Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/B5tDZy08jm893lcRZfkVpKg6Q0Y.roa
File: B5tDZy08jm893lcRZfkVpKg6Q0Y.roa (raw, json)
Hash identifier: wannNt489Mq+W9l221BiVMzY0nqILzZTbDKE0EKPxac=
Subject key identifier: 07:9B:43:67:2D:3C:8E:6F:3D:DE:57:11:65:F9:15:A4:A8:3A:43:46
Certificate issuer: /CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Certificate serial: 018CC26CEEC3BFE5F14011F0DAF9AD15A6A5
Authority key identifier: 9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/B5tDZy08jm893lcRZfkVpKg6Q0Y.roa
Signing time: Mon 01 Jan 2024 00:29:27 +0000
ROA not before: Mon 01 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56515
IP address blocks: 185.24.164.0/22 maxlen: 24
176.110.144.0/20 maxlen: 24
31.128.0.0/19 maxlen: 24
2a04:2b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/mk-ppgpaJP_mFLbftYgT2SWjsxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/mk-ppgpaJP_mFLbftYgT2SWjsxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:ee:c3:bf:e5:f1:40:11:f0:da:f9:ad:15:a6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4fa9a60a5a24ffe614b6dfb58813d925a3b318
Validity
Not Before: Jan 1 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=079b43672d3c8e6f3dde571165f915a4a83a4346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:9f:20:53:c6:07:8e:97:ed:65:0a:b2:e7:
6f:18:31:8d:1a:cf:ba:93:67:9c:1f:d5:91:58:be:
32:5c:07:4a:db:e9:a1:99:f7:0b:33:5f:f4:7e:36:
14:3e:4c:69:5f:f4:5b:30:ec:b2:90:01:f1:1d:e2:
92:70:2b:18:9f:62:09:85:1e:3e:05:fe:01:5c:7e:
6e:18:7a:0c:05:ea:54:05:8a:b0:f3:06:f5:b9:3a:
cc:a9:e0:64:9f:73:ff:73:fc:e8:db:5e:df:d7:5a:
96:83:95:34:9b:cd:65:49:e1:8d:84:16:8a:8d:62:
b1:37:7e:6f:7d:21:c4:eb:ae:0d:11:34:cf:3b:73:
62:0f:7a:51:c6:89:34:0e:11:5a:c4:31:62:f7:a7:
52:ee:97:4b:23:d1:19:6e:0e:d3:08:13:80:d0:b2:
d9:9f:34:d7:06:3a:1b:97:5a:1e:b4:89:83:2a:c7:
eb:cf:22:58:03:19:48:a9:2d:f8:aa:52:59:b9:48:
a9:87:92:42:60:80:24:15:14:7c:aa:d1:0c:49:94:
90:c3:e4:fb:41:48:5d:c7:d6:30:ac:e4:f6:89:1d:
e1:d5:0e:53:86:b0:27:79:20:21:2c:df:6f:32:4c:
a1:b7:71:dc:af:99:af:b8:bc:26:1d:b1:9e:31:ed:
e7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9B:43:67:2D:3C:8E:6F:3D:DE:57:11:65:F9:15:A4:A8:3A:43:46
X509v3 Authority Key Identifier:
keyid:9A:4F:A9:A6:0A:5A:24:FF:E6:14:B6:DF:B5:88:13:D9:25:A3:B3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk-ppgpaJP_mFLbftYgT2SWjsxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/B5tDZy08jm893lcRZfkVpKg6Q0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5b0494-5ad6-4ea4-95fa-a83d9d920d31/1/mk-ppgpaJP_mFLbftYgT2SWjsxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.0.0/19
176.110.144.0/20
185.24.164.0/22
IPv6:
2a04:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
51:69:fa:42:2a:13:93:de:df:ad:1d:5d:35:26:fb:bd:64:4c:
d5:ec:98:81:ee:ed:94:12:2c:b3:24:e4:cf:63:e6:be:94:ab:
ce:4d:89:db:ac:16:e9:fe:d9:b1:dd:1d:f1:8c:45:21:b9:6e:
d8:eb:de:bc:44:84:bd:3c:df:c8:a0:4e:c9:1e:aa:cd:4e:f2:
53:19:93:ff:00:01:9a:b7:f1:cd:df:c5:22:d7:8a:d8:6a:74:
13:7f:83:cc:10:73:46:e8:13:d4:cf:22:52:15:04:85:90:cc:
1f:81:f8:94:74:0a:d2:33:c0:4b:3d:65:10:9f:04:33:3a:25:
ab:7c:db:b6:43:86:cb:15:b8:9b:95:51:a2:4c:3f:de:90:95:
43:73:fd:93:41:03:28:72:73:80:9a:f0:cb:16:c3:4b:89:65:
5c:11:e8:ad:91:71:42:90:ef:d2:40:96:9a:24:e9:9b:fa:81:
1e:3d:fd:47:44:e5:a8:af:38:95:8a:fb:56:6e:7e:02:4f:b3:
7c:42:4e:3b:ac:79:35:70:df:b9:29:1a:d4:e4:5e:6a:c8:7d:
21:ca:9f:6f:88:f9:e8:2e:55:94:43:51:fa:1e:e0:30:92:0a:
8f:55:75:92:35:78:32:07:d2:d0:85:3c:43:1e:b5:7b:fa:00:
0f:8b:37:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbO7Dv+XxQBHw2vmtFaalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGZhOWE2MGE1YTI0ZmZlNjE0YjZkZmI1ODgxM2Q5MjVh
M2IzMTgwHhcNMjQwMTAxMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzliNDM2NzJkM2M4ZTZmM2RkZTU3MTE2NWY5MTVhNGE4M2E0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUufIFPGB46X7WUKsudvGDGNGs+6
k2ecH9WRWL4yXAdK2+mhmfcLM1/0fjYUPkxpX/RbMOyykAHxHeKScCsYn2IJhR4+
Bf4BXH5uGHoMBepUBYqw8wb1uTrMqeBkn3P/c/zo217f11qWg5U0m81lSeGNhBaK
jWKxN35vfSHE664NETTPO3NiD3pRxok0DhFaxDFi96dS7pdLI9EZbg7TCBOA0LLZ
nzTXBjobl1oetImDKsfrzyJYAxlIqS34qlJZuUiph5JCYIAkFRR8qtEMSZSQw+T7
QUhdx9YwrOT2iR3h1Q5ThrAneSAhLN9vMkyht3Hcr5mvuLwmHbGeMe3nOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAebQ2ctPI5vPd5XEWX5FaSoOkNGMB8GA1UdIwQY
MBaAFJpPqaYKWiT/5hS237WIE9klo7MYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEt
YTgzZDlkOTIwZDMxLzEvQjV0RFp5MDhqbTg5M2xjUlpma1ZwS2c2UTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81YjA0OTQtNWFkNi00ZWE0LTk1ZmEtYTgzZDlkOTIwZDMx
LzEvbWstcHBncGFKUF9tRkxiZnRZZ1QyU1dqc3hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFH4AAAwQE
sG6QAwQCuRikMA0EAgACMAcDBQMqBCtAMA0GCSqGSIb3DQEBCwUAA4IBAQBRafpC
KhOT3t+tHV01Jvu9ZEzV7JiB7u2UEiyzJOTPY+a+lKvOTYnbrBbp/tmx3R3xjEUh
uW7Y6968RIS9PN/IoE7JHqrNTvJTGZP/AAGat/HN38Ui14rYanQTf4PMEHNG6BPU
zyJSFQSFkMwfgfiUdArSM8BLPWUQnwQzOiWrfNu2Q4bLFbiblVGiTD/ekJVDc/2T
QQMocnOAmvDLFsNLiWVcEeitkXFCkO/SQJaaJOmb+oEePf1HROWorziVivtWbn4C
T7N8Qk47rHk1cN+5KRrU5F5qyH0hyp9viPnoLlWUQ1H6HuAwkgqPVXWSNXgyB9LQ
hTxDHrV7+gAPizc5
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:42:27 2024 by rpki-client on console-ams.rpki-client.org