Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/MaZdzTTQFQris18UxONKg4Lnri0.roa
File: MaZdzTTQFQris18UxONKg4Lnri0.roa (raw, json)
Hash identifier: CChxr6SdbY2NNFCo6JeZsblKmpZDinrRDj3sp7sj6Eg=
Subject key identifier: 31:A6:5D:CD:34:D0:15:0A:E2:B3:5F:14:C4:E3:4A:83:82:E7:AE:2D
Certificate issuer: /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial: 018D544BA4103B26F378EEC1E95E81874045
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/MaZdzTTQFQris18UxONKg4Lnri0.roa
Signing time: Mon 29 Jan 2024 08:17:39 +0000
ROA not before: Mon 29 Jan 2024 08:17:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29695
IP address blocks: 5.152.136.0/21 maxlen: 21
5.172.182.0/24 maxlen: 24
45.14.52.0/22 maxlen: 22
79.160.0.0/15 maxlen: 24
80.203.0.0/17 maxlen: 17
81.166.0.0/15 maxlen: 24
84.234.128.0/17 maxlen: 24
89.11.128.0/17 maxlen: 17
92.220.0.0/15 maxlen: 21
109.247.0.0/16 maxlen: 21
141.0.64.0/18 maxlen: 18
213.167.96.0/19 maxlen: 19
2a01:798::/29 maxlen: 32
2a11:5100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:4b:a4:10:3b:26:f3:78:ee:c1:e9:5e:81:87:40:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Validity
Not Before: Jan 29 08:17:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31a65dcd34d0150ae2b35f14c4e34a8382e7ae2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:73:3d:c9:88:5b:f1:6b:c9:d5:44:46:67:
26:0a:cd:02:65:b7:3c:02:1d:2d:5e:b9:64:99:43:
51:23:b4:f8:13:f6:ae:ca:2e:11:3f:19:ba:9a:50:
39:39:77:d0:5c:49:1e:08:35:79:16:b9:0a:43:ef:
40:58:5f:37:76:68:af:f1:d0:43:e3:19:e5:6b:a6:
b2:13:d6:e4:72:95:a2:8b:e4:27:3a:a1:35:d5:77:
7c:31:ab:ab:99:43:97:02:23:55:eb:a9:58:a1:10:
3f:b5:86:01:99:66:c9:71:31:67:ae:8c:6d:25:88:
2c:67:7a:12:ad:10:2f:a1:3d:a0:dd:4c:be:5a:43:
d6:0d:25:80:2e:c8:35:55:42:6d:59:c0:05:47:40:
ca:69:a2:89:30:14:9d:61:7b:7d:a1:63:a0:ab:34:
5d:01:3d:be:21:46:22:74:a5:dc:58:2d:8b:f4:4d:
0c:96:a0:69:29:d5:e5:ca:72:b4:ce:d7:85:72:d0:
0e:4c:22:1a:d2:ad:84:fe:de:1d:25:a0:9e:98:4f:
d7:fd:06:22:fc:48:20:84:21:2f:14:e9:01:18:57:
1f:4c:5f:df:42:4f:1a:56:ce:73:ab:2a:ac:6c:d9:
47:1a:4b:5e:85:d0:7f:e1:0b:86:55:1d:e2:b8:44:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A6:5D:CD:34:D0:15:0A:E2:B3:5F:14:C4:E3:4A:83:82:E7:AE:2D
X509v3 Authority Key Identifier:
keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/MaZdzTTQFQris18UxONKg4Lnri0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.136.0/21
5.172.182.0/24
45.14.52.0/22
79.160.0.0/15
80.203.0.0/17
81.166.0.0/15
84.234.128.0/17
89.11.128.0/17
92.220.0.0/15
109.247.0.0/16
141.0.64.0/18
213.167.96.0/19
IPv6:
2a01:798::/29
2a11:5100::/29
Signature Algorithm: sha256WithRSAEncryption
92:73:5e:03:4f:88:cd:4e:26:6e:48:8b:50:d1:12:8b:53:d6:
15:23:0d:2a:8f:21:10:2e:40:d8:c3:dd:43:9e:ca:2a:54:6d:
49:09:76:0b:8e:59:2b:ee:2f:86:83:70:9c:ee:fb:a0:bd:f7:
45:55:bb:33:62:4d:a6:7b:fe:6d:aa:e4:ce:8c:97:ff:79:81:
91:fc:67:2a:76:1a:10:c0:d6:cf:0b:f7:9a:aa:7f:ef:01:ab:
b5:a6:0a:30:ba:bc:2e:e3:27:c6:47:86:a6:8d:45:a1:d3:04:
8d:f5:ec:fa:e5:76:4d:13:7b:41:86:39:4b:40:0e:93:49:83:
f8:74:30:37:28:26:4d:7e:e2:c9:99:a7:f0:8a:7b:3d:c8:67:
3a:6d:2a:54:7a:89:22:4c:d6:64:62:73:be:84:65:b5:95:6c:
f4:8c:f5:05:c1:9a:4a:cb:52:2c:c1:18:8b:05:8f:0e:fe:47:
ed:b6:fc:93:89:7a:8d:0b:a0:fe:09:e6:94:41:6f:0c:36:25:
7b:39:7a:19:29:22:ca:ec:25:a4:32:2a:97:a3:b5:f0:7e:e1:
59:3b:c4:dd:7c:c7:77:52:f9:76:d0:25:a3:53:a6:30:c5:17:
39:a1:52:9b:0b:06:55:be:da:cc:e0:5a:7d:6c:d8:7c:e5:88:
9c:19:48:90
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY1US6QQOybzeO7B6V6Bh0BFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmI4MjE1YjIyNjZkYTNjMGY2Y2E1NWNjN2JhODAwZTlh
ZGUyYTIwHhcNMjQwMTI5MDgxNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE2NWRjZDM0ZDAxNTBhZTJiMzVmMTRjNGUzNGE4MzgyZTdhZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoNzPcmIW/FrydVERmcmCs0CZbc8
Ah0tXrlkmUNRI7T4E/auyi4RPxm6mlA5OXfQXEkeCDV5FrkKQ+9AWF83dmiv8dBD
4xnla6ayE9bkcpWii+QnOqE11Xd8MaurmUOXAiNV66lYoRA/tYYBmWbJcTFnroxt
JYgsZ3oSrRAvoT2g3Uy+WkPWDSWALsg1VUJtWcAFR0DKaaKJMBSdYXt9oWOgqzRd
AT2+IUYidKXcWC2L9E0MlqBpKdXlynK0zteFctAOTCIa0q2E/t4dJaCemE/X/QYi
/EgghCEvFOkBGFcfTF/fQk8aVs5zqyqsbNlHGktehdB/4QuGVR3iuETs5QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDGmXc000BUK4rNfFMTjSoOC564tMB8GA1UdIwQY
MBaAFEa7ghWyJm2jwPbKVcx7qADpreKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMt
N2E1NGRiNTllYzJkLzEvTWFaZHpUVFFGUXJpczE4VXhPTktnNExucmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82YTMyMTUtNmI2Mi00MzYzLTlhYmMtN2E1NGRiNTllYzJk
LzEvUnJ1Q0ZiSW1iYVBBOXNwVnpIdW9BT210NHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDBZiIAwQA
Bay2AwQCLQ40AwMBT6ADBAdQywADAwFRpgMEB1TqgAMEB1kLgAMDAVzcAwMAbfcD
BAaNAEADBAXVp2AwFAQCAAIwDgMFAyoBB5gDBQMqEVEAMA0GCSqGSIb3DQEBCwUA
A4IBAQCSc14DT4jNTiZuSItQ0RKLU9YVIw0qjyEQLkDYw91DnsoqVG1JCXYLjlkr
7i+Gg3Cc7vugvfdFVbszYk2me/5tquTOjJf/eYGR/GcqdhoQwNbPC/eaqn/vAau1
pgowurwu4yfGR4amjUWh0wSN9ez65XZNE3tBhjlLQA6TSYP4dDA3KCZNfuLJmafw
ins9yGc6bSpUeokiTNZkYnO+hGW1lWz0jPUFwZpKy1IswRiLBY8O/kfttvyTiXqN
C6D+CeaUQW8MNiV7OXoZKSLK7CWkMiqXo7XwfuFZO8TdfMd3Uvl20CWjU6YwxRc5
oVKbCwZVvtrM4Fp9bNh85YicGUiQ
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:02 2024 by rpki-client on console-fra.rpki-client.org