Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/MmcWaOxc8b75v3m0nIJLwxwwiRc.roa
File: MmcWaOxc8b75v3m0nIJLwxwwiRc.roa (raw, json)
Hash identifier: tP+mYqn80gjkL5jn34IsjubW7Icx82DrQQX/N+WWlos=
Subject key identifier: 32:67:16:68:EC:5C:F1:BE:F9:BF:79:B4:9C:82:4B:C3:1C:30:89:17
Certificate issuer: /CN=e875464e89816ef00b0369502018a7e59ce2d36c
Certificate serial: 018CCA99AD0D19A51AD99B6E85AB9EFA82AB
Authority key identifier: E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/MmcWaOxc8b75v3m0nIJLwxwwiRc.roa
Signing time: Tue 02 Jan 2024 14:35:18 +0000
ROA not before: Tue 02 Jan 2024 14:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198947
IP address blocks: 185.22.180.0/22 maxlen: 22
139.45.248.0/21 maxlen: 21
2a00:65e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.mft
rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:ad:0d:19:a5:1a:d9:9b:6e:85:ab:9e:fa:82:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e875464e89816ef00b0369502018a7e59ce2d36c
Validity
Not Before: Jan 2 14:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32671668ec5cf1bef9bf79b49c824bc31c308917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3c:3e:0b:a8:ca:6c:a9:ab:1f:6e:4c:bc:78:
11:b8:82:cf:7e:2d:e9:74:e4:ff:26:74:88:0b:df:
75:75:7d:96:2f:6b:ce:87:3f:4d:66:4d:ca:0d:2b:
6d:e9:d5:12:3e:ab:49:1f:44:cd:5b:f4:d1:fd:0f:
85:f5:8e:40:1c:18:9e:34:af:20:fa:4e:b9:b6:ab:
66:e8:82:a2:03:9b:4a:6f:e4:f0:6c:1d:66:f8:b6:
64:eb:89:c3:e1:ea:5d:5f:4a:f6:a2:fb:97:5e:fb:
75:85:e2:60:8e:cd:d2:94:94:29:e1:ce:5b:85:8a:
79:af:df:2f:f4:33:80:0f:5d:d8:c0:98:fd:01:a8:
6a:83:81:ad:59:e7:41:2f:b4:06:d0:48:93:c4:ad:
ef:a7:2f:89:cb:57:67:0c:95:82:89:e6:8e:2f:a4:
61:34:8a:b8:5a:e6:0f:72:ef:82:2c:6d:b8:07:55:
1e:bf:7e:94:4b:3e:87:fe:61:f9:e3:a6:ea:3c:2a:
3e:52:a6:f8:7e:30:c2:35:02:08:e9:38:b2:3a:5f:
a5:be:73:b0:6d:0f:4a:60:ba:d0:c5:68:d6:86:e1:
ea:86:3c:74:1f:14:ea:ab:06:16:63:49:1b:cf:f0:
c2:94:26:85:57:8d:1e:38:46:a9:5d:04:99:4e:d4:
66:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:67:16:68:EC:5C:F1:BE:F9:BF:79:B4:9C:82:4B:C3:1C:30:89:17
X509v3 Authority Key Identifier:
keyid:E8:75:46:4E:89:81:6E:F0:0B:03:69:50:20:18:A7:E5:9C:E2:D3:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HVGTomBbvALA2lQIBin5Zzi02w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/MmcWaOxc8b75v3m0nIJLwxwwiRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/c3069e-5ffc-4c8c-91dc-31d197f139d8/1/6HVGTomBbvALA2lQIBin5Zzi02w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.45.248.0/21
185.22.180.0/22
IPv6:
2a00:65e0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:79:0b:ff:aa:87:ec:77:d3:5f:2a:c8:3d:08:46:82:7a:a4:
ed:de:00:f4:d5:a0:f1:65:79:46:30:d5:48:50:0d:38:c0:ef:
9a:d0:ba:56:19:d6:87:ac:8e:89:9b:bd:01:ad:47:40:91:4c:
2b:94:33:c1:d9:7d:b8:a8:ca:7b:ae:e1:25:b0:7a:26:ff:18:
a8:e4:a9:aa:e9:0e:df:09:f1:04:6c:06:c4:90:79:9c:06:92:
d1:65:45:1b:7a:67:98:cf:f4:84:aa:93:a9:88:92:27:86:f9:
eb:6b:67:6e:ef:08:96:22:78:99:95:08:b2:cf:e7:75:7e:39:
1d:2b:d6:5b:ae:a1:6d:e6:2d:21:ae:36:3b:94:b2:ce:9e:06:
8b:67:5a:fd:80:63:2b:8a:9b:bb:02:6e:7c:3c:a3:7f:a6:a9:
35:e1:f5:91:f6:a8:80:b8:41:e4:66:e6:ec:94:da:27:af:f9:
18:d1:86:52:d2:2b:1e:14:05:85:7f:1e:dc:f3:06:51:b8:3e:
50:23:e8:3f:f1:2e:ac:ba:fb:62:bc:1d:aa:94:26:c6:09:fd:
02:60:05:30:ef:24:98:f5:6d:19:1d:53:58:13:b7:b8:08:54:
89:4e:c8:01:2a:81:c1:bb:81:60:9b:88:c5:9a:59:3d:f2:ec:
d8:29:29:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKma0NGaUa2Ztuhaue+oKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NzU0NjRlODk4MTZlZjAwYjAzNjk1MDIwMThhN2U1OWNl
MmQzNmMwHhcNMjQwMTAyMTQzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY3MTY2OGVjNWNmMWJlZjliZjc5YjQ5YzgyNGJjMzFjMzA4OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDw+C6jKbKmrH25MvHgRuILPfi3p
dOT/JnSIC991dX2WL2vOhz9NZk3KDStt6dUSPqtJH0TNW/TR/Q+F9Y5AHBieNK8g
+k65tqtm6IKiA5tKb+TwbB1m+LZk64nD4epdX0r2ovuXXvt1heJgjs3SlJQp4c5b
hYp5r98v9DOAD13YwJj9Aahqg4GtWedBL7QG0EiTxK3vpy+Jy1dnDJWCieaOL6Rh
NIq4WuYPcu+CLG24B1Uev36USz6H/mH546bqPCo+Uqb4fjDCNQII6TiyOl+lvnOw
bQ9KYLrQxWjWhuHqhjx0HxTqqwYWY0kbz/DClCaFV40eOEapXQSZTtRm9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDJnFmjsXPG++b95tJyCS8McMIkXMB8GA1UdIwQY
MBaAFOh1Rk6JgW7wCwNpUCAYp+Wc4tNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMt
MzFkMTk3ZjEzOWQ4LzEvTW1jV2FPeGM4Yjc1djNtMG5JSkx3eHd3aVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9jMzA2OWUtNWZmYy00YzhjLTkxZGMtMzFkMTk3ZjEzOWQ4
LzEvNkhWR1RvbUJidkFMQTJsUUlCaW41WnppMDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDiy34AwQC
uRa0MA0EAgACMAcDBQAqAGXgMA0GCSqGSIb3DQEBCwUAA4IBAQCMeQv/qofsd9Nf
Ksg9CEaCeqTt3gD01aDxZXlGMNVIUA04wO+a0LpWGdaHrI6Jm70BrUdAkUwrlDPB
2X24qMp7ruElsHom/xio5Kmq6Q7fCfEEbAbEkHmcBpLRZUUbemeYz/SEqpOpiJIn
hvnra2du7wiWIniZlQiyz+d1fjkdK9ZbrqFt5i0hrjY7lLLOngaLZ1r9gGMripu7
Am58PKN/pqk14fWR9qiAuEHkZubslNonr/kY0YZS0iseFAWFfx7c8wZRuD5QI+g/
8S6suvtivB2qlCbGCf0CYAUw7ySY9W0ZHVNYE7e4CFSJTsgBKoHBu4Fgm4jFmlk9
8uzYKSnL
-----END CERTIFICATE-----
Generated at Wed May 22 07:48:19 2024 by rpki-client on console-fra.rpki-client.org