Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MYbwRAQ1bGlY8Jr2UpAj5FNnuo8.roa
File: MYbwRAQ1bGlY8Jr2UpAj5FNnuo8.roa (raw, json)
Hash identifier: 46Q+xSpswi3ErpwE4sb3JeN+osk2NS9mY01XTaacPjM=
Subject key identifier: 31:86:F0:44:04:35:6C:69:58:F0:9A:F6:52:90:23:E4:53:67:BA:8F
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 018D6BB4546179BEA08730890A7BF2FE072F
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MYbwRAQ1bGlY8Jr2UpAj5FNnuo8.roa
Signing time: Fri 02 Feb 2024 21:23:16 +0000
ROA not before: Fri 02 Feb 2024 21:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 176.67.82.0/24 maxlen: 24
176.67.84.0/24 maxlen: 24
176.67.87.0/24 maxlen: 24
2a05:e9c0:1000::/40 maxlen: 40
2a05:e9c0:1400::/40 maxlen: 40
2a05:e9c0:1800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:b4:54:61:79:be:a0:87:30:89:0a:7b:f2:fe:07:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Feb 2 21:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3186f04404356c6958f09af6529023e45367ba8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c3:6e:48:9b:9e:3a:b2:b7:01:cf:a0:3d:9f:
73:6a:a6:a3:9f:bd:14:1b:63:37:79:0a:58:3a:44:
ab:0a:07:4f:c5:ea:e3:51:b1:a7:7e:d1:12:7d:f4:
f1:ee:28:ae:4e:a1:ff:f6:70:9a:4d:25:ed:ae:f8:
d4:ef:42:7c:47:4f:34:dd:37:36:70:d1:95:ac:1c:
39:6b:df:fa:4e:41:58:da:4e:48:9a:f5:3c:3a:79:
66:f5:d1:10:76:49:cb:80:8c:1b:72:f3:9d:7e:df:
c4:6d:56:1c:43:93:8a:d9:9c:08:aa:99:95:11:7e:
50:bd:ac:4c:6b:1d:ea:01:f8:35:31:97:48:cf:d4:
e8:97:90:ed:2c:43:b8:66:f3:01:3c:15:21:61:29:
88:a3:93:b7:a1:ca:ac:19:8e:01:02:2f:35:89:73:
96:14:0a:3c:9e:20:0e:7f:4a:8d:01:25:71:cd:21:
5b:fb:ca:43:cc:ae:b2:27:53:b4:b1:0c:77:8f:56:
f6:b2:bb:6f:08:bc:a8:2b:3a:18:a8:c1:da:ca:f4:
8b:da:dd:69:45:5f:5a:1a:18:42:8d:c0:f0:f6:e4:
5d:38:dc:59:31:31:8a:e6:bb:0d:fd:42:d0:1e:1e:
9b:db:50:51:18:cc:cc:a5:83:e7:e6:aa:ae:28:e8:
e2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:86:F0:44:04:35:6C:69:58:F0:9A:F6:52:90:23:E4:53:67:BA:8F
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MYbwRAQ1bGlY8Jr2UpAj5FNnuo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.82.0/24
176.67.84.0/24
176.67.87.0/24
IPv6:
2a05:e9c0:1000::/40
2a05:e9c0:1400::/40
2a05:e9c0:1800::/40
Signature Algorithm: sha256WithRSAEncryption
0b:f7:42:11:17:ac:ea:8b:8e:75:f3:9b:61:36:0c:ce:8a:5d:
e9:e6:9d:15:45:7f:08:0a:92:bc:5a:72:1c:d1:59:3e:45:48:
58:db:b9:58:f8:80:06:0c:86:1c:dd:20:f7:6f:fc:13:46:a4:
e4:9e:2d:16:d6:8a:e1:73:3e:d8:09:e3:e2:df:dd:72:29:65:
2e:dd:21:16:d0:c5:6d:77:25:c1:b9:ec:1a:09:7e:f9:a4:da:
e3:34:49:42:cf:0d:4a:cb:2e:f7:21:86:82:78:bb:e1:93:ab:
73:c1:e8:a8:18:58:23:d5:0e:ca:64:67:bc:48:69:16:e8:16:
f4:82:fa:bc:29:be:1f:4c:0f:08:51:af:e1:49:89:3d:5a:96:
09:a8:79:78:47:43:93:90:c3:19:52:78:26:75:51:fe:09:9a:
23:cc:19:de:23:e0:5a:58:e5:64:aa:da:67:b3:6d:a0:b9:c9:
1c:73:72:8e:2d:d5:41:55:8d:16:72:6f:37:31:03:ba:b0:b7:
d5:b8:2d:f5:5c:8d:fc:64:84:17:ef:a5:27:34:85:2f:25:fb:
0e:77:8b:aa:88:bb:be:9e:a3:6c:54:54:37:1d:d9:d8:09:90:
f2:42:52:f7:f2:fb:5c:12:f6:af:33:7b:e9:68:21:7e:5d:40:
23:fa:6f:2f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY1rtFRheb6ghzCJCnvy/gcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwMjAyMjEyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg2ZjA0NDA0MzU2YzY5NThmMDlhZjY1MjkwMjNlNDUzNjdiYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMNuSJueOrK3Ac+gPZ9zaqajn70U
G2M3eQpYOkSrCgdPxerjUbGnftESffTx7iiuTqH/9nCaTSXtrvjU70J8R0803Tc2
cNGVrBw5a9/6TkFY2k5ImvU8Onlm9dEQdknLgIwbcvOdft/EbVYcQ5OK2ZwIqpmV
EX5QvaxMax3qAfg1MZdIz9Tol5DtLEO4ZvMBPBUhYSmIo5O3ocqsGY4BAi81iXOW
FAo8niAOf0qNASVxzSFb+8pDzK6yJ1O0sQx3j1b2srtvCLyoKzoYqMHayvSL2t1p
RV9aGhhCjcDw9uRdONxZMTGK5rsN/ULQHh6b21BRGMzMpYPn5qquKOjiZQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDGG8EQENWxpWPCa9lKQI+RTZ7qPMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvTVlid1JBUTFiR2xZOEpyMlVwQWo1Rk5udW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAYBAIAATASAwQAsENSAwQA
sENUAwQAsENXMB4EAgACMBgDBgAqBenAEAMGACoF6cAUAwYAKgXpwBgwDQYJKoZI
hvcNAQELBQADggEBAAv3QhEXrOqLjnXzm2E2DM6KXenmnRVFfwgKkrxachzRWT5F
SFjbuVj4gAYMhhzdIPdv/BNGpOSeLRbWiuFzPtgJ4+Lf3XIpZS7dIRbQxW13JcG5
7BoJfvmk2uM0SULPDUrLLvchhoJ4u+GTq3PB6KgYWCPVDspkZ7xIaRboFvSC+rwp
vh9MDwhRr+FJiT1algmoeXhHQ5OQwxlSeCZ1Uf4JmiPMGd4j4FpY5WSq2mezbaC5
yRxzco4t1UFVjRZybzcxA7qwt9W4LfVcjfxkhBfvpSc0hS8l+w53i6qIu76eo2xU
VDcd2dgJkPJCUvfy+1wS9q8ze+loIX5dQCP6by8=
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:20:26 2024 by rpki-client on console-ams.rpki-client.org