Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mMUc4pxWHtq0WW2fkrFf7VhD-cA.roa
File: mMUc4pxWHtq0WW2fkrFf7VhD-cA.roa (raw, json)
Hash identifier: CA4Qu2jhzu8yrvEPo6MZ2aPLlWtc9D/9FKcARUj14x0=
Subject key identifier: 98:C5:1C:E2:9C:56:1E:DA:B4:59:6D:9F:92:B1:5F:ED:58:43:F9:C0
Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f
Certificate serial: 018CC7936086A7878708DA115C07E6FE4695
Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mMUc4pxWHtq0WW2fkrFf7VhD-cA.roa
Signing time: Tue 02 Jan 2024 00:29:33 +0000
ROA not before: Tue 02 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21232
IP address blocks: 185.41.132.0/22 maxlen: 22
213.188.32.0/19 maxlen: 19
185.110.184.0/22 maxlen: 22
185.119.36.0/22 maxlen: 22
62.32.0.0/19 maxlen: 19
82.192.224.0/19 maxlen: 19
185.110.88.0/22 maxlen: 22
77.74.56.0/21 maxlen: 21
213.160.32.0/19 maxlen: 19
79.142.128.0/20 maxlen: 20
195.216.64.0/19 maxlen: 19
185.132.16.0/22 maxlen: 22
185.64.184.0/22 maxlen: 22
185.31.248.0/22 maxlen: 22
185.110.72.0/22 maxlen: 22
185.45.236.0/22 maxlen: 22
93.184.16.0/20 maxlen: 20
2a02:5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:60:86:a7:87:87:08:da:11:5c:07:e6:fe:46:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f
Validity
Not Before: Jan 2 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c51ce29c561edab4596d9f92b15fed5843f9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:70:5d:bf:97:68:55:48:65:8b:ff:74:eb:58:
c0:c5:e0:ec:bf:68:ae:45:1c:45:ff:35:37:67:ab:
b3:67:08:9e:22:e4:54:f2:42:ab:2e:5f:31:1e:30:
eb:e1:ea:56:8f:61:6a:81:7e:f1:b4:d1:36:75:54:
9c:e0:1a:a8:fe:c2:53:1e:b5:e3:60:87:24:95:5f:
43:d0:45:12:6b:bb:20:00:26:dd:91:fa:88:af:dd:
e2:31:79:64:f9:2e:45:e0:b1:52:70:cb:e9:21:73:
f4:fc:10:14:07:d1:23:07:7f:b5:9f:c2:db:20:b3:
11:95:64:9f:16:55:98:c4:9e:75:8e:84:fd:71:62:
11:34:dc:46:a0:76:69:41:b6:97:b4:64:b1:fb:3a:
41:34:8a:d4:37:6f:1e:5e:b4:74:8a:9b:30:91:ae:
53:ef:f5:80:a2:ba:10:c3:4f:8d:a4:15:2d:03:cb:
76:de:d2:6f:a6:1e:6b:48:e2:f9:41:c4:3f:6c:bd:
72:00:f0:2b:53:c7:51:9f:d5:f3:b9:83:8e:95:e6:
07:96:33:08:93:04:e5:78:a6:6e:31:07:d3:01:78:
96:c5:d2:0b:85:95:19:8f:90:03:25:cd:89:2f:c4:
38:d1:b8:a0:8e:e0:a5:d1:02:fd:b7:65:b5:a0:27:
6c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C5:1C:E2:9C:56:1E:DA:B4:59:6D:9F:92:B1:5F:ED:58:43:F9:C0
X509v3 Authority Key Identifier:
keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/mMUc4pxWHtq0WW2fkrFf7VhD-cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.0.0/19
77.74.56.0/21
79.142.128.0/20
82.192.224.0/19
93.184.16.0/20
185.31.248.0/22
185.41.132.0/22
185.45.236.0/22
185.64.184.0/22
185.110.72.0/22
185.110.88.0/22
185.110.184.0/22
185.119.36.0/22
185.132.16.0/22
195.216.64.0/19
213.160.32.0/19
213.188.32.0/19
IPv6:
2a02:5c0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:a3:65:ea:39:4b:5b:46:fd:64:35:1b:7a:e6:40:5c:ca:f0:
39:a4:4f:eb:33:c6:3d:02:f2:e9:3a:03:5f:b4:50:59:b7:ca:
23:5c:1f:d1:05:6c:40:38:49:e4:14:79:ce:90:d2:4b:ba:25:
28:bc:29:14:4b:45:ee:b7:4f:56:ef:1a:c6:38:97:56:53:18:
e3:69:fa:5c:20:35:80:19:32:bf:3a:7c:02:7a:77:2f:12:6e:
96:e7:48:f1:d7:53:f2:b9:93:04:cc:1c:7f:c8:1f:ab:6a:36:
1b:cf:64:dd:cb:8d:48:fc:51:6a:64:88:f2:91:c7:8e:08:ac:
96:69:4c:58:a7:e1:31:ef:c2:88:f3:52:0f:d4:5e:6a:b7:bd:
f0:7d:39:7d:f9:66:48:44:03:98:77:6c:14:5e:6c:2a:ff:d7:
5d:df:b0:44:d6:03:01:e8:70:ee:1e:3f:44:c6:eb:5d:a1:8f:
4a:65:45:a3:ec:fc:e4:07:59:af:fb:5f:0d:0e:f0:6e:9e:26:
05:07:e3:98:f1:5d:4f:e9:de:67:43:6d:18:2b:ec:f3:00:ad:
d2:21:fc:c6:69:ee:d0:52:3f:b7:28:fb:db:b1:7c:d7:01:17:
a6:1c:45:67:fa:98:3b:e5:90:ed:e3:5a:19:bb:79:71:b0:6a:
53:94:ff:bf
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzHk2CGp4eHCNoRXAfm/kaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWJmNWE0NzRhZmU3MjEyMzMxNjcwZTgzMWUxMTlkYTM4
ZjI4NGYwHhcNMjQwMTAyMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM1MWNlMjljNTYxZWRhYjQ1OTZkOWY5MmIxNWZlZDU4NDNmOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3Bdv5doVUhli/9061jAxeDsv2iu
RRxF/zU3Z6uzZwieIuRU8kKrLl8xHjDr4epWj2FqgX7xtNE2dVSc4Bqo/sJTHrXj
YIcklV9D0EUSa7sgACbdkfqIr93iMXlk+S5F4LFScMvpIXP0/BAUB9EjB3+1n8Lb
ILMRlWSfFlWYxJ51joT9cWIRNNxGoHZpQbaXtGSx+zpBNIrUN28eXrR0ipswka5T
7/WAoroQw0+NpBUtA8t23tJvph5rSOL5QcQ/bL1yAPArU8dRn9XzuYOOleYHljMI
kwTleKZuMQfTAXiWxdILhZUZj5ADJc2JL8Q40bigjuCl0QL9t2W1oCdsYQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFJjFHOKcVh7atFltn5KxX+1YQ/nAMB8GA1UdIwQY
MBaAFL+r9aR0r+chIzFnDoMeEZ2jjyhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWIt
ZmViYmM0YTNiNDViLzEvbU1VYzRweFdIdHEwV1cyZmtyRmY3VmhELWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWItZmViYmM0YTNiNDVi
LzEvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEBT4gAAME
A01KOAMEBE+OgAMEBVLA4AMEBF24EAMEArkf+AMEArkphAMEArkt7AMEArlAuAME
ArluSAMEArluWAMEArluuAMEArl3JAMEArmEEAMEBcPYQAMEBdWgIAMEBdW8IDAN
BAIAAjAHAwUAKgIFwDANBgkqhkiG9w0BAQsFAAOCAQEAfKNl6jlLW0b9ZDUbeuZA
XMrwOaRP6zPGPQLy6ToDX7RQWbfKI1wf0QVsQDhJ5BR5zpDSS7olKLwpFEtF7rdP
Vu8axjiXVlMY42n6XCA1gBkyvzp8Anp3LxJuludI8ddT8rmTBMwcf8gfq2o2G89k
3cuNSPxRamSI8pHHjgislmlMWKfhMe/CiPNSD9Reare98H05fflmSEQDmHdsFF5s
Kv/XXd+wRNYDAehw7h4/RMbrXaGPSmVFo+z85AdZr/tfDQ7wbp4mBQfjmPFdT+ne
Z0NtGCvs8wCt0iH8xmnu0FI/tyj727F81wEXphxFZ/qYO+WQ7eNaGbt5cbBqU5T/
vw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:15 2024 by rpki-client on console-ams.rpki-client.org