Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/mxT1zF7zbGKAFCiPNo758Tg_cxI.roa
File: mxT1zF7zbGKAFCiPNo758Tg_cxI.roa (raw, json)
Hash identifier: uT+xEPrEGH4JUh0AANiR+zZHjbunhTubUx8QxwUHo9s=
Subject key identifier: 9B:14:F5:CC:5E:F3:6C:62:80:14:28:8F:36:8E:F9:F1:38:3F:73:12
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 019016645CA8983B7D64DFBE5970D635A7AA
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/mxT1zF7zbGKAFCiPNo758Tg_cxI.roa
Signing time: Fri 14 Jun 2024 10:56:34 +0000
ROA not before: Fri 14 Jun 2024 10:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39318
IP address blocks: 31.210.174.0/23 maxlen: 24
85.202.192.0/23 maxlen: 24
2a00:5da0:2000::/36 maxlen: 48
2a00:5da0:3000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:64:5c:a8:98:3b:7d:64:df:be:59:70:d6:35:a7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jun 14 10:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b14f5cc5ef36c628014288f368ef9f1383f7312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a9:7d:66:b5:9f:ae:c4:3c:cb:b7:a7:cc:e0:
01:a0:c1:02:d7:03:7e:a8:5a:e1:de:c7:e9:17:01:
bc:d5:cf:3a:63:9c:e6:79:38:7c:d8:6a:b0:fb:a2:
52:98:b2:c5:82:bf:e5:b7:ec:50:9b:2a:4d:4f:91:
91:32:bc:8a:cf:1a:f1:93:18:44:12:75:58:d8:8c:
8e:d2:ad:38:f4:91:12:95:5c:d4:e2:5d:57:04:d8:
20:49:d3:8b:2a:97:e7:06:31:7c:79:e5:41:d4:ac:
36:4d:cb:7e:f9:0b:a2:32:fb:7d:d2:b9:30:10:0f:
d9:f1:57:4d:be:32:fb:89:19:3f:75:f7:a8:1f:62:
03:70:53:b3:f8:10:3e:f7:7c:de:79:73:3e:5d:10:
fe:46:d3:c9:51:8e:47:4c:ae:eb:34:fe:b7:41:52:
23:2a:2b:d4:2a:b3:10:52:87:01:68:e0:1c:5a:92:
12:39:99:05:69:51:ba:68:41:0a:4e:0b:f9:ca:e0:
42:eb:c3:a7:ad:3a:d1:13:0d:97:57:bc:96:fe:ff:
e2:de:ce:b6:a4:f8:75:66:90:a2:36:f3:8d:5c:2c:
21:9d:32:0f:a6:ba:ac:39:b4:aa:4e:86:38:99:8a:
7e:f3:47:93:c1:5a:5e:89:9e:a3:e1:84:0b:ae:d2:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:14:F5:CC:5E:F3:6C:62:80:14:28:8F:36:8E:F9:F1:38:3F:73:12
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/mxT1zF7zbGKAFCiPNo758Tg_cxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.174.0/23
85.202.192.0/23
IPv6:
2a00:5da0:2000::/35
Signature Algorithm: sha256WithRSAEncryption
3b:ab:b0:4c:76:14:63:7f:9e:7e:46:90:41:5d:11:f9:0b:62:
e1:54:27:95:e6:15:59:47:31:62:b0:28:4d:bf:51:2a:a1:6e:
d8:a3:5e:a6:20:54:df:ec:9e:f1:7f:54:15:b3:45:df:2a:01:
40:87:8e:4b:62:7b:86:30:7b:c0:a8:81:fa:46:fa:61:1a:62:
5e:69:62:70:10:84:6a:85:d0:cd:02:e1:68:23:40:54:9a:38:
6d:a9:7c:b5:ca:1a:2d:15:7d:1e:da:4c:ce:63:0c:2d:97:20:
18:37:1c:f1:8a:e0:de:51:a7:3d:a8:0b:f6:5c:9e:35:a7:5e:
8c:9c:cc:cc:dd:7b:d4:8d:16:b5:29:bf:22:0b:ee:69:b9:df:
47:6c:17:eb:74:04:6d:46:32:7d:71:07:49:26:12:4e:4b:e8:
c0:45:9f:27:23:f3:a1:38:51:40:b6:a8:d6:2d:9d:e6:3a:2d:
97:15:94:8f:0e:9f:be:27:c6:da:63:31:fb:90:47:0e:0f:9e:
c9:00:c8:8c:37:cf:c2:7f:a3:c4:ad:15:55:9e:1b:b3:b3:4c:
f3:23:28:72:89:16:d2:a0:ab:15:40:45:f5:0c:f2:1c:72:58:
bb:e1:f7:f7:cc:a9:32:ab:28:25:88:4b:ad:1d:23:0e:a7:f4:
bb:89:01:bc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZAWZFyomDt9ZN++WXDWNaeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwNjE0MTA1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE0ZjVjYzVlZjM2YzYyODAxNDI4OGYzNjhlZjlmMTM4M2Y3MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46l9ZrWfrsQ8y7enzOABoMEC1wN+
qFrh3sfpFwG81c86Y5zmeTh82Gqw+6JSmLLFgr/lt+xQmypNT5GRMryKzxrxkxhE
EnVY2IyO0q049JESlVzU4l1XBNggSdOLKpfnBjF8eeVB1Kw2Tct++QuiMvt90rkw
EA/Z8VdNvjL7iRk/dfeoH2IDcFOz+BA+93zeeXM+XRD+RtPJUY5HTK7rNP63QVIj
KivUKrMQUocBaOAcWpISOZkFaVG6aEEKTgv5yuBC68OnrTrREw2XV7yW/v/i3s62
pPh1ZpCiNvONXCwhnTIPprqsObSqToY4mYp+80eTwVpeiZ6j4YQLrtIhJwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJsU9cxe82xigBQojzaO+fE4P3MSMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvbXhUMXpGN3piR0tBRkNpUE5vNzU4VGdfY3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBH9KuAwQB
VcrAMA4EAgACMAgDBgUqAF2gIDANBgkqhkiG9w0BAQsFAAOCAQEAO6uwTHYUY3+e
fkaQQV0R+Qti4VQnleYVWUcxYrAoTb9RKqFu2KNepiBU3+ye8X9UFbNF3yoBQIeO
S2J7hjB7wKiB+kb6YRpiXmlicBCEaoXQzQLhaCNAVJo4bal8tcoaLRV9HtpMzmMM
LZcgGDcc8Yrg3lGnPagL9lyeNadejJzMzN171I0WtSm/IgvuabnfR2wX63QEbUYy
fXEHSSYSTkvowEWfJyPzoThRQLao1i2d5jotlxWUjw6fvifG2mMx+5BHDg+eyQDI
jDfPwn+jxK0VVZ4bs7NM8yMocokW0qCrFUBF9QzyHHJYu+H398ypMqsoJYhLrR0j
Dqf0u4kBvA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:14:50 2024 by rpki-client on console-ams.rpki-client.org