Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mxiVagBdIsaRXo5LLIOSk01GINI.roa
File: mxiVagBdIsaRXo5LLIOSk01GINI.roa (raw, json)
Hash identifier: etq1WOGaz/NPP9gVMJar3Wd/4k2hzMXh5CU5c8+VHbE=
Subject key identifier: 9B:18:95:6A:00:5D:22:C6:91:5E:8E:4B:2C:83:92:93:4D:46:20:D2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018F95118564FA9AC4853B415C105948F343
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mxiVagBdIsaRXo5LLIOSk01GINI.roa
Signing time: Mon 20 May 2024 08:15:04 +0000
ROA not before: Mon 20 May 2024 08:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 5.39.250.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.144.178.0/24 maxlen: 24
31.192.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:11:85:64:fa:9a:c4:85:3b:41:5c:10:59:48:f3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: May 20 08:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b18956a005d22c6915e8e4b2c8392934d4620d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:25:88:50:90:e8:11:52:e0:2c:3d:a0:15:
6a:1c:6e:af:dd:bb:c0:6b:33:17:29:4f:b0:d8:0a:
77:dc:cd:8a:7f:0e:be:b6:3b:83:cb:06:19:5b:1f:
24:e2:3e:96:73:c2:80:12:02:ed:e1:69:34:03:44:
4f:00:4b:75:84:47:5f:30:c9:e6:1e:ff:1c:c8:f2:
ce:a2:72:1a:4e:e7:eb:07:94:cf:08:a4:aa:3e:0b:
7b:fe:fc:2c:ae:7f:3f:32:7c:f1:db:4c:da:30:0a:
11:be:cb:d8:61:c0:09:1a:b0:b4:58:ba:86:83:22:
59:99:36:71:1e:56:b4:f0:60:3a:82:43:55:8d:36:
07:fc:a3:ba:72:8a:30:85:7c:60:db:7b:87:4e:3b:
88:65:20:79:7a:37:78:a4:ee:c4:45:a9:6a:c4:62:
77:00:09:ba:de:a8:81:51:66:20:bf:f7:50:61:a2:
12:30:99:cf:4a:f0:8e:41:62:e5:08:6e:83:87:7e:
ba:fb:7d:c2:6a:ca:8b:20:df:0e:d2:14:33:ca:cc:
07:3a:9e:05:82:87:c2:10:d1:61:a2:f8:43:8c:f9:
28:8b:68:55:05:49:8f:61:a6:8e:02:27:bc:86:66:
49:82:48:16:20:03:a0:e4:0f:2f:9b:87:3a:5d:94:
39:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:18:95:6A:00:5D:22:C6:91:5E:8E:4B:2C:83:92:93:4D:46:20:D2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/mxiVagBdIsaRXo5LLIOSk01GINI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.250.0/24
5.39.252.0/24
5.39.254.0/24
5.144.178.0/24
31.192.244.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:50:a3:0b:7e:35:9c:ff:af:5d:f8:d6:70:11:22:bf:23:3e:
00:4b:39:f2:d9:fe:72:cf:b1:be:d4:2b:62:cf:79:54:02:b4:
92:01:8d:be:2b:5c:50:4a:73:07:fb:c9:e2:38:96:19:c6:29:
0c:8b:93:f4:e9:95:12:be:a7:a1:ae:75:05:e5:b0:0d:6d:d9:
da:3c:ff:53:03:c4:79:b1:7c:ee:d0:62:38:73:ad:ba:d6:b5:
be:70:0a:55:0f:46:c1:c3:3e:2e:3c:92:4c:b6:c6:a2:05:a1:
63:47:46:59:2c:a2:f9:c4:be:03:e5:f2:8c:43:b1:9f:11:b7:
1d:9c:db:c8:10:db:7e:b2:cc:46:22:84:a7:87:e6:62:9c:88:
18:71:0f:dd:1b:d0:7b:9c:39:3d:69:2d:2a:99:c4:ec:7d:20:
55:94:dc:32:2f:08:87:11:ea:11:65:29:fc:b9:0d:50:41:35:
03:9b:90:11:d1:5e:c9:19:86:a3:6e:5f:33:2a:72:12:a6:f0:
d2:97:a3:d8:06:45:11:8f:d7:d5:6d:76:a0:c3:9c:be:2a:be:
f8:45:b2:5f:62:f9:71:ff:82:63:c5:0d:53:d0:8b:5c:80:d2:
45:68:40:02:61:49:8d:e2:44:cc:98:71:f2:ea:70:7e:bb:44:
fb:b0:8d:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+VEYVk+prEhTtBXBBZSPNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwNTIwMDgxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE4OTU2YTAwNWQyMmM2OTE1ZThlNGIyYzgzOTI5MzRkNDYyMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztkliFCQ6BFS4Cw9oBVqHG6v3bvA
azMXKU+w2Ap33M2Kfw6+tjuDywYZWx8k4j6Wc8KAEgLt4Wk0A0RPAEt1hEdfMMnm
Hv8cyPLOonIaTufrB5TPCKSqPgt7/vwsrn8/Mnzx20zaMAoRvsvYYcAJGrC0WLqG
gyJZmTZxHla08GA6gkNVjTYH/KO6coowhXxg23uHTjuIZSB5ejd4pO7ERalqxGJ3
AAm63qiBUWYgv/dQYaISMJnPSvCOQWLlCG6Dh366+33CasqLIN8O0hQzyswHOp4F
gofCENFhovhDjPkoi2hVBUmPYaaOAie8hmZJgkgWIAOg5A8vm4c6XZQ53wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJsYlWoAXSLGkV6OSyyDkpNNRiDSMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvbXhpVmFnQmRJc2FSWG81TExJT1NrMDFHSU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSf6AwQA
BSf8AwQABSf+AwQABZCyAwQAH8D0MA0GCSqGSIb3DQEBCwUAA4IBAQDOUKMLfjWc
/69d+NZwESK/Iz4ASzny2f5yz7G+1Ctiz3lUArSSAY2+K1xQSnMH+8niOJYZxikM
i5P06ZUSvqehrnUF5bANbdnaPP9TA8R5sXzu0GI4c6261rW+cApVD0bBwz4uPJJM
tsaiBaFjR0ZZLKL5xL4D5fKMQ7GfEbcdnNvIENt+ssxGIoSnh+ZinIgYcQ/dG9B7
nDk9aS0qmcTsfSBVlNwyLwiHEeoRZSn8uQ1QQTUDm5AR0V7JGYajbl8zKnISpvDS
l6PYBkURj9fVbXagw5y+Kr74RbJfYvlx/4JjxQ1T0ItcgNJFaEACYUmN4kTMmHHy
6nB+u0T7sI3e
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:10:11 2024 by rpki-client on console-fra.rpki-client.org