Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/Mg1E1ZdUgfSWqp-opzyDS2x03rE.roa
File: Mg1E1ZdUgfSWqp-opzyDS2x03rE.roa (raw, json)
Hash identifier: RMjvXfqQW50542hMmz8zp+6TjZIwE9Ot+Fz+VJMhr+4=
Subject key identifier: 32:0D:44:D5:97:54:81:F4:96:AA:9F:A8:A7:3C:83:4B:6C:74:DE:B1
Certificate issuer: /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial: 018FA15A07794BF32E05DE2B561C095371FA
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/Mg1E1ZdUgfSWqp-opzyDS2x03rE.roa
Signing time: Wed 22 May 2024 17:29:42 +0000
ROA not before: Wed 22 May 2024 17:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11185
IP address blocks: 185.69.169.0/24 maxlen: 24
185.69.170.0/24 maxlen: 24
185.69.171.0/24 maxlen: 24
2a05:2241::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:5a:07:79:4b:f3:2e:05:de:2b:56:1c:09:53:71:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
Validity
Not Before: May 22 17:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320d44d5975481f496aa9fa8a73c834b6c74deb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ab:72:0a:12:ce:ce:57:56:5c:0c:e6:23:92:
95:0d:69:65:52:9e:4a:44:8d:d6:ef:15:d7:2b:23:
45:7b:61:2f:c5:42:b0:36:8d:25:16:6f:17:20:a3:
f4:94:f3:f9:6c:29:c2:dd:9e:9c:6a:d3:e3:5d:1a:
24:03:5e:0a:38:42:63:f2:f0:eb:93:cf:75:0f:66:
db:b4:66:c4:0a:bc:0f:9a:2f:d0:0a:1b:4b:c4:86:
22:83:21:b4:35:e7:1d:bf:f4:aa:08:2b:73:4f:23:
67:72:32:ad:80:de:ce:23:d8:d4:6c:61:6d:b9:cb:
39:c1:b2:0b:52:37:87:c8:4c:ea:ea:54:17:0e:61:
e4:fe:b3:9d:0c:71:93:c1:96:61:d0:8e:c9:b2:fe:
78:ad:9d:26:60:20:90:06:43:e4:8e:bc:86:b9:d0:
34:b5:7d:3e:12:01:47:9c:a7:24:1d:7f:d2:85:5b:
ad:ce:99:a1:9d:f7:3b:7f:39:99:65:72:6c:f7:ae:
01:c2:e6:85:5d:c4:5f:90:b7:bc:b3:77:70:65:a8:
20:2f:b6:53:f3:46:9d:91:e2:0a:0e:00:01:30:08:
81:97:06:07:97:6a:e6:a6:e9:ec:2d:bd:3d:56:2f:
76:59:55:a7:4a:0b:e5:0f:ac:91:27:cd:a4:4d:d1:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0D:44:D5:97:54:81:F4:96:AA:9F:A8:A7:3C:83:4B:6C:74:DE:B1
X509v3 Authority Key Identifier:
keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/Mg1E1ZdUgfSWqp-opzyDS2x03rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.169.0-185.69.171.255
IPv6:
2a05:2241::/32
Signature Algorithm: sha256WithRSAEncryption
a9:17:11:7a:82:b6:d4:66:84:4f:c7:df:14:89:d8:27:6e:0d:
b0:0f:16:ac:57:89:b2:6b:14:a9:e5:c5:ce:ae:5b:5f:6a:76:
f9:37:c6:ae:33:6e:ac:df:58:30:39:79:74:db:2e:1a:9e:65:
09:67:05:3a:ef:54:7f:f0:c9:83:e3:ba:41:af:d3:c2:ca:07:
5e:0f:df:8a:69:80:b2:3e:83:e7:26:d9:ee:2b:ac:0d:a5:4f:
ac:63:4c:c1:42:81:8e:00:02:ee:47:dd:e5:21:f3:30:75:29:
3c:61:0d:1b:41:d0:43:3c:fa:97:c1:72:be:f1:dc:a0:18:74:
26:08:12:5d:31:5d:ed:aa:32:88:88:40:87:bb:bd:5d:bb:dc:
53:9a:3b:66:f4:7f:bb:2b:3f:bc:d1:83:83:69:37:f1:b3:b2:
2f:3a:ca:23:d0:04:4e:71:4d:f6:47:38:fb:d8:9a:a3:cf:0a:
c3:1c:88:83:bb:61:2d:cd:4f:c2:44:a9:fc:b4:70:ff:11:34:
52:f2:a1:c2:24:d3:fd:80:62:5c:a1:82:7f:c0:75:8a:e4:4c:
89:1e:c7:01:de:ce:10:31:f6:e0:86:66:10:6c:fe:d3:85:7f:
24:97:8b:58:4f:e2:79:00:bb:bb:fa:24:3b:4e:8b:c5:e2:88:
09:73:5d:57
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY+hWgd5S/MuBd4rVhwJU3H6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MmM4NDJkZmEyYTFlNzE0NzI3YmNjYjk1ZjE2NTM0NzEw
M2YyNzcwHhcNMjQwNTIyMTcyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBkNDRkNTk3NTQ4MWY0OTZhYTlmYThhNzNjODM0YjZjNzRkZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKtyChLOzldWXAzmI5KVDWllUp5K
RI3W7xXXKyNFe2EvxUKwNo0lFm8XIKP0lPP5bCnC3Z6catPjXRokA14KOEJj8vDr
k891D2bbtGbECrwPmi/QChtLxIYigyG0Necdv/SqCCtzTyNncjKtgN7OI9jUbGFt
ucs5wbILUjeHyEzq6lQXDmHk/rOdDHGTwZZh0I7Jsv54rZ0mYCCQBkPkjryGudA0
tX0+EgFHnKckHX/ShVutzpmhnfc7fzmZZXJs964BwuaFXcRfkLe8s3dwZaggL7ZT
80adkeIKDgABMAiBlwYHl2rmpunsLb09Vi92WVWnSgvlD6yRJ82kTdECRQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDINRNWXVIH0lqqfqKc8g0tsdN6xMB8GA1UdIwQY
MBaAFGgshC36Kh5xRye8y5XxZTRxA/J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAt
MDhkNjViMzg2MzlkLzEvTWcxRTFaZFVnZlNXcXAtb3B6eURTMngwM3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAtMDhkNjViMzg2Mzlk
LzEvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5RakD
BAK5RagwDQQCAAIwBwMFACoFIkEwDQYJKoZIhvcNAQELBQADggEBAKkXEXqCttRm
hE/H3xSJ2CduDbAPFqxXibJrFKnlxc6uW19qdvk3xq4zbqzfWDA5eXTbLhqeZQln
BTrvVH/wyYPjukGv08LKB14P34ppgLI+g+cm2e4rrA2lT6xjTMFCgY4AAu5H3eUh
8zB1KTxhDRtB0EM8+pfBcr7x3KAYdCYIEl0xXe2qMoiIQIe7vV273FOaO2b0f7sr
P7zRg4NpN/Gzsi86yiPQBE5xTfZHOPvYmqPPCsMciIO7YS3NT8JEqfy0cP8RNFLy
ocIk0/2AYlyhgn/AdYrkTIkexwHezhAx9uCGZhBs/tOFfySXi1hP4nkAu7v6JDtO
i8XiiAlzXVc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:40 2024 by rpki-client on console-ams.rpki-client.org