Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mft1B5scAtSQEHGUCBXl8FoxZm0.roa
File: Mft1B5scAtSQEHGUCBXl8FoxZm0.roa (raw, json)
Hash identifier: L9ADki8Y/a59ZVXQROr4fsjLI8Z/BO28dqBzl9XhpjY=
Subject key identifier: 31:FB:75:07:9B:1C:02:D4:90:10:71:94:08:15:E5:F0:5A:31:66:6D
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CC5DC3277F8A5B4367EAD2C112559AF4B
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mft1B5scAtSQEHGUCBXl8FoxZm0.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49556
IP address blocks: 185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:32:77:f8:a5:b4:36:7e:ad:2c:11:25:59:af:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31fb75079b1c02d4901071940815e5f05a31666d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:02:57:c3:ba:40:19:f2:a9:a7:1e:19:64:b6:
de:64:61:7c:19:40:3d:ee:91:0e:db:dd:12:1c:ef:
7c:de:bb:59:ed:12:4d:08:be:4f:83:b6:b5:f8:20:
68:6d:27:62:fc:22:73:6e:e1:c4:47:cf:c6:75:e1:
ec:99:b9:a4:c7:f9:b0:a6:d3:bc:4b:3e:86:6a:2a:
5c:84:20:f3:19:61:76:76:fa:c8:37:dd:4c:fb:b2:
e1:68:c5:87:df:cd:68:48:22:c4:6d:8f:eb:92:a6:
0a:e3:ce:fc:53:36:25:3d:20:25:54:e9:fd:96:84:
3f:d6:25:68:d6:df:3b:87:bc:f6:39:f0:06:69:49:
c5:8c:f4:b6:b7:0e:92:84:8c:5b:f2:5f:d9:ef:de:
6a:d0:1c:92:d2:80:35:d9:5c:44:d6:fa:25:a0:40:
e6:4d:e7:12:59:99:f7:a5:1c:aa:25:28:44:11:92:
95:fe:f4:ae:bf:04:2d:2e:89:95:38:17:e8:32:d2:
95:1a:1a:08:37:ed:7c:32:94:ad:c9:12:5d:50:62:
c7:bf:52:d8:7b:5d:23:74:be:4a:43:07:46:63:99:
cb:db:16:29:1d:3a:07:32:eb:a6:0d:0d:c4:7d:e7:
e2:6c:28:cd:6b:15:90:7a:7a:1f:a7:fb:89:4a:31:
a0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FB:75:07:9B:1C:02:D4:90:10:71:94:08:15:E5:F0:5A:31:66:6D
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Mft1B5scAtSQEHGUCBXl8FoxZm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.239.0.0/24
185.239.2.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f5:30:53:e7:a5:e5:00:00:11:db:d9:a0:cb:90:86:94:35:
85:9a:0a:d0:67:d2:65:fe:1a:4b:95:98:ab:91:15:b5:41:08:
39:c6:ea:92:0e:3a:09:a5:07:d6:b3:fb:91:cb:4a:7a:cf:63:
7a:7d:c3:39:4d:ca:15:e4:72:02:3d:ff:b6:b4:94:cf:b9:00:
16:90:e1:19:9a:a9:24:74:d2:6a:bf:b3:ad:36:06:bb:e0:38:
14:1e:37:86:56:1d:df:a4:d0:ee:77:5c:d4:c2:d1:6e:a2:fa:
b0:a6:92:ed:44:c6:94:5c:ac:92:ae:77:7f:ba:bb:59:93:f8:
21:ab:d0:e9:b7:42:ac:7d:62:ea:f0:a7:13:39:8b:13:28:75:
3c:24:50:79:8d:e9:05:d4:df:01:85:0b:b4:22:3b:89:8e:e9:
e6:74:23:b3:6c:d8:51:af:e8:ca:43:08:6a:d6:43:2a:21:c9:
e8:93:59:db:ea:da:0d:c2:8b:66:76:88:23:c8:61:6d:2f:c7:
bd:0f:80:0b:1f:d1:32:6a:5d:69:08:16:10:7a:86:bb:44:8b:
e3:b9:8d:77:60:85:25:2a:b1:93:c9:73:0a:59:cf:0a:6b:65:
87:30:d2:6a:5b:9c:86:f8:a8:ff:2d:a2:bf:24:ad:0a:82:75:
81:ac:43:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3DJ3+KW0Nn6tLBElWa9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZiNzUwNzliMWMwMmQ0OTAxMDcxOTQwODE1ZTVmMDVhMzE2NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQJXw7pAGfKppx4ZZLbeZGF8GUA9
7pEO290SHO983rtZ7RJNCL5Pg7a1+CBobSdi/CJzbuHER8/GdeHsmbmkx/mwptO8
Sz6GaipchCDzGWF2dvrIN91M+7LhaMWH381oSCLEbY/rkqYK4878UzYlPSAlVOn9
loQ/1iVo1t87h7z2OfAGaUnFjPS2tw6ShIxb8l/Z795q0ByS0oA12VxE1voloEDm
TecSWZn3pRyqJShEEZKV/vSuvwQtLomVOBfoMtKVGhoIN+18MpStyRJdUGLHv1LY
e10jdL5KQwdGY5nL2xYpHToHMuumDQ3EfefibCjNaxWQenofp/uJSjGgXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDH7dQebHALUkBBxlAgV5fBaMWZtMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvTWZ0MUI1c2NBdFNRRUhHVUNCWGw4Rm94Wm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZ8xAwQA
BZ82AwQALV7VAwQAue8AAwQAue8CMA0GCSqGSIb3DQEBCwUAA4IBAQAp9TBT56Xl
AAAR29mgy5CGlDWFmgrQZ9Jl/hpLlZirkRW1QQg5xuqSDjoJpQfWs/uRy0p6z2N6
fcM5TcoV5HICPf+2tJTPuQAWkOEZmqkkdNJqv7OtNga74DgUHjeGVh3fpNDud1zU
wtFuovqwppLtRMaUXKySrnd/urtZk/ghq9Dpt0KsfWLq8KcTOYsTKHU8JFB5jekF
1N8BhQu0IjuJjunmdCOzbNhRr+jKQwhq1kMqIcnok1nb6toNwotmdogjyGFtL8e9
D4ALH9Eyal1pCBYQeoa7RIvjuY13YIUlKrGTyXMKWc8Ka2WHMNJqW5yG+Kj/LaK/
JK0KgnWBrEMM
-----END CERTIFICATE-----
Generated at Sat Jun 22 10:14:11 2024 by rpki-client on console-fra.rpki-client.org