Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mzjbUVCBTmI0TTGwVIYjhd7RWQ8.roa
File: mzjbUVCBTmI0TTGwVIYjhd7RWQ8.roa (raw, json)
Hash identifier: p/7nH4J/3cUUqIXMLhXvlFIUsCibe6xN9oHesWZllWg=
Subject key identifier: 9B:38:DB:51:50:81:4E:62:34:4D:31:B0:54:86:23:85:DE:D1:59:0F
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018CC649F69F42396194722C6EC16365BD16
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mzjbUVCBTmI0TTGwVIYjhd7RWQ8.roa
Signing time: Mon 01 Jan 2024 18:29:45 +0000
ROA not before: Mon 01 Jan 2024 18:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204108
IP address blocks: 31.41.12.0/23 maxlen: 23
31.41.14.0/23 maxlen: 23
185.229.232.0/22 maxlen: 24
185.229.232.0/23 maxlen: 24
185.229.234.0/23 maxlen: 24
31.133.32.0/22 maxlen: 22
185.253.42.0/23 maxlen: 24
185.253.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f6:9f:42:39:61:94:72:2c:6e:c1:63:65:bd:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 18:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b38db5150814e62344d31b054862385ded1590f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:c3:94:c2:78:89:ff:be:fc:b9:f0:ce:e4:
d9:fd:d1:bd:c6:a5:d6:df:af:5d:b3:d9:45:f5:96:
e0:99:30:da:c6:1a:c5:b6:dc:15:c4:9a:c5:e0:bd:
95:ea:3f:db:7a:e4:9e:fb:f4:5d:9c:f6:b0:ba:11:
28:9b:20:d9:41:0f:ac:97:1b:2c:42:6a:3c:fa:29:
f4:5b:c8:b7:5e:91:d8:b8:76:e3:cb:0c:0c:5d:ba:
27:aa:54:8e:2d:a8:a5:f4:60:02:0a:30:17:09:86:
77:13:51:7e:8a:00:4d:55:eb:e0:c3:0d:6f:06:d9:
b0:3a:20:78:87:54:b8:60:e1:1a:e0:ea:8e:51:91:
40:72:6f:1a:f5:d7:84:4c:ee:b0:8d:68:fc:39:dd:
4c:04:3c:be:13:98:a4:03:aa:6b:f0:17:86:1b:54:
d9:1e:f1:24:b6:d3:2f:db:de:13:d5:b6:75:24:d5:
28:e6:f6:8c:d9:0f:0a:30:97:d3:c1:77:43:b7:7e:
3f:e3:6a:a1:0d:0e:0f:e8:64:0d:97:b0:92:b1:6d:
78:aa:c8:41:17:4d:89:da:2d:db:f9:60:fd:9e:f3:
8c:cc:b5:af:a0:8c:60:f2:00:73:9a:11:95:73:b8:
23:3b:01:7f:08:c9:dd:9f:e2:ce:2b:06:fc:8a:36:
30:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:38:DB:51:50:81:4E:62:34:4D:31:B0:54:86:23:85:DE:D1:59:0F
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mzjbUVCBTmI0TTGwVIYjhd7RWQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.12.0/22
31.133.32.0/22
185.229.232.0/22
185.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:ab:af:e7:07:10:8e:fa:e5:85:d7:78:51:e3:41:b4:eb:2e:
5b:8f:70:7e:fa:4c:92:ca:30:7a:43:76:7e:ce:24:69:97:dd:
ad:d3:f4:ac:1e:1f:d5:c2:03:eb:03:85:fc:39:e2:ea:d9:48:
9c:10:e2:53:8c:8e:1b:29:05:d5:52:92:4c:51:94:15:6b:01:
5a:a6:54:a0:9b:88:4e:5e:c1:cf:a6:5a:20:08:4c:73:ee:f9:
51:26:85:8e:6b:91:f5:b2:38:7c:e0:4b:31:c3:50:55:83:c2:
81:02:17:b2:32:37:f5:4c:70:88:44:8d:74:22:9e:eb:93:29:
ab:30:fd:4b:0a:fc:4d:9c:8f:a5:2c:1f:2a:3a:62:0d:a8:72:
f3:92:e1:86:88:ac:b9:4c:e5:e6:bc:2c:b7:83:1e:a5:d6:f6:
1d:5c:eb:10:09:14:dd:7b:6c:3d:07:95:9a:34:79:f0:a5:75:
45:be:c6:cf:30:cf:a4:a8:41:44:cd:38:e6:58:e1:54:ce:0f:
df:3e:18:d5:31:d7:6c:4f:6b:8b:6c:f5:91:bf:90:8b:74:da:
b8:c3:30:3c:a1:7b:4a:65:30:0e:d6:89:13:ce:a5:7c:1d:25:
b4:5c:0e:97:ee:99:a1:f6:d1:e9:32:d5:02:20:ab:66:0c:1a:
c2:26:57:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSfafQjlhlHIsbsFjZb0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwMTAxMTgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM4ZGI1MTUwODE0ZTYyMzQ0ZDMxYjA1NDg2MjM4NWRlZDE1OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhvDlMJ4if++/LnwzuTZ/dG9xqXW
369ds9lF9ZbgmTDaxhrFttwVxJrF4L2V6j/beuSe+/RdnPawuhEomyDZQQ+slxss
Qmo8+in0W8i3XpHYuHbjywwMXbonqlSOLail9GACCjAXCYZ3E1F+igBNVevgww1v
BtmwOiB4h1S4YOEa4OqOUZFAcm8a9deETO6wjWj8Od1MBDy+E5ikA6pr8BeGG1TZ
HvEkttMv294T1bZ1JNUo5vaM2Q8KMJfTwXdDt34/42qhDQ4P6GQNl7CSsW14qshB
F02J2i3b+WD9nvOMzLWvoIxg8gBzmhGVc7gjOwF/CMndn+LOKwb8ijYwZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJs421FQgU5iNE0xsFSGI4Xe0VkPMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvbXpqYlVWQ0JUbUkwVFRHd1ZJWWpoZDdSV1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHykMAwQC
H4UgAwQCueXoAwQCuf0oMA0GCSqGSIb3DQEBCwUAA4IBAQBKq6/nBxCO+uWF13hR
40G06y5bj3B++kySyjB6Q3Z+ziRpl92t0/SsHh/VwgPrA4X8OeLq2UicEOJTjI4b
KQXVUpJMUZQVawFaplSgm4hOXsHPplogCExz7vlRJoWOa5H1sjh84Esxw1BVg8KB
AheyMjf1THCIRI10Ip7rkymrMP1LCvxNnI+lLB8qOmINqHLzkuGGiKy5TOXmvCy3
gx6l1vYdXOsQCRTde2w9B5WaNHnwpXVFvsbPMM+kqEFEzTjmWOFUzg/fPhjVMdds
T2uLbPWRv5CLdNq4wzA8oXtKZTAO1okTzqV8HSW0XA6X7pmh9tHpMtUCIKtmDBrC
Jld4
-----END CERTIFICATE-----
Generated at Sun Jun 23 03:13:25 2024 by rpki-client on console-fra.rpki-client.org