Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/M3zoZjFFwe62Hx6u2n_FAOd-8Us.roa
File: M3zoZjFFwe62Hx6u2n_FAOd-8Us.roa (raw, json)
Hash identifier: 5RJbF/13FEacwJC+HoxjO5tISxw5GGHsVorU0Jr9eHI=
Subject key identifier: 33:7C:E8:66:31:45:C1:EE:B6:1F:1E:AE:DA:7F:C5:00:E7:7E:F1:4B
Certificate issuer: /CN=fb1fce9aa72c838496f4bdef9c1f0b8e894fc98e
Certificate serial: 018CC86F671CDB235449182422D757A12D95
Authority key identifier: FB:1F:CE:9A:A7:2C:83:84:96:F4:BD:EF:9C:1F:0B:8E:89:4F:C9:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-x_Omqcsg4SW9L3vnB8LjolPyY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/M3zoZjFFwe62Hx6u2n_FAOd-8Us.roa
Signing time: Tue 02 Jan 2024 04:29:53 +0000
ROA not before: Tue 02 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9063
IP address blocks: 185.168.141.0/24 maxlen: 24
2a10:65c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/1-x_Omqcsg4SW9L3vnB8LjolPyY4.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/1-x_Omqcsg4SW9L3vnB8LjolPyY4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-x_Omqcsg4SW9L3vnB8LjolPyY4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:67:1c:db:23:54:49:18:24:22:d7:57:a1:2d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1fce9aa72c838496f4bdef9c1f0b8e894fc98e
Validity
Not Before: Jan 2 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=337ce8663145c1eeb61f1eaeda7fc500e77ef14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:ab:f3:4b:d1:5d:2b:d7:95:67:3c:17:da:
9f:4e:de:74:b6:1b:94:3c:4b:a0:d6:6a:49:42:f3:
84:5c:04:d2:71:69:ac:62:16:d2:af:35:31:16:9e:
4a:0a:d7:77:1f:4d:64:29:21:70:50:4b:d2:da:54:
a9:44:33:44:c0:25:8b:23:1b:c6:31:a2:9d:62:14:
6a:f2:7f:75:9c:c1:76:0f:17:4a:a9:b5:09:41:20:
80:5f:fd:98:be:76:f1:6d:74:91:04:b9:7b:e6:8a:
3a:23:ea:79:f5:29:bc:d3:e2:6c:24:c5:1c:fb:13:
26:0e:de:2d:50:f4:20:de:a8:9c:01:fa:c0:e1:9b:
9c:d6:23:40:29:6a:39:2a:d8:a1:cd:f1:2f:12:c6:
46:83:12:cf:cc:0e:c9:eb:88:1c:18:c3:da:f7:fc:
0f:32:e6:fe:78:cb:aa:0e:9e:c1:a1:db:bf:3b:28:
a4:38:93:1d:42:4a:f6:a7:15:d7:08:f3:ff:d1:49:
94:38:73:92:39:b4:2b:44:e0:be:cd:63:eb:09:30:
cf:d8:87:17:b4:16:1b:29:5c:c1:73:51:0a:ea:cf:
57:1f:a1:0e:dd:cd:d9:73:04:0c:0f:5b:29:7e:0d:
62:fc:c8:ef:5c:d6:08:fc:30:95:c1:81:ab:71:36:
74:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7C:E8:66:31:45:C1:EE:B6:1F:1E:AE:DA:7F:C5:00:E7:7E:F1:4B
X509v3 Authority Key Identifier:
keyid:FB:1F:CE:9A:A7:2C:83:84:96:F4:BD:EF:9C:1F:0B:8E:89:4F:C9:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-x_Omqcsg4SW9L3vnB8LjolPyY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/M3zoZjFFwe62Hx6u2n_FAOd-8Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5655f5-0141-4f3d-a50c-b5998680d914/1/1-x_Omqcsg4SW9L3vnB8LjolPyY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.141.0/24
IPv6:
2a10:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:7a:85:60:7f:88:b8:be:a7:e4:aa:c3:7e:4a:df:35:51:0a:
a9:c9:91:c4:16:ef:65:72:bf:c3:3e:a4:b1:63:56:cd:ee:ef:
9d:cf:45:f9:73:ef:72:36:de:28:37:68:f3:f7:28:9f:a7:51:
c1:68:e0:3c:f6:d3:82:6f:04:be:9c:39:89:e2:8e:66:b5:4b:
30:9f:b1:ef:fd:1f:72:0f:ce:3f:f8:64:fe:5c:63:8b:db:16:
04:5f:3e:d5:ba:ae:a4:2a:dd:7c:30:d5:ac:54:17:e8:1d:57:
08:b8:50:c1:18:1f:c9:f2:76:88:57:d3:a2:bf:ac:a3:72:e2:
ed:90:f5:c5:c7:c5:cb:a7:53:19:cb:2b:9d:d9:d1:37:26:0b:
ec:53:43:f9:e1:fd:f2:f1:91:84:7d:6e:d9:fc:a1:59:0d:ca:
8a:6a:72:71:bb:42:01:09:d9:11:de:9c:44:58:fe:d6:fc:99:
43:3d:fe:8a:58:07:3d:3f:61:95:4f:ee:a8:57:6a:16:e2:f7:
8d:5d:d8:6f:9c:42:50:94:f4:19:ef:ba:01:ca:91:6f:21:61:
f0:c9:78:91:8b:51:f3:02:78:c3:ea:4c:67:75:8f:8a:bc:7d:
14:8b:56:ec:dc:58:8b:96:2d:93:09:06:93:dc:51:26:cb:13:
be:7c:fa:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIb2cc2yNUSRgkItdXoS2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWZjZTlhYTcyYzgzODQ5NmY0YmRlZjljMWYwYjhlODk0
ZmM5OGUwHhcNMjQwMTAyMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdjZTg2NjMxNDVjMWVlYjYxZjFlYWVkYTdmYzUwMGU3N2VmMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq66r80vRXSvXlWc8F9qfTt50thuU
PEug1mpJQvOEXATScWmsYhbSrzUxFp5KCtd3H01kKSFwUEvS2lSpRDNEwCWLIxvG
MaKdYhRq8n91nMF2DxdKqbUJQSCAX/2YvnbxbXSRBLl75oo6I+p59Sm80+JsJMUc
+xMmDt4tUPQg3qicAfrA4Zuc1iNAKWo5KtihzfEvEsZGgxLPzA7J64gcGMPa9/wP
Mub+eMuqDp7Bodu/OyikOJMdQkr2pxXXCPP/0UmUOHOSObQrROC+zWPrCTDP2IcX
tBYbKVzBc1EK6s9XH6EO3c3ZcwQMD1spfg1i/MjvXNYI/DCVwYGrcTZ0cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDN86GYxRcHuth8ertp/xQDnfvFLMB8GA1UdIwQY
MBaAFPsfzpqnLIOElvS975wfC46JT8mOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14X09tcWNzZzRTVzlMM3ZuQjhMam9sUHlZNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQvNTY1NWY1LTAxNDEtNGYzZC1hNTBj
LWI1OTk4NjgwZDkxNC8xL00zem9aakZGd2U2Mkh4NnUybl9GQU9kLThVcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvNTY1NWY1LTAxNDEtNGYzZC1hNTBjLWI1OTk4NjgwZDkx
NC8xLzEteF9PbXFjc2c0U1c5TDN2bkI4TGpvbFB5WTQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5qI0w
DQQCAAIwBwMFAyoQZcAwDQYJKoZIhvcNAQELBQADggEBABl6hWB/iLi+p+Sqw35K
3zVRCqnJkcQW72Vyv8M+pLFjVs3u753PRflz73I23ig3aPP3KJ+nUcFo4Dz204Jv
BL6cOYnijma1SzCfse/9H3IPzj/4ZP5cY4vbFgRfPtW6rqQq3Xww1axUF+gdVwi4
UMEYH8nydohX06K/rKNy4u2Q9cXHxcunUxnLK53Z0TcmC+xTQ/nh/fLxkYR9btn8
oVkNyopqcnG7QgEJ2RHenERY/tb8mUM9/opYBz0/YZVP7qhXahbi941d2G+cQlCU
9BnvugHKkW8hYfDJeJGLUfMCeMPqTGd1j4q8fRSLVuzcWIuWLZMJBpPcUSbLE758
+qE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:08 2024 by rpki-client on console-fra.rpki-client.org