Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Mzyn949UhdcCK5eerlZ5JDL7LJ4.roa
File: Mzyn949UhdcCK5eerlZ5JDL7LJ4.roa (raw, json)
Hash identifier: xK/FununhztR3Pq5URkRqZKWIizbzlFSnWan/kAsW3k=
Subject key identifier: 33:3C:A7:F7:8F:54:85:D7:02:2B:97:9E:AE:56:79:24:32:FB:2C:9E
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC9CF432BD6B90D9E5DCE029E57423
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Mzyn949UhdcCK5eerlZ5JDL7LJ4.roa
Signing time: Mon 01 Jan 2024 16:30:18 +0000
ROA not before: Mon 01 Jan 2024 16:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202492
IP address blocks: 164.215.100.0/24 maxlen: 24
46.23.104.0/22 maxlen: 22
85.158.148.0/22 maxlen: 22
85.158.146.0/24 maxlen: 24
85.158.147.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
37.128.200.0/22 maxlen: 22
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
185.81.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:9c:f4:32:bd:6b:90:d9:e5:dc:e0:29:e5:74:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=333ca7f78f5485d7022b979eae56792432fb2c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:f8:cf:aa:5f:de:7b:d5:fa:c1:de:a0:c7:
72:ca:88:af:20:a4:1c:c2:ba:09:1a:ee:2d:2a:01:
e1:85:6b:39:2d:79:17:9c:f2:2c:3d:f6:ec:2e:95:
09:e1:6e:79:9b:36:f5:40:63:fa:c0:a4:7f:73:e6:
0d:af:08:eb:8c:a1:77:de:0f:cf:64:8a:e7:8b:9f:
73:8b:8e:cc:cc:ab:73:f1:10:71:33:fb:f5:52:76:
73:58:e6:14:b3:55:20:2c:52:b1:20:fa:05:a7:ea:
28:a1:b4:a0:e0:29:79:b2:52:80:db:fa:4f:48:02:
7d:31:2a:fd:ea:8e:b9:34:e7:ed:9f:9d:a2:c7:d7:
17:30:6c:82:0f:60:52:da:95:da:69:2a:15:2f:3c:
32:e3:ef:cb:85:f5:f2:71:09:d5:67:b6:5c:f7:da:
3a:48:37:c6:0d:fe:c0:61:58:1c:77:85:cc:9c:73:
0e:53:be:29:55:1a:30:ed:5f:63:f1:86:7f:74:97:
32:8f:66:e5:fb:4a:c0:7b:ac:28:59:69:5c:9d:c4:
cb:f2:d0:5d:f4:46:04:09:17:28:7a:64:a0:39:65:
c8:9b:7f:36:da:59:2c:d4:ed:fc:7a:87:6a:e9:35:
e8:77:8c:bb:e9:a7:3d:16:c8:33:77:97:bb:2d:0e:
7e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3C:A7:F7:8F:54:85:D7:02:2B:97:9E:AE:56:79:24:32:FB:2C:9E
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/Mzyn949UhdcCK5eerlZ5JDL7LJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
37.128.200.0/22
46.23.104.0/22
85.158.146.0-85.158.151.255
109.205.210.0/24
164.215.100.0/24
185.81.218.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:2c:b5:73:b4:cd:81:da:82:58:21:74:09:cd:b1:4b:96:8a:
7c:7c:db:ae:40:7a:7d:5e:35:a1:ba:77:1f:d7:f9:de:40:34:
77:a2:b0:9e:35:2f:28:6a:c1:b0:dc:45:cc:c7:53:f8:5e:64:
52:1d:6d:21:b9:60:69:59:6b:67:69:98:7e:bf:b4:84:b8:65:
27:4f:8f:77:97:f9:fe:87:27:7b:a5:c1:bd:3f:02:2c:a3:ae:
d0:e2:d5:74:e0:73:40:68:ba:e9:76:2e:a1:ea:54:f2:60:d6:
07:e9:5e:73:43:33:8a:c0:b4:29:b0:61:56:af:37:e5:f5:e0:
c2:c8:6e:be:0d:17:1e:9f:57:40:9b:00:a8:03:ac:bb:e9:7a:
97:02:50:1d:ee:54:ad:17:09:aa:99:d4:c7:1e:17:7e:b3:5b:
73:ad:e3:ed:9a:9f:f4:8c:aa:65:3b:98:4c:96:4d:f5:75:c4:
fd:31:63:dc:f5:c9:69:6d:cc:c2:04:b8:69:77:83:09:d3:bf:
c0:dc:b8:7d:f0:23:75:07:aa:dc:39:74:62:b9:78:23:33:a9:
37:4e:e8:5a:81:ae:cd:4f:e7:26:6e:2e:ab:dc:bf:87:dd:56:
60:ed:81:48:13:09:74:25:6a:b2:3d:0d:43:15:00:46:f0:69:
c9:28:bf:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzF3Jz0Mr1rkNnl3OAp5XQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzNjYTdmNzhmNTQ4NWQ3MDIyYjk3OWVhZTU2NzkyNDMyZmIyYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVn4z6pf3nvV+sHeoMdyyoivIKQc
wroJGu4tKgHhhWs5LXkXnPIsPfbsLpUJ4W55mzb1QGP6wKR/c+YNrwjrjKF33g/P
ZIrni59zi47MzKtz8RBxM/v1UnZzWOYUs1UgLFKxIPoFp+ooobSg4Cl5slKA2/pP
SAJ9MSr96o65NOftn52ix9cXMGyCD2BS2pXaaSoVLzwy4+/LhfXycQnVZ7Zc99o6
SDfGDf7AYVgcd4XMnHMOU74pVRow7V9j8YZ/dJcyj2bl+0rAe6woWWlcncTL8tBd
9EYECRcoemSgOWXIm3822lks1O38eodq6TXod4y76ac9Fsgzd5e7LQ5+BQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDM8p/ePVIXXAiuXnq5WeSQy+yyeMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTXp5bjk0OVVoZGNDSzVlZXJsWjVKREw3TEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBQrwAwQC
BQr8AwQCJYDIAwQCLhdoMAwDBAFVnpIDBANVnpADBABtzdIDBACk12QDBAC5Udow
DQYJKoZIhvcNAQELBQADggEBAM8stXO0zYHaglghdAnNsUuWinx8265Aen1eNaG6
dx/X+d5ANHeisJ41LyhqwbDcRczHU/heZFIdbSG5YGlZa2dpmH6/tIS4ZSdPj3eX
+f6HJ3ulwb0/AiyjrtDi1XTgc0Bouul2LqHqVPJg1gfpXnNDM4rAtCmwYVavN+X1
4MLIbr4NFx6fV0CbAKgDrLvpepcCUB3uVK0XCaqZ1MceF36zW3Ot4+2an/SMqmU7
mEyWTfV1xP0xY9z1yWltzMIEuGl3gwnTv8DcuH3wI3UHqtw5dGK5eCMzqTdO6FqB
rs1P5yZuLqvcv4fdVmDtgUgTCXQlarI9DUMVAEbwackov78=
-----END CERTIFICATE-----
Generated at Tue May 7 14:08:01 2024 by rpki-client on console-fra.rpki-client.org