Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/mpY3C582JK7lxxN1PJ_nIUylLVI.roa
File: mpY3C582JK7lxxN1PJ_nIUylLVI.roa (raw, json)
Hash identifier: hEKJabPnH4423mfqWpnuBiYIHA1u47ik/BLh++TcT8s=
Subject key identifier: 9A:96:37:0B:9F:36:24:AE:E5:C7:13:75:3C:9F:E7:21:4C:A5:2D:52
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 018F942D8E3E0DA9D7E06E2AC4ECE8C95B78
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/mpY3C582JK7lxxN1PJ_nIUylLVI.roa
Signing time: Mon 20 May 2024 04:06:04 +0000
ROA not before: Mon 20 May 2024 04:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202111
IP address blocks: 46.252.8.0/21 maxlen: 21
46.252.12.0/22 maxlen: 22
2a00:5900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:2d:8e:3e:0d:a9:d7:e0:6e:2a:c4:ec:e8:c9:5b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: May 20 04:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a96370b9f3624aee5c713753c9fe7214ca52d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:74:12:29:73:40:a5:71:84:a8:fe:06:5d:
66:ee:21:f3:1f:d8:39:c8:d1:89:10:78:a3:79:85:
a4:dd:27:41:59:33:4a:16:05:cd:05:04:a7:42:10:
25:0d:c1:3c:ce:52:12:24:24:2c:e4:cc:f0:a8:3f:
db:ac:b9:91:8c:8a:97:11:8a:d0:bb:55:cb:4e:d5:
5c:a4:5b:8a:d1:13:b0:bf:ee:59:27:7b:15:ee:21:
d2:9c:29:fd:ec:a9:c0:d7:b0:18:9b:77:c2:60:85:
a2:82:36:b5:34:a7:dd:74:c1:24:8b:e7:2b:a6:03:
72:35:ee:3e:d8:12:f5:8f:a7:dd:a8:51:f7:35:7c:
39:2e:e9:de:55:f4:cd:c8:86:52:f9:07:45:93:d2:
82:14:a1:29:31:a6:9b:d4:eb:2a:59:6b:d4:53:43:
08:c1:ce:83:a4:9c:fe:1b:3f:07:fa:60:7e:62:18:
7c:39:e0:4b:d9:1d:2b:3b:26:04:b3:68:a3:24:54:
ce:47:78:75:06:1c:96:3d:26:40:5d:17:3c:c0:c6:
6d:7a:7a:3d:fb:31:3c:85:be:ce:58:1a:23:b9:c1:
33:b8:b6:23:35:4a:f9:18:cc:4b:63:7d:9d:92:d6:
8f:4e:f2:af:fa:8a:9e:57:c9:a8:74:8c:23:6e:fa:
d6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:96:37:0B:9F:36:24:AE:E5:C7:13:75:3C:9F:E7:21:4C:A5:2D:52
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/mpY3C582JK7lxxN1PJ_nIUylLVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.8.0/21
IPv6:
2a00:5900::/32
Signature Algorithm: sha256WithRSAEncryption
ab:40:b3:cc:ce:2e:64:09:bb:8e:80:82:00:84:f0:88:df:a9:
fa:5a:a5:80:3a:f9:4f:bf:e5:47:dc:38:ed:96:a6:d4:8a:98:
d8:68:3a:77:48:64:2d:15:50:fd:49:9e:ca:c9:a0:d7:fd:3a:
42:04:30:60:34:c5:5e:51:d2:1d:44:ad:7f:e5:6e:16:3b:b9:
7c:63:a1:6b:9e:89:92:85:10:6f:c7:ce:20:0a:18:80:df:41:
3d:85:ab:94:9e:2f:b0:fd:d5:76:2a:e3:29:0b:25:99:63:2b:
06:bf:eb:0b:f9:4d:e1:77:2e:61:4a:93:0d:dd:f4:1e:99:4d:
24:6d:1c:1b:57:dc:d7:dc:d0:54:d3:1e:ba:59:7a:4e:a3:be:
63:e1:3d:1f:78:3e:61:39:4b:ed:8e:c5:33:fe:53:fe:35:2e:
a2:c7:3b:b1:70:16:d2:89:df:8e:af:15:7b:0e:c5:25:18:d8:
3c:cd:85:20:98:fb:fc:8d:50:bd:a9:4c:a3:cf:f5:dd:c7:ac:
3a:37:99:6b:d1:81:e0:6e:c9:b2:76:5c:af:8e:86:71:37:4a:
28:c6:3d:7c:d9:fc:07:d0:ef:49:6d:7e:34:4d:96:69:1a:06:
be:d4:2f:a1:48:50:c5:ca:b4:98:40:b4:86:5d:99:80:06:31:
ec:d9:0a:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+ULY4+DanX4G4qxOzoyVt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjQwNTIwMDQwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk2MzcwYjlmMzYyNGFlZTVjNzEzNzUzYzlmZTcyMTRjYTUyZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuql0EilzQKVxhKj+Bl1m7iHzH9g5
yNGJEHijeYWk3SdBWTNKFgXNBQSnQhAlDcE8zlISJCQs5MzwqD/brLmRjIqXEYrQ
u1XLTtVcpFuK0ROwv+5ZJ3sV7iHSnCn97KnA17AYm3fCYIWigja1NKfddMEki+cr
pgNyNe4+2BL1j6fdqFH3NXw5LuneVfTNyIZS+QdFk9KCFKEpMaab1OsqWWvUU0MI
wc6DpJz+Gz8H+mB+Yhh8OeBL2R0rOyYEs2ijJFTOR3h1BhyWPSZAXRc8wMZteno9
+zE8hb7OWBojucEzuLYjNUr5GMxLY32dktaPTvKv+oqeV8modIwjbvrWIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJqWNwufNiSu5ccTdTyf5yFMpS1SMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvbXBZM0M1ODJKSzdseHhOMVBKX25JVXlsTFZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvwIMA0E
AgACMAcDBQAqAFkAMA0GCSqGSIb3DQEBCwUAA4IBAQCrQLPMzi5kCbuOgIIAhPCI
36n6WqWAOvlPv+VH3DjtlqbUipjYaDp3SGQtFVD9SZ7KyaDX/TpCBDBgNMVeUdId
RK1/5W4WO7l8Y6FrnomShRBvx84gChiA30E9hauUni+w/dV2KuMpCyWZYysGv+sL
+U3hdy5hSpMN3fQemU0kbRwbV9zX3NBU0x66WXpOo75j4T0feD5hOUvtjsUz/lP+
NS6ixzuxcBbSid+OrxV7DsUlGNg8zYUgmPv8jVC9qUyjz/Xdx6w6N5lr0YHgbsmy
dlyvjoZxN0ooxj182fwH0O9JbX40TZZpGga+1C+hSFDFyrSYQLSGXZmABjHs2Qq1
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:21:04 2024 by rpki-client on console-fra.rpki-client.org