Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MghAPluvx32zcSIwpyI4QqfxfzY.roa
File: MghAPluvx32zcSIwpyI4QqfxfzY.roa (raw, json)
Hash identifier: YcXJNQSyqVmykVkvTqltoOTqXMuNd7RcdFc0ZJm5t7Y=
Subject key identifier: 32:08:40:3E:5B:AF:C7:7D:B3:71:22:30:A7:22:38:42:A7:F1:7F:36
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018E75994E50CCA61D816051C8DAEFF29EEB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MghAPluvx32zcSIwpyI4QqfxfzY.roa
Signing time: Mon 25 Mar 2024 12:32:45 +0000
ROA not before: Mon 25 Mar 2024 12:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.43.166.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.222.191.0/24 maxlen: 24
104.238.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:99:4e:50:cc:a6:1d:81:60:51:c8:da:ef:f2:9e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 25 12:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3208403e5bafc77db3712230a7223842a7f17f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a7:6e:37:7a:26:30:c6:65:4a:bc:f9:b8:d4:
32:f3:c2:0c:e3:73:82:29:7a:fa:1f:4b:7e:8f:8c:
89:f2:dc:3d:d3:8e:f2:8c:06:1c:f1:49:a2:37:30:
a3:79:9e:18:31:db:b6:c4:68:33:d8:12:9d:a6:62:
85:dc:6c:c4:90:2a:07:a9:0f:70:36:e2:8c:34:75:
3e:1b:f6:e5:d4:47:b4:5c:32:66:98:83:9a:02:9d:
26:bb:b2:5b:e4:b4:32:a5:3d:e2:88:63:5a:92:6f:
9e:b0:98:54:ca:80:ea:df:02:08:14:23:32:1b:bd:
c1:cd:97:b2:73:53:f9:8c:90:ca:ec:3e:9f:0b:5e:
0b:68:b9:54:2c:42:ae:ca:9f:e3:d5:52:ac:b0:77:
a5:24:ce:d3:91:8f:c1:31:d9:c0:1b:63:3f:8e:7a:
63:ec:b4:d5:a0:9b:b6:25:6a:fc:8b:ab:15:8e:bc:
3c:0b:c5:38:12:ac:20:4e:18:97:47:76:70:80:97:
1b:3a:12:d3:f6:6d:9c:10:fc:fc:97:e6:70:90:87:
c3:2c:1b:f1:bb:ec:6e:aa:10:84:25:30:ee:22:b9:
a5:1f:53:d4:68:8f:23:72:7e:0a:d1:c3:11:34:8e:
04:ae:be:a7:6b:60:b7:6a:5d:64:08:53:ae:5e:31:
1c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:08:40:3E:5B:AF:C7:7D:B3:71:22:30:A7:22:38:42:A7:F1:7F:36
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MghAPluvx32zcSIwpyI4QqfxfzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.166.0/24
64.137.52.0/23
104.222.191.0/24
104.238.31.0/24
Signature Algorithm: sha256WithRSAEncryption
90:39:4a:67:d9:48:b2:74:6a:d2:ef:dd:5e:4e:fe:fb:77:af:
a6:19:c8:b7:ac:aa:ed:74:77:54:a6:7e:52:51:a8:30:67:5a:
65:e4:df:df:99:13:e2:9e:c9:3d:3a:9b:a6:90:81:50:a6:59:
36:82:3f:d0:8a:74:52:62:40:dc:82:75:7f:b2:4a:4a:09:2e:
20:dd:51:b8:9c:1f:26:a2:ef:7d:f0:fa:de:0a:71:a4:08:0a:
5d:ee:37:fc:74:dd:e4:48:b1:8d:3f:9d:44:58:84:e7:31:31:
58:bb:8b:db:73:f8:4a:a6:38:4b:83:c2:f8:61:db:df:b3:18:
d0:8a:22:c5:95:f1:a8:84:7d:ce:c3:2a:67:2b:76:2c:cf:0c:
91:7e:8d:63:13:c6:c5:7a:1a:22:05:2f:cc:1a:66:e3:ee:71:
5a:b6:61:a8:45:4e:51:96:47:f8:32:bf:0f:10:24:45:20:c9:
db:c7:9a:7d:1d:2e:5a:f1:22:53:da:b2:8c:4e:de:1a:aa:f0:
46:29:ff:92:f3:0f:43:73:ab:fb:42:92:e0:d5:ed:ca:7a:20:
c8:36:8b:86:69:db:cc:ba:16:e7:81:f3:e1:18:e2:da:7e:b1:
37:74:63:03:0c:26:ba:85:bd:68:9f:c8:72:d9:e9:5b:98:7b:
93:c8:6f:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY51mU5QzKYdgWBRyNrv8p7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMzI1MTIzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjA4NDAzZTViYWZjNzdkYjM3MTIyMzBhNzIyMzg0MmE3ZjE3ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKduN3omMMZlSrz5uNQy88IM43OC
KXr6H0t+j4yJ8tw9047yjAYc8UmiNzCjeZ4YMdu2xGgz2BKdpmKF3GzEkCoHqQ9w
NuKMNHU+G/bl1Ee0XDJmmIOaAp0mu7Jb5LQypT3iiGNakm+esJhUyoDq3wIIFCMy
G73BzZeyc1P5jJDK7D6fC14LaLlULEKuyp/j1VKssHelJM7TkY/BMdnAG2M/jnpj
7LTVoJu2JWr8i6sVjrw8C8U4EqwgThiXR3ZwgJcbOhLT9m2cEPz8l+ZwkIfDLBvx
u+xuqhCEJTDuIrmlH1PUaI8jcn4K0cMRNI4Err6na2C3al1kCFOuXjEcsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDIIQD5br8d9s3EiMKciOEKn8X82MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTWdoQVBsdXZ4MzJ6Y1NJd3B5STRRcWZ4ZnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSumAwQB
QIk0AwQAaN6/AwQAaO4fMA0GCSqGSIb3DQEBCwUAA4IBAQCQOUpn2UiydGrS791e
Tv77d6+mGci3rKrtdHdUpn5SUagwZ1pl5N/fmRPinsk9OpumkIFQplk2gj/QinRS
YkDcgnV/skpKCS4g3VG4nB8mou998PreCnGkCApd7jf8dN3kSLGNP51EWITnMTFY
u4vbc/hKpjhLg8L4YdvfsxjQiiLFlfGohH3OwypnK3YszwyRfo1jE8bFehoiBS/M
Gmbj7nFatmGoRU5Rlkf4Mr8PECRFIMnbx5p9HS5a8SJT2rKMTt4aqvBGKf+S8w9D
c6v7QpLg1e3KeiDINouGadvMuhbngfPhGOLafrE3dGMDDCa6hb1on8hy2elbmHuT
yG8q
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:45:14 2024 by rpki-client on console-ams.rpki-client.org