Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/mfkdipqrxtty5jYXDJZbha9ryBI.roa
File: mfkdipqrxtty5jYXDJZbha9ryBI.roa (raw, json)
Hash identifier: 8O4i6EVtOarr04xYIGpXoe45BYacN0MxLv+m8gSFzWo=
Subject key identifier: 99:F9:1D:8A:9A:AB:C6:DB:72:E6:36:17:0C:96:5B:85:AF:6B:C8:12
Certificate issuer: /CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Certificate serial: 018E437FAFB4158D7A1128AB71E2E1FED054
Authority key identifier: 1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/mfkdipqrxtty5jYXDJZbha9ryBI.roa
Signing time: Fri 15 Mar 2024 19:03:45 +0000
ROA not before: Fri 15 Mar 2024 19:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50264
IP address blocks: 87.251.23.0/24 maxlen: 24
185.165.20.0/24 maxlen: 24
185.165.21.0/24 maxlen: 24
185.165.22.0/24 maxlen: 24
185.165.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:43:7f:af:b4:15:8d:7a:11:28:ab:71:e2:e1:fe:d0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Validity
Not Before: Mar 15 19:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99f91d8a9aabc6db72e636170c965b85af6bc812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:f1:a2:d9:d1:7b:e2:57:89:27:fd:04:be:
ae:76:dc:c0:8b:ea:60:a5:ae:61:0d:4c:95:4a:b9:
05:84:1e:f9:a7:78:c6:7c:33:ab:d9:e1:f4:9f:d4:
6c:18:d9:b2:9f:85:c2:b7:b6:8b:93:8b:7e:e0:83:
d5:99:db:a2:a6:4e:1a:0e:13:66:bd:13:17:70:43:
7c:49:53:94:66:86:19:be:db:f6:5f:a4:01:e8:c1:
41:22:b1:6f:4f:ef:b5:b4:db:bb:25:83:ec:11:c9:
ee:0c:a8:ee:7f:92:8a:66:7c:8e:1c:0d:7b:0b:1d:
16:25:6a:44:7a:0a:81:90:88:d6:38:32:5c:2f:14:
8e:c4:e9:ac:82:3a:6d:3f:5e:ad:bf:dd:78:69:37:
66:1a:ef:14:21:1d:57:ab:e6:ae:ce:76:7b:4c:8d:
f6:ba:04:9a:d8:28:5f:12:08:b2:0a:1f:1d:66:1c:
2a:04:9f:02:d6:e0:b5:fa:57:b1:ef:ce:ce:95:72:
71:e5:25:5a:aa:2f:0e:11:ef:31:b5:c5:ea:ed:63:
c9:69:6f:c9:e8:e6:82:5a:7d:f8:ee:f8:c0:0a:19:
ca:58:66:d9:54:97:4b:c0:0e:87:57:14:6c:20:f0:
31:8f:c2:c4:40:a1:df:5e:6b:0f:bf:8d:38:9e:a0:
0f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F9:1D:8A:9A:AB:C6:DB:72:E6:36:17:0C:96:5B:85:AF:6B:C8:12
X509v3 Authority Key Identifier:
keyid:1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/mfkdipqrxtty5jYXDJZbha9ryBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.23.0/24
185.165.20.0/22
Signature Algorithm: sha256WithRSAEncryption
41:dc:99:18:4d:8d:bf:3d:ea:19:92:04:b7:b5:a9:af:aa:a1:
0a:00:a4:23:36:20:d4:86:2d:e0:ab:eb:98:16:e1:b5:c4:56:
aa:10:23:12:c8:c2:98:44:0a:6f:3d:58:d9:53:ff:05:da:84:
dc:b2:6c:67:e4:b8:99:50:36:b4:39:57:2e:fc:3c:ae:2d:3e:
70:d0:22:22:95:d7:f9:36:e2:7c:df:c9:80:2f:66:4d:06:7f:
df:70:36:b0:f0:44:51:09:b0:96:45:53:1b:a0:80:ca:a7:17:
8f:50:87:a5:5b:1d:f1:1c:7f:d5:dc:51:47:57:34:8a:4b:98:
b2:df:e2:97:45:e3:5f:de:65:fe:8a:2a:88:8e:11:ba:4d:2d:
34:a2:d1:32:ce:12:c9:9e:1a:33:50:86:c2:62:44:36:ac:d4:
9e:f6:0d:ed:aa:f1:7d:49:6d:54:69:85:3b:5a:40:af:99:48:
5a:dc:46:71:f6:e9:f5:6c:46:ef:31:a6:ff:d9:6b:1f:94:5c:
c6:88:7d:2f:16:65:06:17:5c:42:de:34:a1:dd:fe:d9:a8:cb:
1f:b2:cd:80:97:7d:54:6f:7d:6a:7f:5d:51:a9:78:66:29:33:
cc:a8:ed:d0:0b:09:54:85:b6:4c:b4:d8:70:57:14:d6:8f:f2:
24:68:c4:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5Df6+0FY16ESirceLh/tBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDBiMGFhODkyNGMzNzc4ODllM2QzYjk5NjA5M2I4N2E3
M2QwZTEwHhcNMjQwMzE1MTkwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY5MWQ4YTlhYWJjNmRiNzJlNjM2MTcwYzk2NWI4NWFmNmJjODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGzxotnRe+JXiSf9BL6udtzAi+pg
pa5hDUyVSrkFhB75p3jGfDOr2eH0n9RsGNmyn4XCt7aLk4t+4IPVmduipk4aDhNm
vRMXcEN8SVOUZoYZvtv2X6QB6MFBIrFvT++1tNu7JYPsEcnuDKjuf5KKZnyOHA17
Cx0WJWpEegqBkIjWODJcLxSOxOmsgjptP16tv914aTdmGu8UIR1Xq+auznZ7TI32
ugSa2ChfEgiyCh8dZhwqBJ8C1uC1+lex787OlXJx5SVaqi8OEe8xtcXq7WPJaW/J
6OaCWn347vjAChnKWGbZVJdLwA6HVxRsIPAxj8LEQKHfXmsPv404nqAP1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJn5HYqaq8bbcuY2FwyWW4Wva8gSMB8GA1UdIwQY
MBaAFB8AsKqJJMN3iJ49O5lgk7h6c9DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2Zjkt
ZTQwN2U2MDI1YTQzLzEvbWZrZGlwcXJ4dHR5NWpZWERKWmJoYTlyeUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2ZjktZTQwN2U2MDI1YTQz
LzEvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/sXAwQC
uaUUMA0GCSqGSIb3DQEBCwUAA4IBAQBB3JkYTY2/PeoZkgS3tamvqqEKAKQjNiDU
hi3gq+uYFuG1xFaqECMSyMKYRApvPVjZU/8F2oTcsmxn5LiZUDa0OVcu/DyuLT5w
0CIildf5NuJ838mAL2ZNBn/fcDaw8ERRCbCWRVMboIDKpxePUIelWx3xHH/V3FFH
VzSKS5iy3+KXReNf3mX+iiqIjhG6TS00otEyzhLJnhozUIbCYkQ2rNSe9g3tqvF9
SW1UaYU7WkCvmUha3EZx9un1bEbvMab/2WsflFzGiH0vFmUGF1xC3jSh3f7ZqMsf
ss2Al31Ub31qf11RqXhmKTPMqO3QCwlUhbZMtNhwVxTWj/IkaMS2
-----END CERTIFICATE-----
Generated at Wed May 29 03:44:16 2024 by rpki-client on console-ams.rpki-client.org