Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/M5CbkrMNwk5FVYxAFfad4Zpqxp0.roa
File: M5CbkrMNwk5FVYxAFfad4Zpqxp0.roa (raw, json)
Hash identifier: JgUyKvlySmQhRbrON8zTTHwLeN5Uv35z6wujgjESFng=
Subject key identifier: 33:90:9B:92:B3:0D:C2:4E:45:55:8C:40:15:F6:9D:E1:9A:6A:C6:9D
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 0192412B978A1352F47D24AAA2017A0B5697
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/M5CbkrMNwk5FVYxAFfad4Zpqxp0.roa
Signing time: Mon 30 Sep 2024 04:23:48 +0000
ROA not before: Mon 30 Sep 2024 04:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58289
IP address blocks: 91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:41:2b:97:8a:13:52:f4:7d:24:aa:a2:01:7a:0b:56:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Sep 30 04:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33909b92b30dc24e45558c4015f69de19a6ac69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c7:6f:f0:46:f2:19:13:2d:aa:4a:59:64:22:
64:d2:f7:52:b9:36:26:76:83:52:c6:7a:ef:d6:03:
1b:e2:3c:cf:57:c7:39:6c:18:06:fc:cd:49:b7:e4:
71:a3:d2:67:bd:50:b5:3b:43:98:b3:85:92:f9:d3:
e4:6e:ab:e5:8c:61:e5:6e:47:06:39:1e:b7:5e:2c:
d8:9c:fd:9d:8f:2f:f8:a5:33:1c:64:92:8b:8f:d9:
b9:8a:82:66:46:0f:8a:1a:e3:72:a7:87:86:88:12:
06:cc:7d:b6:1a:cd:ac:95:04:d4:51:85:29:d3:ab:
92:fc:e1:18:da:17:c1:1a:5a:94:2d:a5:72:de:74:
6a:0e:d5:1e:09:49:42:02:0f:9f:55:08:1d:ac:40:
31:df:25:3d:80:20:27:b4:1b:b7:1a:9a:8d:3a:0a:
83:17:5d:53:99:bc:49:3b:d8:36:05:0c:40:eb:7f:
fc:21:b4:52:ec:1a:9a:e6:80:e9:fa:32:ca:d7:b2:
b0:49:2f:bb:9d:22:7b:3a:50:09:09:85:7d:8a:e8:
b0:9c:46:76:af:ef:92:58:9e:93:41:a2:6c:15:10:
eb:88:01:4a:21:c0:ba:3e:dd:ae:a3:10:fa:8b:0d:
0e:43:4a:0c:66:d2:8b:fb:6a:22:59:99:0b:63:c9:
97:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:90:9B:92:B3:0D:C2:4E:45:55:8C:40:15:F6:9D:E1:9A:6A:C6:9D
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/M5CbkrMNwk5FVYxAFfad4Zpqxp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.111.0/24
92.240.243.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
78:90:36:bb:d8:a9:c8:90:a8:80:cf:7d:a2:6e:31:59:a8:74:
81:a0:04:7f:e4:fd:c1:01:e4:7a:e9:9c:59:1d:bc:2a:5c:53:
98:8d:1d:46:71:27:9f:90:59:c3:41:8e:af:26:60:3f:2f:57:
f2:a2:55:93:e8:03:be:d0:af:b1:be:8c:3d:16:59:53:2c:ca:
aa:09:3e:f8:7b:ba:3b:17:c7:42:15:56:86:66:21:93:27:27:
a6:ea:f1:38:fb:26:b7:e4:ef:f4:03:a2:4d:77:37:fb:68:16:
e1:06:01:f5:09:f5:d7:d8:49:94:43:74:58:c3:76:0f:1f:15:
96:cc:46:c7:f5:45:5a:fb:66:5a:8b:10:50:6e:04:8f:6d:ce:
e8:1f:42:e0:de:16:2c:72:e3:25:85:9e:ab:8e:0d:b0:95:9c:
a8:76:7a:c9:61:3d:7b:3f:18:ad:ae:af:bd:79:5c:a2:52:67:
d6:2c:e5:fc:b3:0f:72:1b:54:fb:f0:be:1f:0e:c7:2f:09:1a:
64:3c:ce:cf:6b:89:bf:55:4a:f7:08:20:bb:ee:8a:4f:59:9e:
c0:55:75:11:53:ff:31:6c:dd:49:83:bf:32:6c:8f:4a:57:6f:
86:ff:3a:2a:4b:3c:bc:80:fc:60:eb:8b:2b:e8:38:02:34:99:
cc:3b:49:56
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZJBK5eKE1L0fSSqogF6C1aXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwOTMwMDQyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkwOWI5MmIzMGRjMjRlNDU1NThjNDAxNWY2OWRlMTlhNmFjNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8dv8EbyGRMtqkpZZCJk0vdSuTYm
doNSxnrv1gMb4jzPV8c5bBgG/M1Jt+Rxo9JnvVC1O0OYs4WS+dPkbqvljGHlbkcG
OR63XizYnP2djy/4pTMcZJKLj9m5ioJmRg+KGuNyp4eGiBIGzH22Gs2slQTUUYUp
06uS/OEY2hfBGlqULaVy3nRqDtUeCUlCAg+fVQgdrEAx3yU9gCAntBu3GpqNOgqD
F11TmbxJO9g2BQxA63/8IbRS7Bqa5oDp+jLK17KwSS+7nSJ7OlAJCYV9iuiwnEZ2
r++SWJ6TQaJsFRDriAFKIcC6Pt2uoxD6iw0OQ0oMZtKL+2oiWZkLY8mXVwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDOQm5KzDcJORVWMQBX2neGaasadMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvTTVDYmtyTU53azVGVll4QUZmYWQ0WnBxeHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW5NvAwQA
XPDzAwQAuaLqAwQAwSv7AwQAwh+FAwQAwh+HMA8EAgACMAkDBwAqDmYAAAAwDQYJ
KoZIhvcNAQELBQADggEBAHiQNrvYqciQqIDPfaJuMVmodIGgBH/k/cEB5HrpnFkd
vCpcU5iNHUZxJ5+QWcNBjq8mYD8vV/KiVZPoA77Qr7G+jD0WWVMsyqoJPvh7ujsX
x0IVVoZmIZMnJ6bq8Tj7Jrfk7/QDok13N/toFuEGAfUJ9dfYSZRDdFjDdg8fFZbM
Rsf1RVr7ZlqLEFBuBI9tzugfQuDeFixy4yWFnquODbCVnKh2eslhPXs/GK2ur715
XKJSZ9Ys5fyzD3IbVPvwvh8Oxy8JGmQ8zs9rib9VSvcIILvuik9ZnsBVdRFT/zFs
3UmDvzJsj0pXb4b/OipLPLyA/GDriyvoOAI0mcw7SVY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:33 2024 by rpki-client on console-fra.rpki-client.org