Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mBWROFPUnsbhTWGORhx8ubV91Iw.roa
File: mBWROFPUnsbhTWGORhx8ubV91Iw.roa (raw, json)
Hash identifier: hyFHYx8JJ28mM2yxLoXExUFxbvkXlpJsl0SShv0/S7c=
Subject key identifier: 98:15:91:38:53:D4:9E:C6:E1:4D:61:8E:46:1C:7C:B9:B5:7D:D4:8C
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01932CA6D05515D8A88EC3665098D7E9AC63
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mBWROFPUnsbhTWGORhx8ubV91Iw.roa
Signing time: Thu 14 Nov 2024 21:49:10 +0000
ROA not before: Thu 14 Nov 2024 21:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.24.0/22 maxlen: 24
94.131.48.0/20 maxlen: 24
94.131.64.0/20 maxlen: 24
95.164.44.0/22 maxlen: 22
95.164.70.0/24 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.168.0/23 maxlen: 24
95.164.192.0/22 maxlen: 24
95.164.200.0/21 maxlen: 21
95.164.240.0/21 maxlen: 21
95.164.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:a6:d0:55:15:d8:a8:8e:c3:66:50:98:d7:e9:ac:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 14 21:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9815913853d49ec6e14d618e461c7cb9b57dd48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:51:fe:7d:d7:42:17:e3:44:ea:a6:12:32:d8:
cb:dd:90:96:81:b2:ab:24:0c:75:a7:a8:24:48:e5:
d9:25:e8:08:64:e8:89:db:9f:d5:6b:4d:17:ec:d3:
9d:c7:ea:83:20:6f:32:e2:e2:7b:3e:45:d8:ec:5c:
7c:9f:10:1b:42:5a:e7:36:00:e0:52:cc:77:27:5d:
83:0e:fc:e0:4e:f5:65:27:f2:ac:be:a9:b3:9e:b6:
59:60:22:16:5f:1f:9a:d8:9b:0a:dd:a0:a4:81:76:
e0:13:88:90:ba:37:ce:00:5f:b9:4e:de:57:23:f2:
00:de:e2:cf:6b:2b:ff:4d:e7:16:fa:1a:36:ce:22:
11:93:2b:c3:90:76:03:b4:cd:2c:fc:fd:79:b9:45:
41:fa:2b:61:e7:e2:ec:f5:f2:da:db:43:61:b5:63:
b8:f6:19:c4:c7:52:13:ce:41:95:9c:ab:77:82:39:
4a:4f:81:cd:d6:00:e8:c2:d5:cd:95:c3:6a:94:ca:
11:8d:fb:c7:da:99:4a:b9:f0:8a:ca:2e:37:04:2b:
e3:f3:e5:0c:bd:2a:82:a3:9e:db:e7:68:9a:6f:c9:
8e:28:3e:bb:f1:15:e9:28:8c:25:4d:e9:e8:5d:4a:
7e:4b:9a:68:d9:46:dc:c0:c3:c0:5c:c7:91:17:3d:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:15:91:38:53:D4:9E:C6:E1:4D:61:8E:46:1C:7C:B9:B5:7D:D4:8C
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mBWROFPUnsbhTWGORhx8ubV91Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.44.0/22
95.164.70.0/24
95.164.128.0/20
95.164.168.0/23
95.164.192.0/22
95.164.200.0/21
95.164.240.0/21
95.164.252.0/22
Signature Algorithm: sha256WithRSAEncryption
24:be:a4:57:bb:cf:14:2e:6c:41:23:78:3c:78:18:20:c5:58:
26:ec:3c:0d:9f:85:7e:f5:fd:f4:88:4c:ce:bf:3b:29:0e:30:
bc:3c:cb:b1:4b:ff:57:78:ef:7d:01:31:25:83:ed:b0:17:3c:
dc:ff:5d:a5:ad:2a:18:d6:bb:e8:d1:ee:fa:42:20:05:0f:1b:
05:da:05:e9:a8:d3:54:85:03:8e:c2:68:3c:03:fa:80:be:b9:
35:df:62:0c:38:33:2f:75:fa:e6:a6:b1:09:29:74:6c:70:6d:
f2:39:a5:de:cc:54:c2:d8:6a:d4:0c:f5:8b:28:89:59:fc:09:
a1:72:55:58:a3:92:0a:c0:03:ec:03:89:ee:2e:b2:27:2d:6b:
af:d3:1f:46:d8:8b:4f:b8:0f:c3:9b:c0:1e:ff:20:4f:b9:03:
3c:72:74:10:9a:c4:fc:96:d4:dc:c9:ed:d4:8c:58:e4:b4:3d:
dc:0e:2b:a3:bb:16:ad:e3:f0:fc:63:e7:63:90:80:c8:28:cb:
4a:ff:56:be:5d:a6:96:c3:0e:e6:1d:fd:63:df:91:2f:08:21:
85:a1:9c:e5:91:53:1a:cc:e1:9f:13:de:4c:50:31:ed:ba:a3:
4c:f0:f2:bd:46:64:27:27:e6:c0:f9:c7:dc:dc:bb:f1:83:bd:
a9:3c:a7:9a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZMsptBVFdiojsNmUJjX6axjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTE0MjE0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE1OTEzODUzZDQ5ZWM2ZTE0ZDYxOGU0NjFjN2NiOWI1N2RkNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VH+fddCF+NE6qYSMtjL3ZCWgbKr
JAx1p6gkSOXZJegIZOiJ25/Va00X7NOdx+qDIG8y4uJ7PkXY7Fx8nxAbQlrnNgDg
Usx3J12DDvzgTvVlJ/KsvqmznrZZYCIWXx+a2JsK3aCkgXbgE4iQujfOAF+5Tt5X
I/IA3uLPayv/TecW+ho2ziIRkyvDkHYDtM0s/P15uUVB+ith5+Ls9fLa20NhtWO4
9hnEx1ITzkGVnKt3gjlKT4HN1gDowtXNlcNqlMoRjfvH2plKufCKyi43BCvj8+UM
vSqCo57b52iab8mOKD678RXpKIwlTenoXUp+S5po2UbcwMPAXMeRFz3ClwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJgVkThT1J7G4U1hjkYcfLm1fdSMMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbUJXUk9GUFVuc2JoVFdHT1JoeDh1YlY5MUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpCwDBABfpEYDBARfpIADBAFfpKgDBAJfpMADBANfpMgD
BANfpPADBAJfpPwwDQYJKoZIhvcNAQELBQADggEBACS+pFe7zxQubEEjeDx4GCDF
WCbsPA2fhX71/fSITM6/OykOMLw8y7FL/1d4730BMSWD7bAXPNz/XaWtKhjWu+jR
7vpCIAUPGwXaBemo01SFA47CaDwD+oC+uTXfYgw4My91+uamsQkpdGxwbfI5pd7M
VMLYatQM9YsoiVn8CaFyVVijkgrAA+wDie4usicta6/TH0bYi0+4D8ObwB7/IE+5
AzxydBCaxPyW1NzJ7dSMWOS0PdwOK6O7Fq3j8Pxj52OQgMgoy0r/Vr5dppbDDuYd
/WPfkS8IIYWhnOWRUxrM4Z8T3kxQMe26o0zw8r1GZCcn5sD5x9zcu/GDvak8p5o=
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:00:48 2024 by rpki-client on console-fra.rpki-client.org