Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/mxlFj0SOFw_NnCEN6ZiE4LeCIDc.roa
File: mxlFj0SOFw_NnCEN6ZiE4LeCIDc.roa (raw, json)
Hash identifier: fo3scyRNnQDxsPF355tG/+Dqav5My3owYDCUM+mhcDU=
Subject key identifier: 9B:19:45:8F:44:8E:17:0F:CD:9C:21:0D:E9:98:84:E0:B7:82:20:37
Certificate issuer: /CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Certificate serial: 018CC79342E5789E1957D5714CFB5E0E3224
Authority key identifier: 3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/mxlFj0SOFw_NnCEN6ZiE4LeCIDc.roa
Signing time: Tue 02 Jan 2024 00:29:25 +0000
ROA not before: Tue 02 Jan 2024 00:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34987
IP address blocks: 185.90.4.0/24 maxlen: 24
185.90.6.0/24 maxlen: 24
185.90.7.0/24 maxlen: 24
185.90.5.0/24 maxlen: 24
2a05:dd00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/O9_XYE36DriuIOkPzxMDk7ioVko.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/O9_XYE36DriuIOkPzxMDk7ioVko.mft
rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:42:e5:78:9e:19:57:d5:71:4c:fb:5e:0e:32:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bdfd7604dfa0eb8ae20e90fcf130393b8a8564a
Validity
Not Before: Jan 2 00:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b19458f448e170fcd9c210de99884e0b7822037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:03:8d:d8:a1:cd:40:c0:38:a1:1d:91:4b:
1e:a1:f3:47:27:3a:68:ce:03:a6:d2:5d:e8:66:77:
e0:30:b8:3c:ff:02:0b:bb:f1:21:c4:bb:1b:ee:36:
47:2f:77:3d:fe:4c:5f:19:55:3b:87:81:f9:a0:a3:
fd:4e:fd:49:22:70:30:4e:b0:e6:6f:46:3d:cc:97:
5f:6a:74:54:45:17:01:e9:35:ee:d1:d0:1b:24:57:
1d:82:93:05:57:d0:10:74:b1:cc:1e:03:d4:1b:54:
b0:78:68:70:6f:a2:d8:0d:98:5f:de:33:5c:26:2d:
d0:06:33:04:d7:23:d8:55:fc:ff:f4:c3:9e:06:ee:
49:16:82:61:34:75:09:e1:b2:d4:79:cc:fc:b0:4e:
68:9a:be:1b:a5:20:e4:89:fd:4a:80:d6:14:b7:75:
26:58:9e:6a:c3:3b:e4:02:c5:9c:1d:6b:a1:a0:a9:
b7:03:5a:5a:fe:ab:4a:71:89:81:41:21:ed:a9:a9:
d6:d4:5c:89:76:f6:58:31:3b:ec:18:6d:95:af:58:
cf:44:37:a0:97:69:14:f0:49:b2:89:fa:1c:be:1e:
60:34:aa:28:97:99:f2:76:8e:0a:d1:c7:bc:5e:13:
96:17:e4:eb:ab:63:5a:34:90:84:45:30:f6:01:6f:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:19:45:8F:44:8E:17:0F:CD:9C:21:0D:E9:98:84:E0:B7:82:20:37
X509v3 Authority Key Identifier:
keyid:3B:DF:D7:60:4D:FA:0E:B8:AE:20:E9:0F:CF:13:03:93:B8:A8:56:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9_XYE36DriuIOkPzxMDk7ioVko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/mxlFj0SOFw_NnCEN6ZiE4LeCIDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8dc2c7-3fc0-446d-807c-ef6c9ead611c/1/O9_XYE36DriuIOkPzxMDk7ioVko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.4.0/22
IPv6:
2a05:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:cb:2c:6d:f9:a2:0a:c2:21:e8:d2:ed:45:48:73:24:11:6b:
aa:fe:f3:2c:8c:c4:32:2f:a6:70:39:4a:72:ac:1e:39:97:2b:
f5:98:f2:be:aa:7d:04:b9:5f:cc:ff:08:5b:28:e0:a6:4b:58:
2e:66:e9:cd:77:ed:50:b5:18:8b:22:b0:e5:f8:c3:90:06:e5:
68:d2:88:67:7b:b4:8a:f8:fd:85:0a:46:27:35:54:41:61:a6:
7f:67:d1:7d:8c:f1:aa:55:c6:83:3f:66:31:97:d4:4e:37:09:
20:4d:43:fc:4e:01:b0:04:84:cc:bd:1f:25:0d:12:99:26:b2:
66:07:de:41:68:70:76:aa:d2:1f:52:1b:7a:3e:67:31:40:34:
ef:11:f1:15:8e:fb:62:41:75:ac:ce:5c:12:e4:e6:c3:93:ad:
2b:97:c9:8d:d8:55:60:13:49:12:bf:36:8d:2e:bf:c2:16:3f:
07:0e:e3:aa:38:f7:5a:29:c1:cc:f4:49:2b:0f:d8:87:39:13:
b6:2a:5c:a2:60:d1:f5:97:87:e9:b2:06:51:d0:1d:55:a3:64:
df:4e:b0:33:4d:92:de:d1:1e:00:08:5e:b7:f5:56:a3:d3:9e:
af:42:49:c6:f5:50:bc:a0:fc:70:91:09:33:de:20:9f:a9:6b:
f6:7e:4f:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk0LleJ4ZV9VxTPteDjIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGZkNzYwNGRmYTBlYjhhZTIwZTkwZmNmMTMwMzkzYjhh
ODU2NGEwHhcNMjQwMTAyMDAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE5NDU4ZjQ0OGUxNzBmY2Q5YzIxMGRlOTk4ODRlMGI3ODIyMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrcDjdihzUDAOKEdkUseofNHJzpo
zgOm0l3oZnfgMLg8/wILu/EhxLsb7jZHL3c9/kxfGVU7h4H5oKP9Tv1JInAwTrDm
b0Y9zJdfanRURRcB6TXu0dAbJFcdgpMFV9AQdLHMHgPUG1SweGhwb6LYDZhf3jNc
Ji3QBjME1yPYVfz/9MOeBu5JFoJhNHUJ4bLUecz8sE5omr4bpSDkif1KgNYUt3Um
WJ5qwzvkAsWcHWuhoKm3A1pa/qtKcYmBQSHtqanW1FyJdvZYMTvsGG2Vr1jPRDeg
l2kU8Emyifocvh5gNKool5nydo4K0ce8XhOWF+Trq2NaNJCERTD2AW/LiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJsZRY9EjhcPzZwhDemYhOC3giA3MB8GA1UdIwQY
MBaAFDvf12BN+g64riDpD88TA5O4qFZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlfWFlFMzZEcml1SU9rUHp4TURrN2lvVmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84ZGMyYzctM2ZjMC00NDZkLTgwN2Mt
ZWY2YzllYWQ2MTFjLzEvbXhsRmowU09Gd19ObkNFTjZaaUU0TGVDSURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84ZGMyYzctM2ZjMC00NDZkLTgwN2MtZWY2YzllYWQ2MTFj
LzEvTzlfWFlFMzZEcml1SU9rUHp4TURrN2lvVmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVoEMA0E
AgACMAcDBQMqBd0AMA0GCSqGSIb3DQEBCwUAA4IBAQCkyyxt+aIKwiHo0u1FSHMk
EWuq/vMsjMQyL6ZwOUpyrB45lyv1mPK+qn0EuV/M/whbKOCmS1guZunNd+1QtRiL
IrDl+MOQBuVo0ohne7SK+P2FCkYnNVRBYaZ/Z9F9jPGqVcaDP2Yxl9RONwkgTUP8
TgGwBITMvR8lDRKZJrJmB95BaHB2qtIfUht6PmcxQDTvEfEVjvtiQXWszlwS5ObD
k60rl8mN2FVgE0kSvzaNLr/CFj8HDuOqOPdaKcHM9EkrD9iHORO2KlyiYNH1l4fp
sgZR0B1Vo2TfTrAzTZLe0R4ACF639Vaj056vQknG9VC8oPxwkQkz3iCfqWv2fk/g
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:19:55 2024 by rpki-client on console-ams.rpki-client.org