Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MNGoVb_79pqBE4vDcXrwWkSyNoc.roa
File: MNGoVb_79pqBE4vDcXrwWkSyNoc.roa (raw, json)
Hash identifier: gWjTGEKNQdBLwywW5EjfI1dEQLor+B/pGkYy01Z5OlA=
Subject key identifier: 30:D1:A8:55:BF:FB:F6:9A:81:13:8B:C3:71:7A:F0:5A:44:B2:36:87
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018CC3B6861C125669897764A43AD01AA0F1
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MNGoVb_79pqBE4vDcXrwWkSyNoc.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43297
IP address blocks: 95.85.86.0/24 maxlen: 24
95.85.87.0/24 maxlen: 24
79.133.98.0/24 maxlen: 24
185.13.35.0/24 maxlen: 24
185.13.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:86:1c:12:56:69:89:77:64:a4:3a:d0:1a:a0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d1a855bffbf69a81138bc3717af05a44b23687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:15:47:f5:d9:60:d6:9b:2f:00:6e:24:d0:63:
35:fd:a3:6a:d0:f7:3e:45:ab:6d:fd:e5:eb:61:c7:
4c:dc:b5:ef:23:8c:6a:db:d4:25:7b:4a:d8:ab:8e:
03:71:95:1c:e3:fd:d6:57:8b:40:4a:5d:50:7d:e1:
9a:ec:1f:95:fa:c8:82:8c:61:3d:4b:22:1a:c3:bf:
8e:32:60:93:bd:27:73:f4:f1:15:0c:f2:9d:92:86:
a5:e7:f4:5e:a3:44:5e:ca:29:2d:0d:e1:45:01:25:
ac:33:74:d7:e1:2f:b5:7b:4c:43:7e:ff:15:4f:6e:
5f:99:14:22:e0:7c:80:47:49:59:72:36:93:2a:f7:
d0:82:d3:df:66:39:80:eb:5c:99:2c:3f:b5:a2:29:
99:c2:84:0f:8f:db:88:db:24:fb:39:94:b7:e3:18:
c7:6d:62:e2:3a:35:9b:d8:23:c3:09:07:2f:c1:a8:
ea:52:22:fe:3d:20:e1:97:16:07:75:43:e0:94:a1:
4c:62:4f:1c:d8:8d:ce:00:bf:81:1a:a9:9b:dc:6f:
94:2e:51:36:a8:4b:d0:ef:78:36:43:cc:49:9a:10:
73:9a:3a:a7:5d:f4:71:6a:8f:05:ab:c2:df:e5:d3:
8c:59:d1:c8:63:00:aa:dc:96:9d:c4:ec:28:ce:16:
49:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D1:A8:55:BF:FB:F6:9A:81:13:8B:C3:71:7A:F0:5A:44:B2:36:87
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/MNGoVb_79pqBE4vDcXrwWkSyNoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/24
95.85.86.0/23
185.13.32.0/24
185.13.35.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:d0:3c:ef:cb:53:bc:e0:8f:95:21:35:9c:e9:48:8b:28:54:
3a:32:3c:60:7b:83:56:8d:b9:00:01:f6:71:b0:77:aa:1c:e3:
22:08:6b:2d:9f:69:71:27:2c:c1:17:59:b9:55:3f:02:24:2b:
be:0b:72:85:5f:50:c4:57:07:17:17:68:8b:bd:85:55:75:56:
13:79:92:f0:52:31:65:17:50:6f:8e:56:a7:8f:93:eb:56:da:
86:ef:33:5c:58:24:34:c4:71:e9:e4:c1:a8:6e:e2:28:32:68:
91:a2:de:e9:90:23:37:55:05:5a:f5:3c:91:0d:3a:52:10:25:
cb:03:6a:32:a5:f0:60:44:3f:05:e8:ba:7d:29:83:70:cc:1a:
41:cb:16:29:9c:1c:d4:b9:c6:4e:51:5a:e7:94:af:21:68:9c:
74:cb:0a:4d:39:d3:87:44:b5:22:11:fe:c6:58:fe:25:aa:7a:
bd:3e:98:50:29:95:35:b7:09:b2:39:5e:c4:43:aa:94:0f:c8:
cc:11:71:4f:9e:90:9c:18:da:21:11:f4:92:47:ec:94:84:c0:
66:6a:08:56:e8:d9:8d:c2:be:fe:c4:b0:81:ba:b1:b7:a5:3e:
cd:80:77:16:54:d1:f1:13:6b:34:88:62:a7:dc:73:c1:95:37:
27:63:3f:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDtoYcElZpiXdkpDrQGqDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQxYTg1NWJmZmJmNjlhODExMzhiYzM3MTdhZjA1YTQ0YjIzNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohVH9dlg1psvAG4k0GM1/aNq0Pc+
Ratt/eXrYcdM3LXvI4xq29Qle0rYq44DcZUc4/3WV4tASl1QfeGa7B+V+siCjGE9
SyIaw7+OMmCTvSdz9PEVDPKdkoal5/Reo0ReyiktDeFFASWsM3TX4S+1e0xDfv8V
T25fmRQi4HyAR0lZcjaTKvfQgtPfZjmA61yZLD+1oimZwoQPj9uI2yT7OZS34xjH
bWLiOjWb2CPDCQcvwajqUiL+PSDhlxYHdUPglKFMYk8c2I3OAL+BGqmb3G+ULlE2
qEvQ73g2Q8xJmhBzmjqnXfRxao8Fq8Lf5dOMWdHIYwCq3JadxOwozhZJWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDDRqFW/+/aagROLw3F68FpEsjaHMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvTU5Hb1ZiXzc5cHFCRTR2RGNYcndXa1N5Tm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT4ViAwQB
X1VWAwQAuQ0gAwQAuQ0jMA0GCSqGSIb3DQEBCwUAA4IBAQDA0Dzvy1O84I+VITWc
6UiLKFQ6Mjxge4NWjbkAAfZxsHeqHOMiCGstn2lxJyzBF1m5VT8CJCu+C3KFX1DE
VwcXF2iLvYVVdVYTeZLwUjFlF1Bvjlanj5PrVtqG7zNcWCQ0xHHp5MGobuIoMmiR
ot7pkCM3VQVa9TyRDTpSECXLA2oypfBgRD8F6Lp9KYNwzBpByxYpnBzUucZOUVrn
lK8haJx0ywpNOdOHRLUiEf7GWP4lqnq9PphQKZU1twmyOV7EQ6qUD8jMEXFPnpCc
GNohEfSSR+yUhMBmaghW6NmNwr7+xLCBurG3pT7NgHcWVNHxE2s0iGKn3HPBlTcn
Yz8t
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:08:30 2024 by rpki-client on console-ams.rpki-client.org