Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/mu_txoTzYK0VDon_ub594dUiTVM.roa
File: mu_txoTzYK0VDon_ub594dUiTVM.roa (raw, json)
Hash identifier: wd4Cw+X07/VpV0g+fAVzuocidqyoQmxdO/CZ2egr+4k=
Subject key identifier: 9A:EF:ED:C6:84:F3:60:AD:15:0E:89:FF:B9:BE:7D:E1:D5:22:4D:53
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: 01912B6A7DAD07564DC0408B7240AA3EF210
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/mu_txoTzYK0VDon_ub594dUiTVM.roa
Signing time: Wed 07 Aug 2024 05:58:04 +0000
ROA not before: Wed 07 Aug 2024 05:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39280
IP address blocks: 46.228.176.0/20 maxlen: 20
46.228.176.0/21 maxlen: 21
46.228.184.0/21 maxlen: 21
81.21.80.0/20 maxlen: 20
81.21.80.0/21 maxlen: 21
81.21.88.0/21 maxlen: 21
93.184.224.0/20 maxlen: 20
93.184.224.0/21 maxlen: 21
93.184.232.0/21 maxlen: 21
185.41.200.0/22 maxlen: 22
185.41.200.0/23 maxlen: 23
185.41.202.0/23 maxlen: 23
2a03:ba40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2b:6a:7d:ad:07:56:4d:c0:40:8b:72:40:aa:3e:f2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Aug 7 05:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aefedc684f360ad150e89ffb9be7de1d5224d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:38:46:90:5e:da:34:53:c4:5c:d3:62:71:
7f:bc:45:1f:6e:47:b8:8a:21:0b:e3:ac:13:48:ac:
39:de:0c:15:6c:ea:9b:f3:ae:6b:70:1f:9f:b3:80:
18:36:5f:ab:b6:5b:c6:a9:13:a4:ee:c6:e0:a2:37:
57:03:d5:bc:77:c0:72:b8:2f:ff:ff:2f:ff:16:50:
ea:4e:3f:c8:6a:25:a0:42:e4:43:9a:0e:d5:1d:06:
7a:92:fb:5a:ff:63:a1:3b:61:8d:9c:1e:75:5b:7f:
fb:b6:00:6a:04:af:09:07:fb:24:ca:c6:96:68:16:
c4:4b:15:f8:4b:26:97:7d:df:b9:0a:f8:cc:18:78:
07:14:17:04:11:af:cb:7a:49:92:0f:ee:61:bb:9d:
f0:b2:89:d6:36:bb:f7:ce:92:43:e9:99:bd:16:b7:
6d:32:f9:de:14:9a:2f:1b:8e:49:50:82:b2:c3:18:
c1:80:f3:25:bf:e3:51:29:0a:73:f4:b3:da:80:74:
af:08:f4:fc:1f:48:ce:bc:b2:6e:fc:c2:15:64:ce:
ad:4e:ec:69:f2:49:46:59:03:fb:08:4a:8b:93:35:
44:c3:db:f6:a8:53:a2:dc:91:04:2f:65:e7:0e:68:
c7:89:d0:5a:6a:15:a9:42:4d:fb:cc:ab:03:82:85:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EF:ED:C6:84:F3:60:AD:15:0E:89:FF:B9:BE:7D:E1:D5:22:4D:53
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/mu_txoTzYK0VDon_ub594dUiTVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.176.0/20
81.21.80.0/20
93.184.224.0/20
185.41.200.0/22
IPv6:
2a03:ba40::/32
Signature Algorithm: sha256WithRSAEncryption
0f:df:e5:71:5d:df:eb:68:2f:56:aa:b6:ca:64:ed:76:23:ee:
df:f9:73:f8:52:49:c5:78:3d:a2:80:05:50:90:4a:e0:8e:82:
d9:16:52:34:3b:a6:a4:28:ad:53:ed:9a:58:7e:1f:17:a1:6c:
06:52:80:55:83:dc:ac:2d:64:af:f4:49:0b:42:d3:91:16:e1:
0a:9b:13:90:7f:a6:75:a6:eb:51:d2:fa:59:b8:f9:cb:1c:d3:
d4:9d:88:0c:8c:a7:26:28:45:4e:e4:64:d7:bb:18:39:f9:44:
e4:72:63:11:5b:64:a9:29:3e:65:a8:fa:c4:c3:3e:15:c8:8a:
43:e1:75:4d:dc:48:66:da:7b:8d:e7:57:10:7c:a5:1f:41:d6:
4c:75:b8:1b:47:4b:9a:61:e3:a3:bc:d3:75:10:01:a1:f1:ca:
d2:cb:9e:20:54:67:f7:74:23:7f:14:d4:40:09:08:8a:05:59:
fc:ea:c7:4f:8e:ff:bd:f8:20:16:b5:a0:f9:3f:b0:25:ba:ec:
62:69:72:b6:ea:68:f0:cd:af:3a:e0:10:e8:90:26:11:3d:09:
37:7a:a5:b4:07:b0:6f:23:9f:dc:c4:0d:37:f0:ef:67:5c:28:
bf:0e:ad:64:18:d8:a6:f6:63:55:ba:2f:74:97:83:a0:61:7e:
97:19:0f:d7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZEran2tB1ZNwECLckCqPvIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGRkMmQwNmQ5MjBlNDAzOTMzZmRiMmNkMTk4NDg5MzU1
MjU3OWMwHhcNMjQwODA3MDU1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVmZWRjNjg0ZjM2MGFkMTUwZTg5ZmZiOWJlN2RlMWQ1MjI0ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlE4RpBe2jRTxFzTYnF/vEUfbke4
iiEL46wTSKw53gwVbOqb865rcB+fs4AYNl+rtlvGqROk7sbgojdXA9W8d8ByuC//
/y//FlDqTj/IaiWgQuRDmg7VHQZ6kvta/2OhO2GNnB51W3/7tgBqBK8JB/skysaW
aBbESxX4SyaXfd+5CvjMGHgHFBcEEa/LekmSD+5hu53wsonWNrv3zpJD6Zm9Frdt
MvneFJovG45JUIKywxjBgPMlv+NRKQpz9LPagHSvCPT8H0jOvLJu/MIVZM6tTuxp
8klGWQP7CEqLkzVEw9v2qFOi3JEEL2XnDmjHidBaahWpQk37zKsDgoWA5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJrv7caE82CtFQ6J/7m+feHVIk1TMB8GA1UdIwQY
MBaAFI1N0tBtkg5AOTP9ss0ZhIk1UlecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQt
MzJmZjMxY2VlYzhiLzEvbXVfdHhvVHpZSzBWRG9uX3ViNTk0ZFVpVFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQtMzJmZjMxY2VlYzhi
LzEvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELuSwAwQE
URVQAwQEXbjgAwQCuSnIMA0EAgACMAcDBQAqA7pAMA0GCSqGSIb3DQEBCwUAA4IB
AQAP3+VxXd/raC9WqrbKZO12I+7f+XP4UknFeD2igAVQkErgjoLZFlI0O6akKK1T
7ZpYfh8XoWwGUoBVg9ysLWSv9EkLQtORFuEKmxOQf6Z1putR0vpZuPnLHNPUnYgM
jKcmKEVO5GTXuxg5+UTkcmMRW2SpKT5lqPrEwz4VyIpD4XVN3Ehm2nuN51cQfKUf
QdZMdbgbR0uaYeOjvNN1EAGh8crSy54gVGf3dCN/FNRACQiKBVn86sdPjv+9+CAW
taD5P7AluuxiaXK26mjwza864BDokCYRPQk3eqW0B7BvI5/cxA038O9nXCi/Dq1k
GNim9mNVui90l4OgYX6XGQ/X
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:41 2024 by rpki-client on console-fra.rpki-client.org