Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MGmlK3gDbJTQSpnaixXL0U5PvCk.roa
File: MGmlK3gDbJTQSpnaixXL0U5PvCk.roa (raw, json)
Hash identifier: s6l06/EAAsLkQegykjPIrUpmmV7bl+lyvapOexj/lWg=
Subject key identifier: 30:69:A5:2B:78:03:6C:94:D0:4A:99:DA:8B:15:CB:D1:4E:4F:BC:29
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 01909CB87DDA2F491F4B6FD29EBC9AF42574
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MGmlK3gDbJTQSpnaixXL0U5PvCk.roa
Signing time: Wed 10 Jul 2024 12:57:34 +0000
ROA not before: Wed 10 Jul 2024 12:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44209
IP address blocks: 193.53.252.0/24 maxlen: 24
193.53.253.0/24 maxlen: 24
193.56.12.0/24 maxlen: 24
193.56.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:b8:7d:da:2f:49:1f:4b:6f:d2:9e:bc:9a:f4:25:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jul 10 12:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3069a52b78036c94d04a99da8b15cbd14e4fbc29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ff:53:d9:25:45:76:75:f1:b9:c6:d1:53:6d:
f3:b0:7c:b8:cf:e1:cc:d3:19:ef:02:51:55:8a:82:
6b:44:7f:c4:7c:a5:6f:a5:10:6c:81:f4:e7:7c:60:
21:bd:a1:35:23:8f:ed:11:30:db:36:e7:3e:33:26:
ec:22:ca:92:3c:46:c6:16:b4:b5:df:16:dd:6f:bc:
21:a4:83:fd:f6:5d:42:57:d2:cd:6c:7f:1b:1a:2c:
0b:60:95:73:50:b9:e9:15:4c:07:1b:4b:fb:a9:53:
26:c4:44:48:67:9d:ea:48:6d:b4:3a:71:e3:ee:45:
7c:5e:5a:5d:e2:58:b8:0c:b4:13:25:c6:8c:58:06:
89:81:4a:10:b5:a6:91:ea:40:3b:d0:5c:15:ed:f4:
e0:e4:42:38:63:1f:e4:48:e9:b0:68:77:f2:c6:44:
d9:f7:81:a7:f8:e6:53:44:05:5e:ee:0b:be:94:52:
e3:c5:e3:d8:b3:a1:cf:4c:66:7d:5c:de:ce:95:62:
dd:85:7a:6f:44:02:f2:57:3d:97:5a:cf:fd:42:f7:
25:4d:de:5d:64:57:ea:bc:55:10:f2:df:8e:82:d9:
13:a3:3c:46:22:61:f7:be:95:27:e9:61:be:1c:65:
ee:a9:87:a4:3e:8f:d4:ce:41:45:12:8d:6b:bb:5c:
82:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:69:A5:2B:78:03:6C:94:D0:4A:99:DA:8B:15:CB:D1:4E:4F:BC:29
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MGmlK3gDbJTQSpnaixXL0U5PvCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.252.0/23
193.56.12.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:29:a5:ba:fc:fd:98:da:84:e1:32:01:7c:b9:ff:28:51:5c:
aa:01:c1:0a:f3:dd:ef:9a:c1:ad:af:31:4b:46:f3:cf:8a:db:
e8:ea:87:67:5d:ce:aa:30:38:34:e4:0d:e0:c4:dd:e4:3d:ba:
1e:93:51:d5:4d:9c:3a:aa:05:d0:46:20:7d:97:63:84:4c:87:
30:71:d9:64:7d:cb:d7:6c:a7:3c:7e:3b:fa:2e:58:29:b9:ea:
b8:e8:fd:15:1a:1d:1c:10:4d:35:9e:de:ee:70:8d:13:6d:2e:
4e:b9:b6:29:91:bb:5f:d2:b0:44:ce:92:92:c6:08:f6:07:7a:
bc:89:73:aa:7b:cd:3f:8a:bf:83:5f:b3:a6:35:75:47:be:73:
35:f2:f2:9b:e7:e2:99:a9:14:1f:90:b6:ed:89:b9:93:08:80:
47:74:08:24:af:78:0c:7f:a7:98:b5:55:80:8b:cb:4a:ee:b1:
64:88:4b:19:c6:66:d0:22:3b:91:5b:4c:b9:b0:e9:b2:91:79:
be:e2:e1:34:60:6b:31:57:af:f0:c1:82:e2:80:45:fc:55:c4:
e5:cf:7b:9f:77:c7:32:79:db:b5:12:15:5c:d8:3c:dc:a9:ee:
86:96:d7:15:22:70:28:77:ca:a9:91:9e:c0:ba:cb:b2:ae:98:
c4:bd:41:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCcuH3aL0kfS2/Snrya9CV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwNzEwMTI1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY5YTUyYjc4MDM2Yzk0ZDA0YTk5ZGE4YjE1Y2JkMTRlNGZiYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P9T2SVFdnXxucbRU23zsHy4z+HM
0xnvAlFVioJrRH/EfKVvpRBsgfTnfGAhvaE1I4/tETDbNuc+MybsIsqSPEbGFrS1
3xbdb7whpIP99l1CV9LNbH8bGiwLYJVzULnpFUwHG0v7qVMmxERIZ53qSG20OnHj
7kV8Xlpd4li4DLQTJcaMWAaJgUoQtaaR6kA70FwV7fTg5EI4Yx/kSOmwaHfyxkTZ
94Gn+OZTRAVe7gu+lFLjxePYs6HPTGZ9XN7OlWLdhXpvRALyVz2XWs/9QvclTd5d
ZFfqvFUQ8t+OgtkTozxGImH3vpUn6WG+HGXuqYekPo/UzkFFEo1ru1yCFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDBppSt4A2yU0EqZ2osVy9FOT7wpMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvTUdtbEszZ0RiSlRRU3BuYWl4WEwwVTVQdkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwTX8AwQB
wTgMMA0GCSqGSIb3DQEBCwUAA4IBAQBaKaW6/P2Y2oThMgF8uf8oUVyqAcEK893v
msGtrzFLRvPPitvo6odnXc6qMDg05A3gxN3kPboek1HVTZw6qgXQRiB9l2OETIcw
cdlkfcvXbKc8fjv6Llgpueq46P0VGh0cEE01nt7ucI0TbS5OubYpkbtf0rBEzpKS
xgj2B3q8iXOqe80/ir+DX7OmNXVHvnM18vKb5+KZqRQfkLbtibmTCIBHdAgkr3gM
f6eYtVWAi8tK7rFkiEsZxmbQIjuRW0y5sOmykXm+4uE0YGsxV6/wwYLigEX8VcTl
z3ufd8cyedu1EhVc2Dzcqe6GltcVInAod8qpkZ7AusuyrpjEvUEe
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:39:19 2024 by rpki-client on console-ams.rpki-client.org