Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/CMrckiHBZeQCcTTNJSRUGdsmQuU.roa
File: CMrckiHBZeQCcTTNJSRUGdsmQuU.roa (raw, json)
Hash identifier: qUgJ24CJW0Ikub458wVsppnP5qVtzqMGF3VAIQtVn8k=
Subject key identifier: 08:CA:DC:92:21:C1:65:E4:02:71:34:CD:25:24:54:19:DB:26:42:E5
Certificate issuer: /CN=13764a52c85e07e33749743d23a5a24d096df147
Certificate serial: 018CC56E66775882C11E74067779C4DCC4E9
Authority key identifier: 13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/CMrckiHBZeQCcTTNJSRUGdsmQuU.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49083
IP address blocks: 185.147.148.0/22 maxlen: 22
95.131.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:66:77:58:82:c1:1e:74:06:77:79:c4:dc:c4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13764a52c85e07e33749743d23a5a24d096df147
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08cadc9221c165e4027134cd25245419db2642e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:41:36:82:4d:66:90:44:0e:13:57:5f:17:b4:
5b:84:e9:6c:5d:17:46:2c:b1:3f:4e:35:bb:5a:15:
d2:7c:5c:56:02:03:9d:b7:f7:68:15:c3:ae:4d:78:
9c:01:fb:20:8d:61:6c:ee:1d:f4:2d:6b:f3:5d:b5:
c9:ed:76:5b:7d:02:df:aa:7f:c0:76:98:c9:dc:e4:
20:5e:0e:43:56:fc:26:a4:b1:fd:69:ac:8b:87:30:
b8:05:b1:50:83:a3:4f:c2:93:bf:b5:67:56:04:cb:
9c:95:0c:e0:c3:71:b7:b1:84:55:8e:f0:fd:f3:2a:
ec:10:33:da:a3:90:8f:56:8a:93:c6:e4:76:8f:fe:
67:81:06:d6:3c:1a:00:c7:40:a1:1c:11:2a:a3:b1:
de:40:f3:1a:0c:1f:dd:ce:67:b6:a4:ca:6a:ae:64:
30:0f:3c:61:50:6b:8f:20:86:8d:c7:e0:b4:9b:02:
d0:49:61:15:d6:c9:ea:c6:80:69:e1:e2:a3:54:4c:
b1:62:51:8c:da:1d:c2:97:8e:03:6f:fa:2d:84:d8:
8c:b7:92:6b:24:31:87:fb:98:59:95:25:47:2e:d6:
ff:6d:8d:5b:e5:b4:e5:61:df:1e:e5:f5:c4:c3:e5:
34:e5:24:02:35:4e:cc:14:8b:5e:89:5b:cc:80:f1:
be:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CA:DC:92:21:C1:65:E4:02:71:34:CD:25:24:54:19:DB:26:42:E5
X509v3 Authority Key Identifier:
keyid:13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/CMrckiHBZeQCcTTNJSRUGdsmQuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.240.0/21
185.147.148.0/22
Signature Algorithm: sha256WithRSAEncryption
44:c1:8d:27:d9:49:c0:17:5e:23:20:84:e9:59:d4:df:73:53:
36:6c:20:9f:38:0d:ee:82:00:d8:ac:e5:55:48:de:5b:4f:85:
fa:97:b3:8a:88:ac:af:cb:c3:ac:73:b0:10:48:78:94:f2:9a:
6a:6b:fc:b9:ab:8a:3c:b8:c3:bc:e4:08:6b:38:03:d0:47:8b:
06:b9:98:ca:19:4f:6f:2a:0d:a5:9e:c9:35:bc:cf:f7:14:6b:
2b:d8:0b:96:b8:19:ba:49:23:a8:ad:0e:a0:a6:37:ae:6a:c9:
3d:c4:b6:c0:0c:35:78:37:59:20:11:d8:ee:be:f1:45:c9:d8:
31:67:cd:92:65:12:43:99:71:1c:26:71:de:9d:5b:20:54:93:
cd:be:87:ba:ff:64:09:67:7c:76:f9:09:43:63:53:fe:f4:17:
75:f3:09:7b:db:3b:a7:25:42:2c:87:19:23:f8:8f:4c:fa:60:
5b:75:62:f3:0c:ea:f2:44:3f:c4:f6:8a:1a:21:19:d6:15:26:
0b:6c:d3:03:ef:c0:db:13:47:70:19:6d:ca:4c:5a:f7:7f:53:
07:b0:cb:1b:37:12:0d:5e:4e:8c:83:2d:1e:57:3d:aa:0a:75:
9b:68:85:ec:a8:68:e8:17:30:24:5c:0a:15:07:a3:8d:bc:22:
7d:98:9c:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbmZ3WILBHnQGd3nE3MTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzY0YTUyYzg1ZTA3ZTMzNzQ5NzQzZDIzYTVhMjRkMDk2
ZGYxNDcwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNhZGM5MjIxYzE2NWU0MDI3MTM0Y2QyNTI0NTQxOWRiMjY0MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0E2gk1mkEQOE1dfF7RbhOlsXRdG
LLE/TjW7WhXSfFxWAgOdt/doFcOuTXicAfsgjWFs7h30LWvzXbXJ7XZbfQLfqn/A
dpjJ3OQgXg5DVvwmpLH9aayLhzC4BbFQg6NPwpO/tWdWBMuclQzgw3G3sYRVjvD9
8yrsEDPao5CPVoqTxuR2j/5ngQbWPBoAx0ChHBEqo7HeQPMaDB/dzme2pMpqrmQw
DzxhUGuPIIaNx+C0mwLQSWEV1snqxoBp4eKjVEyxYlGM2h3Cl44Db/othNiMt5Jr
JDGH+5hZlSVHLtb/bY1b5bTlYd8e5fXEw+U05SQCNU7MFIteiVvMgPG+4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAjK3JIhwWXkAnE0zSUkVBnbJkLlMB8GA1UdIwQY
MBaAFBN2SlLIXgfjN0l0PSOlok0JbfFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2Mt
MjAzZTQ1NjE2MzA2LzEvQ01yY2tpSEJaZVFDY1RUTkpTUlVHZHNtUXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2MtMjAzZTQ1NjE2MzA2
LzEvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4PwAwQC
uZOUMA0GCSqGSIb3DQEBCwUAA4IBAQBEwY0n2UnAF14jIITpWdTfc1M2bCCfOA3u
ggDYrOVVSN5bT4X6l7OKiKyvy8Osc7AQSHiU8ppqa/y5q4o8uMO85AhrOAPQR4sG
uZjKGU9vKg2lnsk1vM/3FGsr2AuWuBm6SSOorQ6gpjeuask9xLbADDV4N1kgEdju
vvFFydgxZ82SZRJDmXEcJnHenVsgVJPNvoe6/2QJZ3x2+QlDY1P+9Bd18wl72zun
JUIshxkj+I9M+mBbdWLzDOryRD/E9ooaIRnWFSYLbNMD78DbE0dwGW3KTFr3f1MH
sMsbNxINXk6Mgy0eVz2qCnWbaIXsqGjoFzAkXAoVB6ONvCJ9mJwt
-----END CERTIFICATE-----
Generated at Sun May 19 18:40:44 2024 by rpki-client on console-ams.rpki-client.org