Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/mzKP6jlXIBK7oCFBFGtC29jQh-U.roa
File: mzKP6jlXIBK7oCFBFGtC29jQh-U.roa (raw, json)
Hash identifier: 2uVTaF2StCR9uL06HVY/5BhpQnWCsqduN/zMVVmX0PQ=
Subject key identifier: 9B:32:8F:EA:39:57:20:12:BB:A0:21:41:14:6B:42:DB:D8:D0:87:E5
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 0192F426442F2533B0E219AA8D2B9DA3F193
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/mzKP6jlXIBK7oCFBFGtC29jQh-U.roa
Signing time: Sun 03 Nov 2024 22:30:01 +0000
ROA not before: Sun 03 Nov 2024 22:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.224.0/22 maxlen: 22
31.129.224.0/23 maxlen: 23
31.129.224.0/24 maxlen: 24
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
31.129.227.0/24 maxlen: 24
31.129.228.0/23 maxlen: 23
31.129.228.0/24 maxlen: 24
31.129.229.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.254.0/24 maxlen: 24
31.129.255.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
213.5.198.0/23 maxlen: 23
213.5.198.0/24 maxlen: 24
213.5.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f4:26:44:2f:25:33:b0:e2:19:aa:8d:2b:9d:a3:f1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Nov 3 22:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b328fea39572012bba02141146b42dbd8d087e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5e:1e:1d:c0:07:9d:9d:56:8f:26:2c:ac:2a:
8a:da:46:d5:8b:8d:be:a0:03:e1:32:46:41:0d:e9:
6a:5e:02:f3:54:72:f0:21:82:eb:40:f6:1e:0c:71:
a2:b5:21:95:96:0e:d6:7e:04:79:f8:d8:7d:44:95:
27:6e:46:ff:86:f5:86:16:42:e1:b7:df:fb:14:3d:
0e:a5:d7:c1:49:9e:b1:09:54:2f:69:5c:e0:d0:d1:
24:7b:38:4d:f3:d2:dd:93:c8:6c:37:b7:af:20:d6:
a7:d4:75:8c:d7:fa:5c:6d:39:49:b6:35:fb:0c:5f:
34:b5:a7:15:47:23:84:13:e9:af:e1:76:59:72:e4:
ae:2b:f4:fc:d5:d4:74:6e:9f:46:dc:a8:dd:bb:1e:
5b:09:c2:3f:46:e2:d4:df:12:31:38:20:20:fd:1b:
d6:29:b8:5a:ec:d0:b7:47:74:55:9f:0d:f6:9b:0d:
16:d1:60:1d:7f:2b:06:d1:e8:46:8a:9a:b7:6d:39:
ef:2a:c2:84:83:58:22:3b:bd:50:50:a5:9a:ec:13:
83:9c:01:b2:05:5e:75:73:85:c4:76:6d:61:85:f3:
ef:79:08:96:b5:d3:24:a1:c0:36:46:f7:ef:a4:d4:
9f:cb:75:f4:59:5b:97:dc:ae:b5:9f:69:4e:58:8e:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:32:8F:EA:39:57:20:12:BB:A0:21:41:14:6B:42:DB:D8:D0:87:E5
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/mzKP6jlXIBK7oCFBFGtC29jQh-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0-31.129.229.255
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
94:54:42:4d:3d:1c:79:fd:1f:fe:bb:14:0b:d6:0f:9b:09:69:
9c:a1:f8:88:42:cd:6c:2a:01:f8:0b:c8:f9:b4:86:61:a0:fb:
de:de:1c:b8:1b:94:73:df:dc:7a:47:01:64:98:51:63:c6:f8:
30:9c:13:17:b2:15:c8:e7:b1:eb:ed:3a:d7:0f:ca:e2:2c:3e:
55:01:04:3b:6b:27:ae:40:15:5a:8a:ee:7b:a0:40:b3:27:41:
30:c0:d5:e1:39:7d:25:84:0a:d9:8d:d3:12:34:93:f3:73:d9:
a5:2c:95:5c:e1:6d:1e:4b:e4:a1:05:0c:b2:04:40:bc:d2:c0:
50:1d:eb:9a:f1:48:66:00:da:a0:3e:6b:c8:62:95:6c:43:82:
6f:cc:c3:91:7f:43:2c:f5:bc:33:49:e7:25:9f:9c:a0:2a:b2:
d2:0d:ed:36:7e:c4:70:d9:d6:f8:90:ef:8c:e3:c9:08:b5:a1:
2c:0f:28:85:31:96:0e:9f:0f:9c:1b:23:65:89:9b:f2:17:60:
c2:f2:b5:bc:63:31:46:c4:98:1e:42:5d:68:06:de:53:d0:5b:
c1:e1:2c:42:5f:23:d0:eb:5a:b4:28:3d:a2:92:3c:e7:e8:45:
dd:25:60:39:fc:e0:94:cc:5b:c8:64:00:03:06:0e:dc:74:96:
bc:d0:cd:58
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZL0JkQvJTOw4hmqjSudo/GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQxMTAzMjIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjMyOGZlYTM5NTcyMDEyYmJhMDIxNDExNDZiNDJkYmQ4ZDA4N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV4eHcAHnZ1WjyYsrCqK2kbVi42+
oAPhMkZBDelqXgLzVHLwIYLrQPYeDHGitSGVlg7WfgR5+Nh9RJUnbkb/hvWGFkLh
t9/7FD0OpdfBSZ6xCVQvaVzg0NEkezhN89Ldk8hsN7evINan1HWM1/pcbTlJtjX7
DF80tacVRyOEE+mv4XZZcuSuK/T81dR0bp9G3Kjdux5bCcI/RuLU3xIxOCAg/RvW
Kbha7NC3R3RVnw32mw0W0WAdfysG0ehGipq3bTnvKsKEg1giO71QUKWa7BODnAGy
BV51c4XEdm1hhfPveQiWtdMkocA2RvfvpNSfy3X0WVuX3K61n2lOWI5XXQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJsyj+o5VyASu6AhQRRrQtvY0IflMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvbXpLUDZqbFhJQks3b0NGQkZHdEMyOWpRaC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUfgeAD
BAEfgeQDBAAfgeoDBAIfgfADBAIfgfwDBAPVBcAwDQYJKoZIhvcNAQELBQADggEB
AJRUQk09HHn9H/67FAvWD5sJaZyh+IhCzWwqAfgLyPm0hmGg+97eHLgblHPf3HpH
AWSYUWPG+DCcExeyFcjnsevtOtcPyuIsPlUBBDtrJ65AFVqK7nugQLMnQTDA1eE5
fSWECtmN0xI0k/Nz2aUslVzhbR5L5KEFDLIEQLzSwFAd65rxSGYA2qA+a8hilWxD
gm/Mw5F/Qyz1vDNJ5yWfnKAqstIN7TZ+xHDZ1viQ74zjyQi1oSwPKIUxlg6fD5wb
I2WJm/IXYMLytbxjMUbEmB5CXWgG3lPQW8HhLEJfI9DrWrQoPaKSPOfoRd0lYDn8
4JTMW8hkAAMGDtx0lrzQzVg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:04 2024 by rpki-client on console-ams.rpki-client.org