Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/MqGSyUJ1UGYec7btXi_Onx4fB9g.roa
File: MqGSyUJ1UGYec7btXi_Onx4fB9g.roa (raw, json)
Hash identifier: z6UUbn8HDv0mRKV3SPjm+NmVJe+HeptVdpAg19s+4LQ=
Subject key identifier: 32:A1:92:C9:42:75:50:66:1E:73:B6:ED:5E:2F:CE:9F:1E:1F:07:D8
Certificate issuer: /CN=db2d75c6d547750642241b0749cfa052c8c17f34
Certificate serial: 018CC9BC88CC83F4C34E904FF506AD596328
Authority key identifier: DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/MqGSyUJ1UGYec7btXi_Onx4fB9g.roa
Signing time: Tue 02 Jan 2024 10:33:45 +0000
ROA not before: Tue 02 Jan 2024 10:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206366
IP address blocks: 185.188.148.0/22 maxlen: 24
45.142.68.0/22 maxlen: 24
193.37.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:88:cc:83:f4:c3:4e:90:4f:f5:06:ad:59:63:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2d75c6d547750642241b0749cfa052c8c17f34
Validity
Not Before: Jan 2 10:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a192c9427550661e73b6ed5e2fce9f1e1f07d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:3f:73:6f:7f:5d:bb:83:3f:93:d4:4b:e5:
c2:b2:60:60:3e:2e:44:4d:69:9d:f7:81:3c:5c:45:
84:5c:a4:27:b6:3e:46:89:27:9a:0b:48:f1:74:de:
f4:a4:5e:a1:a1:1b:94:07:ec:f0:8a:b3:49:5c:8c:
b0:73:89:ce:64:82:1d:0b:fc:0a:2b:2e:65:87:51:
5f:24:0d:cd:42:78:32:ac:a1:f9:77:96:dc:7d:f5:
c9:88:19:ca:3c:4a:24:92:c9:ef:63:b7:35:59:0d:
01:22:9a:e7:37:b3:6a:db:55:3e:39:79:29:dc:af:
fb:b5:ab:d4:f2:f2:0e:f4:bf:35:9f:a2:e4:d1:a2:
81:2e:3c:73:3f:af:58:0f:8b:2c:9d:70:04:09:c8:
4d:53:a5:0c:dc:7d:64:c3:df:7a:11:c3:4e:8f:fd:
ad:23:2c:6c:72:0b:09:ea:43:f8:91:23:cb:e8:70:
de:0b:9d:ef:56:92:0c:ba:87:ad:0a:be:96:33:17:
d3:b6:c0:a2:ce:ca:e4:c0:e0:75:ba:9b:e6:84:b8:
5f:8f:80:57:fb:b3:6e:f3:47:bd:3d:24:44:28:2c:
ce:9e:20:76:13:c8:f8:e0:dd:9c:bb:ee:fb:0d:83:
6f:ca:5d:cb:2b:dc:fe:1f:01:a4:3e:52:d3:bb:3d:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A1:92:C9:42:75:50:66:1E:73:B6:ED:5E:2F:CE:9F:1E:1F:07:D8
X509v3 Authority Key Identifier:
keyid:DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/MqGSyUJ1UGYec7btXi_Onx4fB9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.68.0/22
185.188.148.0/22
193.37.60.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:48:79:99:11:b0:49:42:5e:65:20:56:1b:86:c4:0c:c6:83:
9d:67:21:81:16:c7:3b:14:ea:c6:ac:3d:55:19:cf:4d:23:b6:
3b:fc:c3:60:5f:1f:d6:c0:66:7d:dc:6a:0a:9f:e1:c0:7f:ea:
0a:71:80:58:a3:e3:c0:f5:89:7d:b7:af:2e:11:c2:88:75:b1:
5f:2e:f3:ee:10:ec:13:db:68:81:1f:e4:49:12:82:c4:51:d5:
98:62:6a:e6:8e:1f:c7:aa:b8:b2:39:67:95:96:49:88:7a:9e:
bb:f1:1d:b8:e0:30:5d:9a:7a:0c:55:f4:fb:48:4a:d0:87:fa:
ad:b2:a2:5f:85:24:5d:31:fc:61:72:7b:e9:a8:66:ab:af:62:
6a:84:8f:21:79:80:b6:e4:ed:96:ee:ad:b8:e8:78:75:4e:d2:
a3:d7:d3:da:78:45:d8:9d:3d:03:20:ca:14:b5:7d:9a:eb:1d:
89:3a:b4:7f:27:25:7e:8e:9c:6b:9b:11:7d:c1:21:91:d3:d1:
ef:d9:95:b3:9a:3b:67:18:f3:fa:80:fb:86:5d:9d:55:20:c2:
75:fe:4b:c0:59:a6:24:95:e0:75:fd:68:0a:2e:72:42:9b:a2:
9d:e8:ea:94:6b:54:24:f6:08:31:d9:d6:95:12:1b:90:51:ab:
9f:8b:e7:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvIjMg/TDTpBP9QatWWMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMmQ3NWM2ZDU0Nzc1MDY0MjI0MWIwNzQ5Y2ZhMDUyYzhj
MTdmMzQwHhcNMjQwMTAyMTAzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmExOTJjOTQyNzU1MDY2MWU3M2I2ZWQ1ZTJmY2U5ZjFlMWYwN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7c/c29/XbuDP5PUS+XCsmBgPi5E
TWmd94E8XEWEXKQntj5GiSeaC0jxdN70pF6hoRuUB+zwirNJXIywc4nOZIIdC/wK
Ky5lh1FfJA3NQngyrKH5d5bcffXJiBnKPEokksnvY7c1WQ0BIprnN7Nq21U+OXkp
3K/7tavU8vIO9L81n6Lk0aKBLjxzP69YD4ssnXAECchNU6UM3H1kw996EcNOj/2t
IyxscgsJ6kP4kSPL6HDeC53vVpIMuoetCr6WMxfTtsCizsrkwOB1upvmhLhfj4BX
+7Nu80e9PSREKCzOniB2E8j44N2cu+77DYNvyl3LK9z+HwGkPlLTuz2qiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDKhkslCdVBmHnO27V4vzp8eHwfYMB8GA1UdIwQY
MBaAFNstdcbVR3UGQiQbB0nPoFLIwX80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgt
YTkwMWUwMzRhZmU1LzEvTXFHU3lVSjFVR1llYzdidFhpX09ueDRmQjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgtYTkwMWUwMzRhZmU1
LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY5EAwQC
ubyUAwQCwSU8MA0GCSqGSIb3DQEBCwUAA4IBAQA9SHmZEbBJQl5lIFYbhsQMxoOd
ZyGBFsc7FOrGrD1VGc9NI7Y7/MNgXx/WwGZ93GoKn+HAf+oKcYBYo+PA9Yl9t68u
EcKIdbFfLvPuEOwT22iBH+RJEoLEUdWYYmrmjh/HqriyOWeVlkmIep678R244DBd
mnoMVfT7SErQh/qtsqJfhSRdMfxhcnvpqGarr2JqhI8heYC25O2W7q246Hh1TtKj
19PaeEXYnT0DIMoUtX2a6x2JOrR/JyV+jpxrmxF9wSGR09Hv2ZWzmjtnGPP6gPuG
XZ1VIMJ1/kvAWaYkleB1/WgKLnJCm6Kd6OqUa1Qk9ggx2daVEhuQUaufi+fv
-----END CERTIFICATE-----
Generated at Fri May 10 12:59:19 2024 by rpki-client on console-ams.rpki-client.org