Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/mkCKrLghqZDX1U2MhU2ZJhhFBhU.roa
File: mkCKrLghqZDX1U2MhU2ZJhhFBhU.roa (raw, json)
Hash identifier: GcS0xQzXezMaNN6P9zY7l2Sh/csPKLfqKm2p1rirQfE=
Subject key identifier: 9A:40:8A:AC:B8:21:A9:90:D7:D5:4D:8C:85:4D:99:26:18:45:06:15
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 018CCA29BB38C5CF69E88ABFB3C2AC34A0F7
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/mkCKrLghqZDX1U2MhU2ZJhhFBhU.roa
Signing time: Tue 02 Jan 2024 12:33:01 +0000
ROA not before: Tue 02 Jan 2024 12:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 212.103.0.0/19 maxlen: 24
195.167.224.0/20 maxlen: 24
185.204.172.0/22 maxlen: 24
89.224.0.0/14 maxlen: 24
195.167.192.0/20 maxlen: 24
92.102.0.0/15 maxlen: 24
213.30.128.0/18 maxlen: 24
213.244.0.0/19 maxlen: 24
46.218.0.0/16 maxlen: 24
217.66.112.0/20 maxlen: 24
82.101.0.0/18 maxlen: 24
83.145.64.0/18 maxlen: 24
195.248.0.0/19 maxlen: 24
77.104.0.0/18 maxlen: 24
212.99.0.0/17 maxlen: 24
2a02:e000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:bb:38:c5:cf:69:e8:8a:bf:b3:c2:ac:34:a0:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Jan 2 12:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a408aacb821a990d7d54d8c854d992618450615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:58:91:9a:b5:0f:3f:c9:51:26:0e:09:da:58:
12:1e:0a:a2:30:8d:95:72:f3:40:62:88:bb:28:7a:
ca:84:e7:f0:b6:28:f2:a9:f4:e4:df:01:14:46:10:
71:a4:2a:10:5f:f2:e0:70:f5:21:69:0c:6b:f4:8d:
86:ef:05:23:a2:13:62:fd:1f:72:cc:91:de:52:e8:
fd:2f:1d:fa:ab:0c:ca:9a:03:e3:a0:a6:49:d6:9e:
3e:6d:c3:08:b2:1d:b0:8b:f2:0f:65:a8:7b:62:23:
b9:72:23:3b:7c:02:9f:09:a0:9a:e8:6b:6b:66:ec:
76:b1:15:d3:b1:37:f7:27:19:c2:7f:af:d0:d9:67:
8f:51:da:49:e8:7a:16:59:ae:81:4e:51:2e:56:ab:
2f:d0:5d:c1:93:a3:df:52:bb:2f:55:e7:d7:46:2e:
d6:d5:e3:08:29:4c:b4:49:12:3e:47:78:c0:8c:fc:
ee:9b:a2:78:c7:b9:2e:2c:5b:2f:54:24:a7:2a:e4:
31:31:eb:b3:94:e3:61:d3:ce:c3:7c:86:c9:18:41:
cf:77:41:07:56:64:0e:9f:1d:07:37:43:0c:dc:12:
cc:e3:09:fc:81:5a:69:4f:ab:5d:83:ea:0c:d3:db:
8a:f4:f2:cd:3e:f3:db:48:ee:d4:2c:fd:bc:97:88:
d7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:40:8A:AC:B8:21:A9:90:D7:D5:4D:8C:85:4D:99:26:18:45:06:15
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/mkCKrLghqZDX1U2MhU2ZJhhFBhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.218.0.0/16
77.104.0.0/18
82.101.0.0/18
83.145.64.0/18
89.224.0.0/14
92.102.0.0/15
185.204.172.0/22
195.167.192.0/20
195.167.224.0/20
195.248.0.0/19
212.99.0.0/17
212.103.0.0/19
213.30.128.0/18
213.244.0.0/19
217.66.112.0/20
IPv6:
2a02:e000::/29
Signature Algorithm: sha256WithRSAEncryption
77:63:b8:b5:eb:3c:b6:56:49:37:a8:e5:89:ef:41:92:b4:04:
33:29:8b:8c:20:5e:22:81:2a:6a:b8:f4:02:b4:57:c3:73:e9:
3e:5b:18:44:27:58:8b:46:4a:27:14:db:5a:26:2f:13:29:b6:
1b:bc:c6:a0:81:6d:0e:15:af:d3:8e:a3:ab:68:37:1d:0b:98:
02:82:c2:de:9e:db:e3:35:e6:43:e1:5c:a5:5e:f3:41:7d:2d:
9f:4f:0c:97:02:2e:ca:f7:97:e1:7f:44:6f:0c:a3:fa:c7:c3:
eb:95:58:83:58:cc:0e:43:60:8b:bc:ed:d3:ff:82:06:da:7c:
3b:bd:15:55:bc:58:fb:b3:ce:1b:4d:6a:52:1b:cf:00:44:a5:
8c:35:96:15:87:33:02:11:cf:a0:ed:97:7c:11:fc:9c:f7:52:
ec:6c:44:b3:78:12:56:47:e7:41:02:c7:c3:9f:55:0a:3f:eb:
ae:57:3e:a6:dc:33:e3:4d:f5:1c:bf:e0:c2:fb:bc:cb:69:51:
49:69:0c:49:d2:74:d1:7f:bb:d2:ee:7c:0c:89:27:3f:b2:41:
8a:7c:d6:92:03:f3:22:74:b4:20:c2:8d:77:97:94:69:7d:81:
2b:84:33:73:14:a4:ad:54:d3:07:d3:29:32:42:3c:86:e6:9e:
6e:5b:e2:72
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzKKbs4xc9p6Iq/s8KsNKD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjQwMTAyMTIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQwOGFhY2I4MjFhOTkwZDdkNTRkOGM4NTRkOTkyNjE4NDUwNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiViRmrUPP8lRJg4J2lgSHgqiMI2V
cvNAYoi7KHrKhOfwtijyqfTk3wEURhBxpCoQX/LgcPUhaQxr9I2G7wUjohNi/R9y
zJHeUuj9Lx36qwzKmgPjoKZJ1p4+bcMIsh2wi/IPZah7YiO5ciM7fAKfCaCa6Gtr
Zux2sRXTsTf3JxnCf6/Q2WePUdpJ6HoWWa6BTlEuVqsv0F3Bk6PfUrsvVefXRi7W
1eMIKUy0SRI+R3jAjPzum6J4x7kuLFsvVCSnKuQxMeuzlONh087DfIbJGEHPd0EH
VmQOnx0HN0MM3BLM4wn8gVppT6tdg+oM09uK9PLNPvPbSO7ULP28l4jXgwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJpAiqy4IamQ19VNjIVNmSYYRQYVMB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvbWtDS3JMZ2hxWkRYMVUyTWhVMlpKaGhGQmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwMALtoDBAZN
aAADBAZSZQADBAZTkUADAwJZ4AMDAVxmAwQCucysAwQEw6fAAwQEw6fgAwQFw/gA
AwQH1GMAAwQF1GcAAwQG1R6AAwQF1fQAAwQE2UJwMA0EAgACMAcDBQMqAuAAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Y7i16zy2Vkk3qOWJ70GStAQzKYuMIF4igSpquPQC
tFfDc+k+WxhEJ1iLRkonFNtaJi8TKbYbvMaggW0OFa/TjqOraDcdC5gCgsLentvj
NeZD4VylXvNBfS2fTwyXAi7K95fhf0RvDKP6x8PrlViDWMwOQ2CLvO3T/4IG2nw7
vRVVvFj7s84bTWpSG88ARKWMNZYVhzMCEc+g7Zd8Efyc91LsbESzeBJWR+dBAsfD
n1UKP+uuVz6m3DPjTfUcv+DC+7zLaVFJaQxJ0nTRf7vS7nwMiSc/skGKfNaSA/Mi
dLQgwo13l5RpfYErhDNzFKStVNMH0ykyQjyG5p5uW+Jy
-----END CERTIFICATE-----
Generated at Mon May 6 05:27:06 2024 by rpki-client on console-fra.rpki-client.org