Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mshsch9jvLRWMOkW640opDKVZ6U.roa
File: mshsch9jvLRWMOkW640opDKVZ6U.roa (raw, json)
Hash identifier: BsoqjBrJxvmkPWcY+fPLitNMqJrGGEQ6Lx9nbs/IguA=
Subject key identifier: 9A:C8:6C:72:1F:63:BC:B4:56:30:E9:16:EB:8D:28:A4:32:95:67:A5
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 019442751F36BAF8F8AF190118E0B8C03AE8
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mshsch9jvLRWMOkW640opDKVZ6U.roa
Signing time: Tue 07 Jan 2025 20:29:19 +0000
ROA not before: Tue 07 Jan 2025 20:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196925
IP address blocks: 5.178.8.0/24 maxlen: 24
46.23.97.0/24 maxlen: 24
85.158.144.0/24 maxlen: 24
88.151.193.0/24 maxlen: 24
109.205.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:75:1f:36:ba:f8:f8:af:19:01:18:e0:b8:c0:3a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 7 20:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ac86c721f63bcb45630e916eb8d28a4329567a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:76:54:fa:5f:17:3a:c4:37:02:af:f5:44:a0:
a0:83:d5:56:9b:10:af:5c:ef:6f:51:2c:f1:61:fa:
1b:ad:c0:8c:87:37:52:e1:d0:97:9f:67:6d:46:77:
24:f4:50:47:e3:3f:1b:75:0f:6e:4a:7a:61:c8:a6:
b7:57:91:9a:fe:a5:83:c1:5c:dd:ee:54:fa:0c:67:
96:83:67:e0:f7:95:41:d5:ec:c7:d0:74:79:4d:36:
3b:1e:21:fc:77:81:35:e2:e6:c9:ff:b9:59:59:2a:
80:c1:87:94:b3:08:30:5e:fa:cf:47:2d:2d:73:51:
70:02:5f:93:cd:52:73:7c:ae:a5:c8:06:69:09:91:
94:1d:fb:83:6f:c5:0c:7a:08:e1:9b:0d:95:7b:e0:
d7:aa:8f:a0:08:20:d8:ea:84:36:0c:f7:98:02:93:
5c:47:1e:d7:20:e1:94:78:25:c2:25:6c:11:e4:e4:
87:25:21:65:30:f1:7a:a1:e5:16:40:18:58:d0:2a:
c8:ae:a9:88:62:b9:90:6e:2c:ff:5e:66:82:10:6c:
c6:3d:ad:47:c5:9a:03:3e:bb:dc:01:29:4b:04:bd:
46:62:b7:e1:c2:f6:7e:de:2f:aa:77:97:dc:0c:63:
84:e2:41:7f:23:ef:89:df:a0:a8:dc:4e:20:1b:f3:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C8:6C:72:1F:63:BC:B4:56:30:E9:16:EB:8D:28:A4:32:95:67:A5
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/mshsch9jvLRWMOkW640opDKVZ6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.8.0/24
46.23.97.0/24
85.158.144.0/24
88.151.193.0/24
109.205.209.0/24
Signature Algorithm: sha256WithRSAEncryption
35:55:d2:28:84:8d:ef:de:df:b6:98:eb:ed:9e:2a:58:d3:04:
76:b8:97:86:92:ab:f9:77:7c:81:7b:ce:af:36:6d:d5:58:37:
1d:70:6f:0b:cf:35:00:6c:4f:b9:31:4b:3f:97:39:8f:76:88:
88:a1:29:4b:7d:ff:95:d6:87:76:dc:1c:f0:cd:67:91:64:79:
43:4a:a6:93:dc:e3:bd:1c:45:fb:1e:02:be:c0:9e:8b:d9:6e:
72:0c:39:f7:a8:00:fb:68:ea:cb:57:b9:ac:af:67:05:51:d8:
bd:ba:18:d0:e7:3e:eb:c9:d6:82:35:3d:06:12:01:78:76:ea:
67:38:45:d4:62:f3:2c:ca:97:72:e0:f7:70:aa:a6:40:e4:30:
fb:88:f2:e5:eb:30:0a:a3:fc:eb:3a:05:5c:c4:55:57:7f:21:
fe:0b:3a:61:e8:ba:12:ec:64:d5:22:85:b9:1a:bf:e8:4a:79:
47:40:71:bf:4f:ee:5c:84:9f:87:bc:ea:a6:b1:ea:19:fe:e3:
a1:aa:5a:83:83:62:a4:28:2e:c3:36:7e:0f:fb:38:3f:8b:98:
64:e9:aa:0e:bc:3f:06:22:62:18:c8:6a:f6:c9:63:97:21:50:
41:80:d1:28:18:64:ec:24:70:9c:ac:fb:e6:2f:82:19:bb:5c:
c9:84:bc:f6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRCdR82uvj4rxkBGOC4wDroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwMTA3MjAyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM4NmM3MjFmNjNiY2I0NTYzMGU5MTZlYjhkMjhhNDMyOTU2N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHZU+l8XOsQ3Aq/1RKCgg9VWmxCv
XO9vUSzxYfobrcCMhzdS4dCXn2dtRnck9FBH4z8bdQ9uSnphyKa3V5Ga/qWDwVzd
7lT6DGeWg2fg95VB1ezH0HR5TTY7HiH8d4E14ubJ/7lZWSqAwYeUswgwXvrPRy0t
c1FwAl+TzVJzfK6lyAZpCZGUHfuDb8UMegjhmw2Ve+DXqo+gCCDY6oQ2DPeYApNc
Rx7XIOGUeCXCJWwR5OSHJSFlMPF6oeUWQBhY0CrIrqmIYrmQbiz/XmaCEGzGPa1H
xZoDPrvcASlLBL1GYrfhwvZ+3i+qd5fcDGOE4kF/I++J36Co3E4gG/MMjwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJrIbHIfY7y0VjDpFuuNKKQylWelMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbXNoc2NoOWp2TFJXTU9rVzY0MG9wREtWWjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbIIAwQA
LhdhAwQAVZ6QAwQAWJfBAwQAbc3RMA0GCSqGSIb3DQEBCwUAA4IBAQA1VdIohI3v
3t+2mOvtnipY0wR2uJeGkqv5d3yBe86vNm3VWDcdcG8LzzUAbE+5MUs/lzmPdoiI
oSlLff+V1od23BzwzWeRZHlDSqaT3OO9HEX7HgK+wJ6L2W5yDDn3qAD7aOrLV7ms
r2cFUdi9uhjQ5z7rydaCNT0GEgF4dupnOEXUYvMsypdy4PdwqqZA5DD7iPLl6zAK
o/zrOgVcxFVXfyH+Czph6LoS7GTVIoW5Gr/oSnlHQHG/T+5chJ+HvOqmseoZ/uOh
qlqDg2KkKC7DNn4P+zg/i5hk6aoOvD8GImIYyGr2yWOXIVBBgNEoGGTsJHCcrPvm
L4IZu1zJhLz2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:55 2025 by rpki-client