: Tue 24 Sep 2024 10:25:48 +0000
ROA not before: Tue 24 Sep 2024 10:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39347
IP address blocks: 89.33.88.0/21 maxlen: 21
89.33.89.0/24 maxlen: 24
89.33.90.0/23 maxlen: 23
89.33.94.0/23 maxlen: 23
89.35.57.0/24 maxlen: 24
89.42.31.0/24 maxlen: 24
93.119.176.0/21 maxlen: 21
93.119.176.0/24 maxlen: 24
93.119.177.0/24 maxlen: 24
93.119.182.0/23 maxlen: 23
185.122.220.0/22 maxlen: 22
185.122.221.0/24 maxlen: 24
185.122.222.0/24 maxlen: 24
2a06:a880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:23:90:da:9b:1e:e2:4c:89:a8:05:a5:46:19:dd:5b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Validity
Not Before: Sep 24 10:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30f7a947cae130b0f3598c74944a855dd660010f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:16:c4:3d:b0:9b:f0:f9:00:38:a9:40:fc:ae:
20:8e:fb:34:34:3e:be:63:a4:d9:0f:50:ba:8d:72:
35:79:0d:b0:19:0b:77:5b:72:e8:72:8a:10:0f:8b:
72:52:05:57:9e:36:da:f1:13:68:de:5d:f0:a2:85:
19:58:99:8a:e2:bf:b7:ae:4c:12:4e:d8:a1:e3:1d:
fa:7d:3b:36:df:b7:81:30:85:1a:ff:19:42:a1:fc:
62:fb:40:31:1c:21:d2:43:16:ae:7f:f8:17:2b:1c:
b5:a8:a8:23:2d:e6:af:6b:48:37:ea:f8:d3:d7:7b:
56:fd:af:cd:ed:8e:b8:5a:1a:58:8c:47:a2:79:4c:
10:d3:dd:88:0e:66:58:f7:83:f7:45:4a:2c:bc:a5:
99:a2:c8:7f:14:06:d6:c6:b5:0b:1f:c2:00:95:cc:
28:3a:c2:e2:dd:9f:41:b1:e2:57:3e:96:0e:c9:e0:
65:f7:7f:e1:04:38:c7:cf:d5:53:f4:b7:bd:2f:50:
94:5b:2f:b7:7c:64:41:8e:85:a5:9a:0a:e3:ff:59:
13:90:3b:fd:7c:94:ac:41:9f:d6:b8:4b:d0:46:77:
e1:8d:e6:c5:57:69:14:a4:53:39:95:e4:e4:d4:55:
32:37:a3:b5:57:33:df:ec:9c:7b:70:cc:0c:10:d6:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:A9:47:CA:E1:30:B0:F3:59:8C:74:94:4A:85:5D:D6:60:01:0F
X509v3 Authority Key Identifier:
keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/MPepR8rhMLDzWYx0lEqFXdZgAQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.88.0/21
89.35.57.0/24
89.42.31.0/24
93.119.176.0/21
185.122.220.0/22
IPv6:
2a06:a880::/48
Signature Algorithm: sha256WithRSAEncryption
7a:32:25:37:b3:48:ca:91:a6:74:48:65:d3:0a:2a:e2:ab:1a:
ea:09:2c:5e:c8:70:be:53:29:99:65:36:48:06:86:dd:95:67:
9b:fd:b7:6b:48:85:16:42:50:ce:02:46:f6:56:21:39:8c:cb:
7f:63:57:40:34:b2:04:77:30:f0:3d:71:6f:fe:4e:32:4a:41:
fa:5b:17:d5:55:6b:d0:07:08:ac:1a:5a:48:a1:ba:36:18:f9:
1d:4b:dc:d7:91:35:73:e3:b8:cc:25:c3:60:33:90:24:4e:cb:
24:f3:e3:21:71:1e:04:43:76:c3:fe:d1:05:98:2c:eb:94:ad:
c7:3c:cc:b4:42:31:08:38:0f:ea:0f:96:04:a2:b9:b8:49:ab:
bd:40:9a:c7:07:ff:18:49:f9:95:96:a9:fd:3c:5e:5b:0c:2b:
db:df:1b:a6:10:53:31:4f:67:01:3c:fc:c8:e7:81:32:34:47:
e5:6d:c0:15:0a:aa:24:d1:22:d9:f5:72:ef:ef:75:1b:2b:d1:
6c:28:68:6c:fb:8e:55:93:90:09:87:62:60:10:de:a9:11:cc:
54:27:43:68:3c:78:35:5e:32:a3:9b:92:ce:86:b6:84:e4:11:
db:5a:82:66:ec:1d:6e:61:78:30:99:9a:e8:5c:73:25:44:8a:
86:02:dc:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZIjkNqbHuJMiagFpUYZ3VtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzA1OTFlMmViNDlkMDU1OWU2ZmNlN2VlMmFhODFmMGY1
OWJhNmYwHhcNMjQwOTI0MTAyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3YTk0N2NhZTEzMGIwZjM1OThjNzQ5NDRhODU1ZGQ2NjAwMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxbEPbCb8PkAOKlA/K4gjvs0ND6+
Y6TZD1C6jXI1eQ2wGQt3W3LocooQD4tyUgVXnjba8RNo3l3wooUZWJmK4r+3rkwS
Ttih4x36fTs237eBMIUa/xlCofxi+0AxHCHSQxauf/gXKxy1qKgjLeava0g36vjT
13tW/a/N7Y64WhpYjEeieUwQ092IDmZY94P3RUosvKWZosh/FAbWxrULH8IAlcwo
OsLi3Z9BseJXPpYOyeBl93/hBDjHz9VT9Le9L1CUWy+3fGRBjoWlmgrj/1kTkDv9
fJSsQZ/WuEvQRnfhjebFV2kUpFM5leTk1FUyN6O1VzPf7Jx7cMwMENYM4wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDD3qUfK4TCw81mMdJRKhV3WYAEPMB8GA1UdIwQY
MBaAFMPAWR4utJ0FWeb85+4qqB8PWbpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQt
ZTM0MDcxNzQ2NjNiLzEvTVBlcFI4cmhNTER6V1l4MGxFcUZYZFpnQVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQtZTM0MDcxNzQ2NjNi
LzEvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQDWSFYAwQA
WSM5AwQAWSofAwQDXXewAwQCuXrcMA8EAgACMAkDBwAqBqiAAAAwDQYJKoZIhvcN
AQELBQADggEBAHoyJTezSMqRpnRIZdMKKuKrGuoJLF7IcL5TKZllNkgGht2VZ5v9
t2tIhRZCUM4CRvZWITmMy39jV0A0sgR3MPA9cW/+TjJKQfpbF9VVa9AHCKwaWkih
ujYY+R1L3NeRNXPjuMwlw2AzkCROyyTz4yFxHgRDdsP+0QWYLOuUrcc8zLRCMQg4
D+oPlgSiubhJq71AmscH/xhJ+ZWWqf08XlsMK9vfG6YQUzFPZwE8/MjngTI0R+Vt
wBUKqiTRItn1cu/vdRsr0WwoaGz7jlWTkAmHYmAQ3qkRzFQnQ2g8eDVeMqObks6G
toTkEdtagmbsHW5heDCZmuhccyVEioYC3EA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:48 2024 by rpki-client on console-ams.rpki-client.org