Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/MaMIYt08Tc0Dvw5CdW33aL4DYlE.roa
File: MaMIYt08Tc0Dvw5CdW33aL4DYlE.roa (raw, json)
Hash identifier: 1yCq3fhsKBl5S18vVeljQHZ1fPWzPn1J4kkG7WWFZZc=
Subject key identifier: 31:A3:08:62:DD:3C:4D:CD:03:BF:0E:42:75:6D:F7:68:BE:03:62:51
Certificate issuer: /CN=9d5a17271d99cf15b73ecc658673143c28e207ed
Certificate serial: 019465D2A623E121DA5792084AA708B16DFC
Authority key identifier: 9D:5A:17:27:1D:99:CF:15:B7:3E:CC:65:86:73:14:3C:28:E2:07:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/MaMIYt08Tc0Dvw5CdW33aL4DYlE.roa
Signing time: Tue 14 Jan 2025 17:18:11 +0000
ROA not before: Tue 14 Jan 2025 17:18:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 5.179.72.0/21 maxlen: 24
185.14.140.0/22 maxlen: 24
2a01:9540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:d2:a6:23:e1:21:da:57:92:08:4a:a7:08:b1:6d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5a17271d99cf15b73ecc658673143c28e207ed
Validity
Not Before: Jan 14 17:18:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31a30862dd3c4dcd03bf0e42756df768be036251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cf:28:40:f1:5d:d4:15:0c:bf:ae:8d:1a:77:
6c:a1:d2:00:22:d7:d8:5c:16:8c:83:5d:aa:4b:fb:
31:73:52:a5:c5:dc:1c:cb:6d:54:e6:67:61:11:90:
ad:83:05:61:8a:3f:b3:98:e0:57:da:f8:b5:e7:84:
91:d5:18:f5:b1:30:a0:a7:56:63:21:39:55:35:69:
76:48:1b:56:20:26:f9:6c:4f:48:f5:57:f4:b3:09:
4a:8e:32:64:40:c2:52:e5:ff:91:50:da:06:05:86:
ec:ca:4f:09:dd:25:ea:3a:80:af:af:cc:ca:c3:c9:
fd:f7:33:16:c3:9a:d9:4a:a8:ec:7d:df:ea:a1:ee:
2e:11:d6:a2:30:91:d0:7b:84:33:53:40:1f:1e:d6:
0f:a8:40:eb:39:22:f2:0f:1e:f1:3b:c1:73:31:0a:
bb:7e:34:ee:0b:c1:55:f9:de:4f:03:9c:b4:6c:9e:
8e:81:f9:3a:94:a7:c1:ff:de:66:01:cc:83:8f:e0:
23:e4:0c:5e:6a:85:df:f5:6e:c0:5f:99:8d:d9:68:
36:a2:9e:06:aa:da:e0:af:00:ba:af:82:88:ff:5f:
c7:90:cd:a3:e0:17:5d:8f:37:d2:de:7b:0f:f9:26:
ec:ff:f0:1a:13:c4:92:2d:24:4c:a0:fd:65:57:ec:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A3:08:62:DD:3C:4D:CD:03:BF:0E:42:75:6D:F7:68:BE:03:62:51
X509v3 Authority Key Identifier:
keyid:9D:5A:17:27:1D:99:CF:15:B7:3E:CC:65:86:73:14:3C:28:E2:07:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/MaMIYt08Tc0Dvw5CdW33aL4DYlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.72.0/21
185.14.140.0/22
IPv6:
2a01:9540::/32
Signature Algorithm: sha256WithRSAEncryption
88:96:d9:e0:a6:c3:66:0a:06:f1:cd:57:29:06:b7:71:59:41:
d9:dc:50:28:06:59:43:c1:bf:73:e2:4a:11:87:7f:fc:37:09:
3c:0b:0c:04:1b:a5:a6:8e:4d:07:0b:91:39:c8:da:16:47:a3:
a9:ee:3b:e3:bc:3b:89:77:81:fc:2f:2f:1c:0f:d2:de:21:ea:
38:06:ac:3e:98:c1:34:d1:7b:aa:44:e2:74:e5:62:42:c1:39:
1e:50:4a:ce:82:1e:71:78:23:73:74:0a:2e:61:f6:bc:f6:8e:
90:43:3b:0c:95:6a:a9:98:80:2c:89:ed:95:0e:36:4f:9b:ce:
94:22:0a:c3:80:de:e0:6e:49:8a:a6:df:a1:c4:be:98:dd:c5:
ab:dc:76:36:00:5b:30:69:4a:99:f5:96:d0:c9:92:88:98:38:
39:15:14:b9:d5:b4:7f:77:78:4a:9f:ac:8f:c2:06:bc:6d:96:
01:e1:8a:25:03:23:a0:a4:66:4b:ec:93:7c:84:be:8c:e9:23:
95:3c:5b:97:3c:be:01:a9:47:1e:50:2c:dc:8e:11:43:35:5a:
fe:e9:d1:8d:d8:41:ca:c6:62:e7:2d:de:d3:9c:3b:0f:9a:c0:
fd:6a:8b:3f:bd:6b:06:9a:d0:18:8f:86:81:93:9c:7c:27:99:
56:7d:81:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZRl0qYj4SHaV5IISqcIsW38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNWExNzI3MWQ5OWNmMTViNzNlY2M2NTg2NzMxNDNjMjhl
MjA3ZWQwHhcNMjUwMTE0MTcxODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWEzMDg2MmRkM2M0ZGNkMDNiZjBlNDI3NTZkZjc2OGJlMDM2MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc8oQPFd1BUMv66NGndsodIAItfY
XBaMg12qS/sxc1Klxdwcy21U5mdhEZCtgwVhij+zmOBX2vi154SR1Rj1sTCgp1Zj
ITlVNWl2SBtWICb5bE9I9Vf0swlKjjJkQMJS5f+RUNoGBYbsyk8J3SXqOoCvr8zK
w8n99zMWw5rZSqjsfd/qoe4uEdaiMJHQe4QzU0AfHtYPqEDrOSLyDx7xO8FzMQq7
fjTuC8FV+d5PA5y0bJ6Ogfk6lKfB/95mAcyDj+Aj5AxeaoXf9W7AX5mN2Wg2op4G
qtrgrwC6r4KI/1/HkM2j4BddjzfS3nsP+Sbs//AaE8SSLSRMoP1lV+zW1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDGjCGLdPE3NA78OQnVt92i+A2JRMB8GA1UdIwQY
MBaAFJ1aFycdmc8Vtz7MZYZzFDwo4gftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZvWEp4Mlp6eFczUHN4bGhuTVVQQ2ppQi0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My85MDg5NTYtYzVlNi00YTNlLTlmMTct
YTE0Y2EwZWMxYzFhLzEvTWFNSVl0MDhUYzBEdnc1Q2RXMzNhTDREWWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My85MDg5NTYtYzVlNi00YTNlLTlmMTctYTE0Y2EwZWMxYzFh
LzEvblZvWEp4Mlp6eFczUHN4bGhuTVVQQ2ppQi0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBbNIAwQC
uQ6MMA0EAgACMAcDBQAqAZVAMA0GCSqGSIb3DQEBCwUAA4IBAQCIltngpsNmCgbx
zVcpBrdxWUHZ3FAoBllDwb9z4koRh3/8Nwk8CwwEG6Wmjk0HC5E5yNoWR6Op7jvj
vDuJd4H8Ly8cD9LeIeo4Bqw+mME00XuqROJ05WJCwTkeUErOgh5xeCNzdAouYfa8
9o6QQzsMlWqpmIAsie2VDjZPm86UIgrDgN7gbkmKpt+hxL6Y3cWr3HY2AFswaUqZ
9ZbQyZKImDg5FRS51bR/d3hKn6yPwga8bZYB4YolAyOgpGZL7JN8hL6M6SOVPFuX
PL4BqUceUCzcjhFDNVr+6dGN2EHKxmLnLd7TnDsPmsD9aos/vWsGmtAYj4aBk5x8
J5lWfYGU
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:08 2025 by rpki-client