Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/mqvFBum27JNaeI5IVDDo8-82Rjg.roa
File: mqvFBum27JNaeI5IVDDo8-82Rjg.roa (raw, json)
Hash identifier: BIQJE7atqJkxP316P43OodCdb+DczO+FsWQfrvWy258=
Subject key identifier: 9A:AB:C5:06:E9:B6:EC:93:5A:78:8E:48:54:30:E8:F3:EF:36:46:38
Certificate issuer: /CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Certificate serial: 018CC5DC4ABFD50F498AA5D50C62BF8A9867
Authority key identifier: 87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/mqvFBum27JNaeI5IVDDo8-82Rjg.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16815
IP address blocks: 78.108.118.0/24 maxlen: 24
78.108.117.0/24 maxlen: 24
78.108.116.0/24 maxlen: 24
78.108.119.0/24 maxlen: 24
78.108.124.0/23 maxlen: 23
78.108.121.0/24 maxlen: 24
78.108.120.0/24 maxlen: 24
78.108.126.0/24 maxlen: 24
78.108.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4a:bf:d5:0f:49:8a:a5:d5:0c:62:bf:8a:98:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aabc506e9b6ec935a788e485430e8f3ef364638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:de:0b:86:15:ac:ca:90:f0:80:34:72:1d:11:
34:b1:8f:91:58:2f:e5:d5:73:0c:48:80:1e:0e:dd:
5c:d8:23:45:86:22:6c:04:bd:2a:96:81:26:a9:b6:
06:4b:30:2c:4d:58:ae:c8:56:3d:9e:7f:d6:87:31:
f9:e1:7d:d0:3a:11:a7:a1:86:6b:c4:69:2e:27:ca:
85:83:fc:da:3f:4d:a6:e1:79:f6:56:b5:4c:82:ed:
ee:9d:f1:4a:06:b2:30:08:bd:5f:61:fa:ba:49:8e:
db:df:9b:c7:14:44:35:c1:7d:92:35:72:77:be:30:
94:4b:83:36:2f:b2:8e:f3:71:b5:0d:a1:5e:f5:4c:
97:bc:91:a5:7f:4e:87:63:b0:34:bb:31:15:57:a5:
27:e0:ec:c4:5f:d6:3b:0e:f9:07:52:cf:44:4e:ee:
d8:40:61:a2:38:5e:ae:e9:b4:23:a2:26:70:ff:b2:
92:24:46:9f:7f:13:35:01:74:a2:42:cd:46:e1:8c:
83:44:ad:29:14:df:df:60:55:ea:b7:b1:53:a7:19:
3d:95:62:9e:cb:94:a2:5f:3c:ce:1c:75:29:66:e7:
a9:0f:fc:e0:00:ba:c7:82:a0:9e:88:61:de:91:c9:
93:3f:d8:7f:00:0e:19:6c:6f:b3:55:b2:85:7d:20:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AB:C5:06:E9:B6:EC:93:5A:78:8E:48:54:30:E8:F3:EF:36:46:38
X509v3 Authority Key Identifier:
keyid:87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/mqvFBum27JNaeI5IVDDo8-82Rjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.116.0-78.108.121.255
78.108.124.0/22
Signature Algorithm: sha256WithRSAEncryption
41:64:05:1f:fa:e2:7d:52:3b:f0:2d:07:41:d2:a6:21:a5:64:
a1:24:f8:42:c9:fe:83:39:c4:18:1a:59:92:8b:fb:96:91:da:
85:17:46:0e:52:da:b5:69:cc:93:02:97:32:d1:b5:75:dd:94:
74:04:7c:86:20:a9:65:d1:b4:b3:4b:03:af:dc:24:b4:44:53:
ed:cf:58:23:46:a4:d2:16:b1:8b:41:2e:26:5d:4d:c4:be:d0:
e3:11:d2:a1:53:11:fb:a8:c0:da:a1:f8:78:66:ee:90:2a:e9:
67:b9:b1:af:18:9a:eb:b0:da:ba:26:28:ea:2a:05:fb:d6:eb:
79:58:45:c5:eb:f1:fc:7e:65:51:a8:9f:5d:ea:5e:c0:71:0e:
34:06:0e:60:c0:9b:26:d9:f1:f8:a6:df:69:b2:c7:89:87:8a:
74:52:be:56:e0:76:7a:9e:6d:8a:91:e7:35:14:8c:af:bd:a4:
47:6c:0f:eb:fe:b8:8a:22:44:34:be:65:3d:64:7d:2c:f0:de:
8d:1c:02:ef:15:ff:6b:73:c4:eb:f2:9d:90:41:36:85:c5:d8:
b3:5b:e4:bb:20:44:f4:b5:25:f4:93:8e:78:cd:ad:9f:df:98:
5f:27:87:68:e6:d2:c6:ad:b6:99:08:95:c8:6e:87:06:67:db:
f5:2c:75:3e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3Eq/1Q9JiqXVDGK/iphnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWUwYWYyODJkZDRlOWJjMWI4MjE5NGFlZDNiMTk2OTNk
ODcyOTgwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWFiYzUwNmU5YjZlYzkzNWE3ODhlNDg1NDMwZThmM2VmMzY0NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN4LhhWsypDwgDRyHRE0sY+RWC/l
1XMMSIAeDt1c2CNFhiJsBL0qloEmqbYGSzAsTViuyFY9nn/WhzH54X3QOhGnoYZr
xGkuJ8qFg/zaP02m4Xn2VrVMgu3unfFKBrIwCL1fYfq6SY7b35vHFEQ1wX2SNXJ3
vjCUS4M2L7KO83G1DaFe9UyXvJGlf06HY7A0uzEVV6Un4OzEX9Y7DvkHUs9ETu7Y
QGGiOF6u6bQjoiZw/7KSJEaffxM1AXSiQs1G4YyDRK0pFN/fYFXqt7FTpxk9lWKe
y5SiXzzOHHUpZuepD/zgALrHgqCeiGHekcmTP9h/AA4ZbG+zVbKFfSAHawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJqrxQbptuyTWniOSFQw6PPvNkY4MB8GA1UdIwQY
MBaAFIeuCvKC3U6bwbghlK7TsZaT2HKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQt
Y2VmMDEzNjJjNGE4LzEvbXF2RkJ1bTI3Sk5hZUk1SVZERG84LTgyUmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQtY2VmMDEzNjJjNGE4
LzEvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJObHQD
BAFObHgDBAJObHwwDQYJKoZIhvcNAQELBQADggEBAEFkBR/64n1SO/AtB0HSpiGl
ZKEk+ELJ/oM5xBgaWZKL+5aR2oUXRg5S2rVpzJMClzLRtXXdlHQEfIYgqWXRtLNL
A6/cJLREU+3PWCNGpNIWsYtBLiZdTcS+0OMR0qFTEfuowNqh+Hhm7pAq6We5sa8Y
muuw2romKOoqBfvW63lYRcXr8fx+ZVGon13qXsBxDjQGDmDAmybZ8fim32myx4mH
inRSvlbgdnqebYqR5zUUjK+9pEdsD+v+uIoiRDS+ZT1kfSzw3o0cAu8V/2tzxOvy
nZBBNoXF2LNb5LsgRPS1JfSTjnjNrZ/fmF8nh2jm0sattpkIlchuhwZn2/UsdT4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:02:05 2024 by rpki-client on console-ams.rpki-client.org