Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/MNgmbEAsIBcscXH8Qfhlef7j5-E.roa
File: MNgmbEAsIBcscXH8Qfhlef7j5-E.roa (raw, json)
Hash identifier: nUNdDbV/6Cc0dxQkJaW/bjAaVwz61Ut6ZIKJy0XOVjE=
Subject key identifier: 30:D8:26:6C:40:2C:20:17:2C:71:71:FC:41:F8:65:79:FE:E3:E7:E1
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 019274FC1AF97AA5AF922D9A01C877D5CBFB
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/MNgmbEAsIBcscXH8Qfhlef7j5-E.roa
Signing time: Thu 10 Oct 2024 05:52:11 +0000
ROA not before: Thu 10 Oct 2024 05:52:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211261
IP address blocks: 103.226.194.0/23 maxlen: 23
103.229.168.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
185.145.70.0/24 maxlen: 24
185.145.71.0/24 maxlen: 24
185.223.176.0/22 maxlen: 22
185.223.176.0/24 maxlen: 24
185.223.177.0/24 maxlen: 24
185.223.178.0/24 maxlen: 24
185.223.179.0/24 maxlen: 24
185.237.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:74:fc:1a:f9:7a:a5:af:92:2d:9a:01:c8:77:d5:cb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Oct 10 05:52:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d8266c402c20172c7171fc41f86579fee3e7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:45:33:8b:d9:eb:3a:cd:66:5d:dd:7f:ed:
73:40:c2:0c:be:51:4a:04:49:d0:8f:87:61:6e:b8:
42:e4:34:cb:bf:2e:70:f3:2c:c7:40:3c:3e:a2:c0:
e2:ea:a3:75:62:9b:0e:c5:7d:c2:1d:86:fd:57:f4:
93:45:f3:4f:4c:ec:2f:ff:08:8b:69:eb:f4:85:cf:
52:97:a1:e0:44:28:c1:49:5b:26:a6:e7:9a:41:c7:
a6:b4:41:0f:58:4d:f9:ca:5e:50:4c:74:81:7e:2c:
68:3a:67:a3:80:ad:0f:16:82:6d:51:fc:bf:54:67:
33:1d:98:31:25:df:44:02:cb:20:65:9f:23:0b:d7:
98:08:4c:7b:8e:f4:59:b4:e7:70:bb:b0:44:c4:88:
f6:65:78:8f:fe:2c:97:d3:a8:08:51:d9:e4:46:e6:
9b:71:6d:4f:bd:1e:dc:4b:5f:d7:13:bf:6d:d4:1a:
44:e7:8b:5b:cb:31:e7:0c:f5:74:f2:c4:04:ea:8f:
78:9d:c7:9e:66:5e:cb:d9:5b:73:b9:23:db:90:8b:
41:38:b0:78:1f:3d:69:14:52:b3:6b:1c:10:40:a0:
b6:7c:99:50:5f:ec:80:92:f5:1e:6f:d9:80:a8:37:
7c:0c:94:3a:0f:82:4d:83:39:59:b4:f8:52:e4:18:
d5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D8:26:6C:40:2C:20:17:2C:71:71:FC:41:F8:65:79:FE:E3:E7:E1
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/MNgmbEAsIBcscXH8Qfhlef7j5-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.194.0/23
103.229.168.0/24
103.229.171.0/24
185.145.70.0/23
185.223.176.0/22
185.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
31:22:01:90:a8:c0:43:e2:85:99:a9:cd:17:dd:f7:c0:34:f8:
ae:d6:31:32:a2:c1:18:4d:6e:b6:83:a6:1d:18:63:aa:84:10:
19:84:0f:15:d9:cc:03:2b:19:f8:c5:96:4a:a1:7f:08:dd:53:
16:bd:2b:ee:bb:2a:59:8b:35:72:c0:9c:0f:57:6d:d9:7c:9f:
7a:70:78:4b:f3:8d:14:31:78:d4:d2:5b:0b:87:e7:11:c5:74:
92:12:32:49:5b:74:f2:43:42:16:64:bd:76:f7:9d:b2:0b:bc:
ad:fd:b3:42:01:58:81:06:91:19:8d:f8:ca:c0:02:b0:12:ec:
88:f4:9b:25:02:33:5e:5c:3a:b6:90:97:26:90:0e:87:58:ec:
eb:d9:5f:d0:4d:f1:7b:77:e9:d9:fd:84:9c:0d:41:3a:16:e0:
c1:10:b8:a8:9c:ab:5d:cf:5e:09:fb:63:2b:38:3e:02:c7:4a:
cc:1b:67:47:ac:3c:3d:5d:51:e8:84:f4:22:51:ed:4d:12:6f:
3f:e8:96:ed:de:97:03:0c:90:a8:ef:aa:50:8f:bc:84:8f:da:
bd:f3:48:50:ba:c1:2e:c3:95:be:10:4f:72:78:1e:e8:09:0c:
e7:e7:bc:bf:94:bf:14:6a:18:4b:8e:19:37:41:5e:a1:7e:54:
32:22:e5:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJ0/Br5eqWvki2aAch31cv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjQxMDEwMDU1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ4MjY2YzQwMmMyMDE3MmM3MTcxZmM0MWY4NjU3OWZlZTNlN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTpFM4vZ6zrNZl3df+1zQMIMvlFK
BEnQj4dhbrhC5DTLvy5w8yzHQDw+osDi6qN1YpsOxX3CHYb9V/STRfNPTOwv/wiL
aev0hc9Sl6HgRCjBSVsmpueaQcemtEEPWE35yl5QTHSBfixoOmejgK0PFoJtUfy/
VGczHZgxJd9EAssgZZ8jC9eYCEx7jvRZtOdwu7BExIj2ZXiP/iyX06gIUdnkRuab
cW1PvR7cS1/XE79t1BpE54tbyzHnDPV08sQE6o94nceeZl7L2VtzuSPbkItBOLB4
Hz1pFFKzaxwQQKC2fJlQX+yAkvUeb9mAqDd8DJQ6D4JNgzlZtPhS5BjVfwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDDYJmxALCAXLHFx/EH4ZXn+4+fhMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvTU5nbWJFQXNJQmNzY1hIOFFmaGxlZjdqNS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBZ+LCAwQA
Z+WoAwQAZ+WrAwQBuZFGAwQCud+wAwQAue3UMA0GCSqGSIb3DQEBCwUAA4IBAQAx
IgGQqMBD4oWZqc0X3ffANPiu1jEyosEYTW62g6YdGGOqhBAZhA8V2cwDKxn4xZZK
oX8I3VMWvSvuuypZizVywJwPV23ZfJ96cHhL840UMXjU0lsLh+cRxXSSEjJJW3Ty
Q0IWZL12952yC7yt/bNCAViBBpEZjfjKwAKwEuyI9JslAjNeXDq2kJcmkA6HWOzr
2V/QTfF7d+nZ/YScDUE6FuDBELionKtdz14J+2MrOD4Cx0rMG2dHrDw9XVHohPQi
Ue1NEm8/6Jbt3pcDDJCo76pQj7yEj9q980hQusEuw5W+EE9yeB7oCQzn57y/lL8U
ahhLjhk3QV6hflQyIuWo
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:20 2024 by rpki-client on console-fra.rpki-client.org