Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/mIgP2u3bL93OYQmQ-1OghcquXRU.roa
File: mIgP2u3bL93OYQmQ-1OghcquXRU.roa (raw, json)
Hash identifier: AUBfATCO2YAU5qRRprWiyGCDW1F3ck/hBRo8gZP24Dc=
Subject key identifier: 98:88:0F:DA:ED:DB:2F:DD:CE:61:09:90:FB:53:A0:85:CA:AE:5D:15
Certificate issuer: /CN=f261df44b346823cce8c6643b5fa6919afb23195
Certificate serial: 01927335168EAD6E260516E66183458B24C7
Authority key identifier: F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/mIgP2u3bL93OYQmQ-1OghcquXRU.roa
Signing time: Wed 09 Oct 2024 21:35:11 +0000
ROA not before: Wed 09 Oct 2024 21:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208337
IP address blocks: 45.143.180.0/24 maxlen: 24
45.143.181.0/24 maxlen: 24
45.143.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/8mHfRLNGgjzOjGZDtfppGa-yMZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/8mHfRLNGgjzOjGZDtfppGa-yMZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:73:35:16:8e:ad:6e:26:05:16:e6:61:83:45:8b:24:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f261df44b346823cce8c6643b5fa6919afb23195
Validity
Not Before: Oct 9 21:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98880fdaeddb2fddce610990fb53a085caae5d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:ae:3a:c7:da:be:3c:d5:ef:15:8b:f4:e2:
1d:5e:f6:b9:b5:c3:de:b9:82:85:ba:af:1a:13:66:
6a:bd:5f:d2:dc:df:4a:ba:0b:46:3d:f0:d2:02:c8:
7f:fb:1e:aa:2d:88:98:fb:b9:11:47:a3:3a:e3:70:
76:ac:c6:66:61:7c:2f:00:90:1d:ea:21:2b:42:10:
c4:7f:d4:f5:15:76:82:86:a2:5d:9b:31:75:f5:4e:
e7:3e:2e:d6:a1:de:38:89:83:b3:e1:da:ed:31:95:
35:33:17:1d:10:10:99:eb:9e:84:48:04:0f:7d:42:
50:e8:45:39:ed:67:90:4d:49:b3:6f:76:19:2e:4b:
92:61:d4:f0:1c:c6:8e:7d:a6:c8:61:4b:2c:57:a2:
b7:5f:0c:3a:e6:9f:ff:c5:dc:6a:79:ca:cf:80:cd:
3e:5d:c0:df:5c:49:10:2e:a5:34:04:38:ce:b1:28:
27:07:1b:f1:96:b4:27:3b:2a:2d:ce:02:8e:9f:aa:
03:ce:a0:80:92:42:99:5b:9f:a7:f2:ce:95:3e:31:
bc:55:61:67:a7:52:19:b9:67:16:ac:11:2a:28:5c:
e5:b0:1f:ce:2f:5e:86:eb:46:25:42:bb:5c:3d:d5:
c8:95:5b:a6:f5:5a:93:33:07:41:e7:cf:5a:b6:3e:
77:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:88:0F:DA:ED:DB:2F:DD:CE:61:09:90:FB:53:A0:85:CA:AE:5D:15
X509v3 Authority Key Identifier:
keyid:F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/mIgP2u3bL93OYQmQ-1OghcquXRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/8mHfRLNGgjzOjGZDtfppGa-yMZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.180.0-45.143.182.255
Signature Algorithm: sha256WithRSAEncryption
d8:93:51:0c:b5:7f:7d:5d:79:f8:3e:6c:e2:f1:66:da:d9:e6:
3c:6a:3f:13:13:f8:d1:49:a6:b6:bc:1c:8e:2d:c9:eb:7c:58:
fe:11:2e:6e:94:4e:8d:37:95:2e:2b:42:a2:fe:f5:02:22:94:
ce:10:20:fd:9c:cb:f1:94:2e:69:eb:68:df:16:ce:0a:36:37:
44:f3:9c:9e:de:f1:55:d5:11:97:ca:26:7c:02:60:7d:d4:22:
d8:04:ba:5f:5a:f3:12:0e:9d:2a:34:f6:24:40:77:8c:3d:ab:
f5:d0:25:a9:1b:d7:2b:b3:f6:a0:e9:15:f2:96:46:21:fe:7a:
3d:6a:76:63:6b:68:29:f1:9f:65:a6:b4:7f:ba:e4:dd:d7:f0:
26:ad:53:13:5b:32:63:48:d0:41:72:a8:f7:9f:19:40:1c:b3:
1a:6f:00:84:da:49:f0:6e:46:60:ac:1a:02:a2:a9:d5:a3:05:
36:b4:bd:b7:67:de:40:9a:c3:f2:b5:93:f1:3f:ad:4a:ce:fe:
d0:04:36:0f:fd:06:05:37:3b:2c:f3:d0:9c:90:57:2e:b1:13:
c6:88:69:ea:47:70:73:bb:0d:0f:10:72:ad:0a:72:c9:d0:33:
8e:ab:e1:77:1c:37:65:b9:f9:b3:36:d9:ad:39:86:7f:3b:47:
76:75:06:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJzNRaOrW4mBRbmYYNFiyTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjFkZjQ0YjM0NjgyM2NjZThjNjY0M2I1ZmE2OTE5YWZi
MjMxOTUwHhcNMjQxMDA5MjEzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg4MGZkYWVkZGIyZmRkY2U2MTA5OTBmYjUzYTA4NWNhYWU1ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwL+uOsfavjzV7xWL9OIdXva5tcPe
uYKFuq8aE2ZqvV/S3N9KugtGPfDSAsh/+x6qLYiY+7kRR6M643B2rMZmYXwvAJAd
6iErQhDEf9T1FXaChqJdmzF19U7nPi7Wod44iYOz4drtMZU1MxcdEBCZ656ESAQP
fUJQ6EU57WeQTUmzb3YZLkuSYdTwHMaOfabIYUssV6K3Xww65p//xdxqecrPgM0+
XcDfXEkQLqU0BDjOsSgnBxvxlrQnOyotzgKOn6oDzqCAkkKZW5+n8s6VPjG8VWFn
p1IZuWcWrBEqKFzlsB/OL16G60YlQrtcPdXIlVum9VqTMwdB589atj53GwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJiID9rt2y/dzmEJkPtToIXKrl0VMB8GA1UdIwQY
MBaAFPJh30SzRoI8zoxmQ7X6aRmvsjGVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMt
NTc1ODYxNTYzNTRlLzEvbUlnUDJ1M2JMOTNPWVFtUS0xT2doY3F1WFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMtNTc1ODYxNTYzNTRl
LzEvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItj7QD
BAAtj7YwDQYJKoZIhvcNAQELBQADggEBANiTUQy1f31defg+bOLxZtrZ5jxqPxMT
+NFJpra8HI4tyet8WP4RLm6UTo03lS4rQqL+9QIilM4QIP2cy/GULmnraN8Wzgo2
N0TznJ7e8VXVEZfKJnwCYH3UItgEul9a8xIOnSo09iRAd4w9q/XQJakb1yuz9qDp
FfKWRiH+ej1qdmNraCnxn2WmtH+65N3X8CatUxNbMmNI0EFyqPefGUAcsxpvAITa
SfBuRmCsGgKiqdWjBTa0vbdn3kCaw/K1k/E/rUrO/tAENg/9BgU3Oyzz0JyQVy6x
E8aIaepHcHO7DQ8Qcq0KcsnQM46r4XccN2W5+bM22a05hn87R3Z1BmY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:22:05 2024 by rpki-client on console-fra.rpki-client.org