Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/MM1R16OMqMfboT7i8aeqVZOOoPE.roa
File: MM1R16OMqMfboT7i8aeqVZOOoPE.roa (raw, json)
Hash identifier: YLJwSFsRbu4Fk/pe2mr3B6za+pnYNE/Ne/p42qRCxyc=
Subject key identifier: 30:CD:51:D7:A3:8C:A8:C7:DB:A1:3E:E2:F1:A7:AA:55:93:8E:A0:F1
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 019175F9ADFF5C5F367C42F53F73E97E3D22
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/MM1R16OMqMfboT7i8aeqVZOOoPE.roa
Signing time: Wed 21 Aug 2024 17:26:22 +0000
ROA not before: Wed 21 Aug 2024 17:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.85.247.0/24 maxlen: 24
62.68.64.0/24 maxlen: 24
62.68.72.0/24 maxlen: 24
91.212.122.0/24 maxlen: 24
91.229.5.0/24 maxlen: 24
193.110.161.0/24 maxlen: 24
193.201.202.0/24 maxlen: 24
194.55.128.0/24 maxlen: 24
195.60.170.0/24 maxlen: 24
217.8.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:f9:ad:ff:5c:5f:36:7c:42:f5:3f:73:e9:7e:3d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Aug 21 17:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30cd51d7a38ca8c7dba13ee2f1a7aa55938ea0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:48:2d:48:cf:1e:89:90:62:6d:a0:18:89:9e:
a6:39:20:9e:af:17:a0:23:6d:e6:34:d0:b8:c8:08:
85:18:d4:d3:d9:1e:54:9a:c5:25:ef:e0:03:1e:16:
e3:cf:a4:1a:05:4e:92:d1:00:e3:2c:6b:b3:3d:dc:
62:4f:54:47:a1:75:34:f6:86:f8:bd:91:48:2c:31:
19:f8:b0:69:72:aa:e6:fd:c2:6a:8d:9f:5d:b7:d3:
10:30:7b:2d:7e:0a:9f:43:28:6d:a9:6f:af:17:8e:
b8:28:eb:e1:3c:78:33:0e:0c:ce:a3:94:94:be:56:
98:b7:98:c1:90:77:6d:38:4f:64:ed:09:f0:ff:a3:
6c:cd:f2:9d:c3:84:b3:6b:63:77:e8:f9:ee:67:65:
8c:08:45:92:7f:71:fd:2c:7d:d5:c0:c7:82:64:29:
f4:cd:94:be:f4:65:e7:cf:84:9b:62:38:5d:01:cd:
92:80:3a:e1:23:34:43:53:44:3c:14:d1:23:2e:6e:
bd:79:54:17:90:7d:e9:24:93:31:ab:ff:b3:b5:26:
7c:9e:46:ce:0f:5a:da:c3:a5:8e:60:d9:58:3b:3f:
03:ac:f0:2c:d1:76:ec:f0:08:ac:43:c7:a6:8d:79:
ca:3d:19:de:dd:1c:b2:43:e3:f6:ab:29:55:47:0e:
33:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CD:51:D7:A3:8C:A8:C7:DB:A1:3E:E2:F1:A7:AA:55:93:8E:A0:F1
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/MM1R16OMqMfboT7i8aeqVZOOoPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.247.0/24
62.68.64.0/24
62.68.72.0/24
91.212.122.0/24
91.229.5.0/24
193.110.161.0/24
193.201.202.0/24
194.55.128.0/24
195.60.170.0/24
217.8.116.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:36:a5:6a:53:6d:fc:80:05:9f:79:5c:fc:a4:fb:88:72:20:
06:21:c2:f6:64:5e:84:e6:d1:25:6d:9c:d7:d0:90:23:f4:5a:
79:ac:45:79:c5:39:b2:1c:56:b9:68:2f:23:3b:10:8a:c8:1a:
0c:eb:51:83:02:db:ad:86:8e:97:f6:6a:ff:03:87:37:e3:9f:
99:b4:e9:2e:5f:2f:ec:27:1d:5a:57:b9:ef:ac:45:ab:92:21:
15:e8:71:29:22:03:79:08:45:6f:71:3d:8b:2b:fa:97:59:d4:
d2:ae:62:fd:1d:31:42:ad:2a:a6:52:90:8a:22:4d:3e:8a:40:
10:ef:b3:b4:7c:2e:4a:b3:32:c9:4e:be:3b:57:68:a9:e9:5f:
fd:bc:56:07:e9:5a:d1:f8:f8:54:26:8a:00:73:84:d3:9c:da:
dc:a0:47:5e:5a:b6:35:4e:06:9f:05:e5:d9:85:af:98:f9:0a:
21:8b:b6:df:3d:5a:14:a6:39:b9:e7:9e:ae:8b:a6:e2:c5:f0:
15:dd:25:c5:c7:47:d3:2c:d5:14:ef:91:5f:d5:8f:cf:fe:bc:
83:2e:bc:18:fc:f4:cc:f5:c2:8b:5a:22:58:65:ab:52:3d:e5:
a1:73:ed:07:e7:94:97:26:8c:4b:73:f7:0d:85:d6:35:7a:1c:
29:bb:ad:64
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZF1+a3/XF82fEL1P3Ppfj0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwODIxMTcyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGNkNTFkN2EzOGNhOGM3ZGJhMTNlZTJmMWE3YWE1NTkzOGVhMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEgtSM8eiZBibaAYiZ6mOSCerxeg
I23mNNC4yAiFGNTT2R5UmsUl7+ADHhbjz6QaBU6S0QDjLGuzPdxiT1RHoXU09ob4
vZFILDEZ+LBpcqrm/cJqjZ9dt9MQMHstfgqfQyhtqW+vF464KOvhPHgzDgzOo5SU
vlaYt5jBkHdtOE9k7Qnw/6NszfKdw4Sza2N36PnuZ2WMCEWSf3H9LH3VwMeCZCn0
zZS+9GXnz4SbYjhdAc2SgDrhIzRDU0Q8FNEjLm69eVQXkH3pJJMxq/+ztSZ8nkbO
D1raw6WOYNlYOz8DrPAs0Xbs8AisQ8emjXnKPRne3RyyQ+P2qylVRw4z7wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDDNUdejjKjH26E+4vGnqlWTjqDxMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTU0xUjE2T01xTWZib1Q3aThhZXFWWk9Pb1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVX3AwQA
PkRAAwQAPkRIAwQAW9R6AwQAW+UFAwQAwW6hAwQAwcnKAwQAwjeAAwQAwzyqAwQA
2Qh0MA0GCSqGSIb3DQEBCwUAA4IBAQBaNqVqU238gAWfeVz8pPuIciAGIcL2ZF6E
5tElbZzX0JAj9Fp5rEV5xTmyHFa5aC8jOxCKyBoM61GDAtutho6X9mr/A4c345+Z
tOkuXy/sJx1aV7nvrEWrkiEV6HEpIgN5CEVvcT2LK/qXWdTSrmL9HTFCrSqmUpCK
Ik0+ikAQ77O0fC5KszLJTr47V2ip6V/9vFYH6VrR+PhUJooAc4TTnNrcoEdeWrY1
TgafBeXZha+Y+Qohi7bfPVoUpjm5556ui6bixfAV3SXFx0fTLNUU75Ff1Y/P/ryD
LrwY/PTM9cKLWiJYZatSPeWhc+0H55SXJoxLc/cNhdY1ehwpu61k
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:41 2024 by rpki-client on console-ams.rpki-client.org