Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Mb3R6F5l4dlK7IfR7gHwdwGSO6I.roa
File: Mb3R6F5l4dlK7IfR7gHwdwGSO6I.roa (raw, json)
Hash identifier: vdn5cJiM9oLTm8hpLBwuAxJZ/yTRWuqk2wXv9/qniRs=
Subject key identifier: 31:BD:D1:E8:5E:65:E1:D9:4A:EC:87:D1:EE:01:F0:77:01:92:3B:A2
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01911348BDC2C8F0700B5AFA2CA99043D6E6
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Mb3R6F5l4dlK7IfR7gHwdwGSO6I.roa
Signing time: Fri 02 Aug 2024 13:30:19 +0000
ROA not before: Fri 02 Aug 2024 13:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214424
IP address blocks: 45.129.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:48:bd:c2:c8:f0:70:0b:5a:fa:2c:a9:90:43:d6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Aug 2 13:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31bdd1e85e65e1d94aec87d1ee01f07701923ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f5:4a:33:5c:8e:54:d7:ba:7c:2c:06:3b:77:
66:c0:b6:4f:4c:f9:54:de:e6:7a:e8:2a:3d:d9:73:
db:97:d0:69:77:56:e3:25:d1:12:63:e2:46:8f:14:
34:ed:fa:29:fe:49:d8:43:e2:f0:1a:a3:55:72:de:
4e:b4:2b:e8:16:08:ec:41:11:16:04:19:43:af:3a:
97:ad:5f:fd:76:0b:dd:8c:f6:bf:4c:dc:8e:e5:b1:
fd:c9:56:8b:cd:b2:62:2f:04:e8:db:6a:58:ac:d3:
2c:00:3b:05:73:d1:10:2d:25:ad:50:56:58:6b:0e:
3f:66:00:58:15:13:f2:94:47:87:52:a4:60:07:ff:
b4:4e:4f:12:56:05:4c:81:88:14:af:ed:7b:1c:47:
b9:64:3c:7b:38:54:13:37:f7:e7:95:10:55:ad:31:
10:c1:87:dd:39:ab:ce:9c:f4:a7:3c:ea:28:7f:f5:
fa:f0:0f:28:7a:fd:af:09:c5:26:88:94:9c:f6:55:
51:bd:0a:d1:57:43:2f:42:c5:40:11:1d:53:54:e7:
a4:aa:d2:59:c1:7c:78:95:ca:d9:7f:66:1e:d1:3e:
7c:ce:9a:67:0c:c6:1a:16:6d:2e:3c:5c:00:6a:18:
b7:1e:ea:66:92:37:5e:a9:63:6a:d1:36:36:c4:f8:
8a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BD:D1:E8:5E:65:E1:D9:4A:EC:87:D1:EE:01:F0:77:01:92:3B:A2
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Mb3R6F5l4dlK7IfR7gHwdwGSO6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.170.0/24
Signature Algorithm: sha256WithRSAEncryption
57:6f:44:9b:37:c5:2c:9a:36:7e:aa:ad:6e:83:93:e4:aa:35:
f1:93:6a:26:95:9a:f6:c9:d5:30:88:77:47:b4:3e:d3:40:8f:
0b:ce:c7:b1:2f:f0:20:79:98:b4:62:d3:85:1b:b4:06:d0:6a:
e0:53:5e:e1:f9:e8:36:d2:bd:fd:11:04:94:f6:d2:0b:6c:d4:
fd:ee:c7:10:2f:77:ba:50:b8:89:1b:c2:40:fc:ec:f7:e0:fc:
df:dc:bf:3f:81:2d:ac:df:05:6c:e9:b4:38:c9:fb:55:ef:a2:
ab:99:36:1c:50:33:32:d1:3c:45:cc:2e:29:7f:32:e9:e8:0b:
c4:e6:e4:55:fa:74:58:89:00:ef:ed:63:f3:fe:c4:0d:84:6b:
5c:7b:17:ff:2a:73:46:55:21:f9:d3:34:82:e6:f2:00:c7:5e:
d4:8d:b4:ad:08:17:ea:92:1d:cd:94:73:aa:55:78:02:a6:44:
da:07:cc:bb:6a:03:2e:bf:e7:4f:06:c1:c5:22:b4:01:42:15:
f1:4f:8f:b4:05:3c:ae:cc:61:86:cf:52:79:cd:70:f6:24:60:
f0:69:6d:8a:19:79:44:1d:a2:84:85:fd:dd:46:1a:94:c8:60:
ce:42:2d:fc:f5:0e:6f:04:50:21:7b:f7:f7:41:15:d0:b3:c7:
6b:e5:44:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZETSL3CyPBwC1r6LKmQQ9bmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwODAyMTMzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWJkZDFlODVlNjVlMWQ5NGFlYzg3ZDFlZTAxZjA3NzAxOTIzYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fVKM1yOVNe6fCwGO3dmwLZPTPlU
3uZ66Co92XPbl9Bpd1bjJdESY+JGjxQ07fop/knYQ+LwGqNVct5OtCvoFgjsQREW
BBlDrzqXrV/9dgvdjPa/TNyO5bH9yVaLzbJiLwTo22pYrNMsADsFc9EQLSWtUFZY
aw4/ZgBYFRPylEeHUqRgB/+0Tk8SVgVMgYgUr+17HEe5ZDx7OFQTN/fnlRBVrTEQ
wYfdOavOnPSnPOoof/X68A8oev2vCcUmiJSc9lVRvQrRV0MvQsVAER1TVOekqtJZ
wXx4lcrZf2Ye0T58zppnDMYaFm0uPFwAahi3HupmkjdeqWNq0TY2xPiKbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG90eheZeHZSuyH0e4B8HcBkjuiMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvTWIzUjZGNWw0ZGxLN0lmUjdnSHdkd0dTTzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGqMA0G
CSqGSIb3DQEBCwUAA4IBAQBXb0SbN8UsmjZ+qq1ug5PkqjXxk2omlZr2ydUwiHdH
tD7TQI8LzsexL/AgeZi0YtOFG7QG0GrgU17h+eg20r39EQSU9tILbNT97scQL3e6
ULiJG8JA/Oz34Pzf3L8/gS2s3wVs6bQ4yftV76KrmTYcUDMy0TxFzC4pfzLp6AvE
5uRV+nRYiQDv7WPz/sQNhGtcexf/KnNGVSH50zSC5vIAx17UjbStCBfqkh3NlHOq
VXgCpkTaB8y7agMuv+dPBsHFIrQBQhXxT4+0BTyuzGGGz1J5zXD2JGDwaW2KGXlE
HaKEhf3dRhqUyGDOQi389Q5vBFAhe/f3QRXQs8dr5UR4
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:27 2024 by rpki-client on console-fra.rpki-client.org