Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/M-Cy_fpmbMHqt74W1Qew2WSNKBE.roa
File: M-Cy_fpmbMHqt74W1Qew2WSNKBE.roa (raw, json)
Hash identifier: CB4qN7ox6Mg0RRT3s+8tHrXxciPy4p9e0ctH84aKIEo=
Subject key identifier: 33:E0:B2:FD:FA:66:6C:C1:EA:B7:BE:16:D5:07:B0:D9:64:8D:28:11
Certificate issuer: /CN=7e1d7492b8e835f2e4e2ade4d2c54da9ab78af8c
Certificate serial: 018CC42542637FAFA94C7FF9BB5E15CE722B
Authority key identifier: 7E:1D:74:92:B8:E8:35:F2:E4:E2:AD:E4:D2:C5:4D:A9:AB:78:AF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fh10krjoNfLk4q3k0sVNqat4r4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/M-Cy_fpmbMHqt74W1Qew2WSNKBE.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213241
IP address blocks: 31.216.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/fh10krjoNfLk4q3k0sVNqat4r4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/fh10krjoNfLk4q3k0sVNqat4r4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/fh10krjoNfLk4q3k0sVNqat4r4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:42:63:7f:af:a9:4c:7f:f9:bb:5e:15:ce:72:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1d7492b8e835f2e4e2ade4d2c54da9ab78af8c
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33e0b2fdfa666cc1eab7be16d507b0d9648d2811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1d:1f:89:6c:81:af:1b:cf:52:fd:85:2d:eb:
06:e9:be:7c:70:e9:b8:54:fe:9a:35:22:3c:4d:b5:
27:f5:3b:d4:c7:3b:b8:ca:99:98:06:f7:b9:58:46:
ae:c0:49:ce:6d:03:10:4b:b3:c8:c1:57:e2:a2:14:
9f:fb:a7:fe:77:41:b0:54:61:44:a9:d4:c0:d0:ea:
be:3f:21:8c:61:8a:50:6c:45:b3:84:7f:24:2d:6a:
af:36:7f:1c:35:36:e2:58:96:fc:48:b3:12:ff:b0:
b7:e6:4e:04:72:b0:7e:9b:87:4e:1e:2e:06:ea:da:
fd:43:40:60:d9:b2:8b:30:48:0e:aa:05:43:c1:53:
30:30:b4:10:81:99:a6:d4:6d:e4:98:3c:23:ea:4b:
bc:51:f1:26:d3:be:d4:21:0f:5a:aa:c5:af:2b:fe:
07:83:7b:f1:69:8f:24:f6:6d:5e:ce:b9:24:81:48:
23:a2:e7:4b:77:56:d6:00:c5:7f:28:b9:59:97:60:
bb:c9:6a:94:11:cf:d2:a1:cd:0b:d7:52:35:58:c4:
f1:0e:7c:39:b8:ab:a2:5a:7a:17:cc:db:ef:97:9d:
64:4b:e7:96:45:19:a7:df:16:18:3b:78:16:bf:b0:
ae:9a:dc:c9:0a:bc:12:27:7d:1a:2f:4f:49:d7:13:
9c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E0:B2:FD:FA:66:6C:C1:EA:B7:BE:16:D5:07:B0:D9:64:8D:28:11
X509v3 Authority Key Identifier:
keyid:7E:1D:74:92:B8:E8:35:F2:E4:E2:AD:E4:D2:C5:4D:A9:AB:78:AF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fh10krjoNfLk4q3k0sVNqat4r4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/M-Cy_fpmbMHqt74W1Qew2WSNKBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/0dee16-7379-434b-94f4-a48c564e8588/1/fh10krjoNfLk4q3k0sVNqat4r4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.58.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b3:bf:9d:26:d0:88:8c:af:43:77:8c:93:78:d6:10:34:20:
11:9a:d5:ed:a3:5d:12:3e:88:5e:ed:c3:57:8d:55:5b:c6:cd:
54:03:e8:91:d1:5d:cf:11:89:8e:6c:56:57:92:33:dc:d9:e6:
4e:77:3a:65:6d:98:90:e6:a5:25:9a:f5:99:cf:1d:b4:03:1c:
0b:6a:bf:26:33:ac:03:d5:97:e9:43:69:71:85:58:2a:9e:5f:
03:12:ca:dc:56:6a:07:61:23:07:34:fd:53:d6:51:09:fa:59:
4a:7f:62:7d:cb:f4:fe:90:26:83:67:0c:a1:ee:ac:dd:a2:24:
4a:3d:8b:65:25:ac:18:29:05:86:08:6f:e0:3e:10:7b:5c:4c:
9c:90:87:be:40:75:b3:10:40:31:c4:9d:53:ac:01:12:bc:d6:
ce:5d:f7:bb:1f:38:a4:a4:f7:46:3e:7e:4c:09:c5:6a:b6:42:
a2:27:d9:59:cd:29:ee:3a:da:4f:bc:61:68:4d:75:66:da:fe:
a8:2c:4b:aa:9b:a9:89:a3:32:81:f4:00:8c:fe:70:da:ae:ce:
12:18:bc:11:64:9d:80:13:3f:10:f8:e5:bf:5e:5c:97:ae:af:
4a:3a:74:22:0b:2f:55:a9:a1:ac:24:cb:a2:50:29:b2:d1:f0:
46:14:fc:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJUJjf6+pTH/5u14VznIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMWQ3NDkyYjhlODM1ZjJlNGUyYWRlNGQyYzU0ZGE5YWI3
OGFmOGMwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2UwYjJmZGZhNjY2Y2MxZWFiN2JlMTZkNTA3YjBkOTY0OGQyODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB0fiWyBrxvPUv2FLesG6b58cOm4
VP6aNSI8TbUn9TvUxzu4ypmYBve5WEauwEnObQMQS7PIwVfiohSf+6f+d0GwVGFE
qdTA0Oq+PyGMYYpQbEWzhH8kLWqvNn8cNTbiWJb8SLMS/7C35k4EcrB+m4dOHi4G
6tr9Q0Bg2bKLMEgOqgVDwVMwMLQQgZmm1G3kmDwj6ku8UfEm077UIQ9aqsWvK/4H
g3vxaY8k9m1ezrkkgUgjoudLd1bWAMV/KLlZl2C7yWqUEc/Soc0L11I1WMTxDnw5
uKuiWnoXzNvvl51kS+eWRRmn3xYYO3gWv7CumtzJCrwSJ30aL09J1xOcEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPgsv36ZmzB6re+FtUHsNlkjSgRMB8GA1UdIwQY
MBaAFH4ddJK46DXy5OKt5NLFTamreK+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmgxMGtyam9OZkxrNHEzazBzVk5xYXQ0cjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wZGVlMTYtNzM3OS00MzRiLTk0ZjQt
YTQ4YzU2NGU4NTg4LzEvTS1DeV9mcG1iTUhxdDc0VzFRZXcyV1NOS0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wZGVlMTYtNzM3OS00MzRiLTk0ZjQtYTQ4YzU2NGU4NTg4
LzEvZmgxMGtyam9OZkxrNHEzazBzVk5xYXQ0cjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9g6MA0G
CSqGSIb3DQEBCwUAA4IBAQBbs7+dJtCIjK9Dd4yTeNYQNCARmtXto10SPohe7cNX
jVVbxs1UA+iR0V3PEYmObFZXkjPc2eZOdzplbZiQ5qUlmvWZzx20AxwLar8mM6wD
1ZfpQ2lxhVgqnl8DEsrcVmoHYSMHNP1T1lEJ+llKf2J9y/T+kCaDZwyh7qzdoiRK
PYtlJawYKQWGCG/gPhB7XEyckIe+QHWzEEAxxJ1TrAESvNbOXfe7HzikpPdGPn5M
CcVqtkKiJ9lZzSnuOtpPvGFoTXVm2v6oLEuqm6mJozKB9ACM/nDars4SGLwRZJ2A
Ez8Q+OW/XlyXrq9KOnQiCy9VqaGsJMuiUCmy0fBGFPzF
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:13 2024 by rpki-client on console-fra.rpki-client.org