Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/mPNyTRaT6fwcKRG3xpsNRaGUILw.roa
File: mPNyTRaT6fwcKRG3xpsNRaGUILw.roa (raw, json)
Hash identifier: PrlLjvcHpkKyvWP/Jbx+zB2nOjWobPHDKdg9tD8IPa4=
Subject key identifier: 98:F3:72:4D:16:93:E9:FC:1C:29:11:B7:C6:9B:0D:45:A1:94:20:BC
Certificate issuer: /CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Certificate serial: 018CC500DD57987DB8AF8918B59C7C0B5097
Authority key identifier: 03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/mPNyTRaT6fwcKRG3xpsNRaGUILw.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.83.48.0/21 maxlen: 21
153.92.122.0/23 maxlen: 23
153.92.120.0/23 maxlen: 23
5.83.64.0/19 maxlen: 19
5.83.91.0/24 maxlen: 24
185.67.104.0/23 maxlen: 23
212.85.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:dd:57:98:7d:b8:af:89:18:b5:9c:7c:0b:50:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98f3724d1693e9fc1c2911b7c69b0d45a19420bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7d:34:a8:36:49:e2:d4:3f:c9:4f:a5:ed:2a:
23:4b:dd:ec:47:ab:19:72:ba:53:aa:11:4b:2b:99:
45:2c:2c:d5:b0:70:4a:06:2a:db:83:1e:0b:46:ea:
1a:14:40:b7:53:4f:95:88:a2:80:91:57:e7:bf:62:
7f:67:08:63:e3:2f:80:b5:97:85:d4:7f:ec:e1:21:
82:9d:b7:00:0a:ab:ff:9e:9c:2d:30:8b:ac:3d:3a:
87:b1:42:37:f6:1d:5b:33:58:34:88:cd:12:73:4c:
76:58:3c:0d:ec:14:46:ab:5f:5d:76:6f:96:62:6d:
8f:28:44:d7:c9:ed:6a:82:b4:e6:69:bb:be:b2:61:
03:4e:45:c6:35:f7:fa:b0:05:57:16:8a:f8:5a:78:
2f:96:e1:94:4e:e3:94:27:c4:be:0c:b8:a9:c4:f0:
0f:52:34:0e:39:ef:ed:44:18:52:55:08:46:2d:75:
73:9f:55:49:2e:6e:29:06:12:34:f9:f9:7d:31:f4:
cd:49:97:9b:c3:fb:ed:1a:e5:1d:36:51:10:94:97:
b1:70:d1:c9:cc:c0:df:47:48:a1:18:4c:68:b6:6b:
eb:ab:25:96:bd:73:55:75:e0:f7:33:a5:3c:3c:d9:
de:7e:0d:d5:59:b2:33:ae:4a:b2:b0:84:93:7c:e6:
ba:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F3:72:4D:16:93:E9:FC:1C:29:11:B7:C6:9B:0D:45:A1:94:20:BC
X509v3 Authority Key Identifier:
keyid:03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/mPNyTRaT6fwcKRG3xpsNRaGUILw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.48.0/21
5.83.64.0/19
153.92.120.0/22
185.67.104.0/23
212.85.246.0/23
Signature Algorithm: sha256WithRSAEncryption
78:27:8d:00:e9:bb:54:77:ef:1c:aa:ee:1c:81:05:34:04:b5:
61:6b:22:78:07:ba:1b:da:cd:29:f3:7e:ea:93:9b:1d:aa:2d:
af:11:72:ea:c9:06:bb:16:3b:7e:94:37:59:87:9f:26:8f:26:
a9:48:6f:eb:19:3c:51:2f:46:0e:c4:ec:1b:ad:4c:cb:82:dc:
f6:e5:18:82:e9:4d:19:29:c2:4d:97:85:72:aa:50:42:c2:c9:
1f:71:a6:54:20:5d:92:90:ee:45:96:bc:41:0a:8b:d7:3d:46:
f7:80:e7:6f:51:16:56:27:c1:5e:6e:08:44:6f:df:eb:9b:ee:
a4:93:f4:10:b3:d7:6f:aa:bc:41:8c:48:69:93:04:e3:f3:f2:
4a:69:1b:be:86:ea:fa:42:ee:90:d0:12:c3:42:bb:1f:84:94:
7b:0b:02:35:c0:d2:0e:34:b8:60:2a:06:29:45:16:f9:4a:6f:
41:6f:eb:2f:94:01:14:7e:2d:bb:06:97:ed:0e:72:1b:18:4d:
18:08:4f:72:b9:4b:2b:bf:28:7d:23:ed:f6:ca:7c:6a:a3:36:
b2:a8:58:02:0f:a9:5a:64:32:dc:51:de:d3:5e:85:85:f4:e2:
db:75:e2:eb:a2:78:c5:c1:70:d4:b9:de:59:28:92:d0:5f:30:
50:c9:ac:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFAN1XmH24r4kYtZx8C1CXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZTUzZDE4ZjVmMjEyYWUwODAyYTE3ZWU1OTk0YzMzMzFh
NDM1MjQwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGYzNzI0ZDE2OTNlOWZjMWMyOTExYjdjNjliMGQ0NWExOTQyMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj300qDZJ4tQ/yU+l7SojS93sR6sZ
crpTqhFLK5lFLCzVsHBKBirbgx4LRuoaFEC3U0+ViKKAkVfnv2J/Zwhj4y+AtZeF
1H/s4SGCnbcACqv/npwtMIusPTqHsUI39h1bM1g0iM0Sc0x2WDwN7BRGq19ddm+W
Ym2PKETXye1qgrTmabu+smEDTkXGNff6sAVXFor4WngvluGUTuOUJ8S+DLipxPAP
UjQOOe/tRBhSVQhGLXVzn1VJLm4pBhI0+fl9MfTNSZebw/vtGuUdNlEQlJexcNHJ
zMDfR0ihGExotmvrqyWWvXNVdeD3M6U8PNnefg3VWbIzrkqysISTfOa6QwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJjzck0Wk+n8HCkRt8abDUWhlCC8MB8GA1UdIwQY
MBaAFAPlPRj18hKuCAKhfuWZTDMxpDUkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2Qt
MDJiYWI5ZjZmOTU1LzEvbVBOeVRSYVQ2ZndjS1JHM3hwc05SYUdVSUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2QtMDJiYWI5ZjZmOTU1
LzEvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBVMwAwQF
BVNAAwQCmVx4AwQBuUNoAwQB1FX2MA0GCSqGSIb3DQEBCwUAA4IBAQB4J40A6btU
d+8cqu4cgQU0BLVhayJ4B7ob2s0p837qk5sdqi2vEXLqyQa7Fjt+lDdZh58mjyap
SG/rGTxRL0YOxOwbrUzLgtz25RiC6U0ZKcJNl4VyqlBCwskfcaZUIF2SkO5FlrxB
CovXPUb3gOdvURZWJ8FebghEb9/rm+6kk/QQs9dvqrxBjEhpkwTj8/JKaRu+hur6
Qu6Q0BLDQrsfhJR7CwI1wNIONLhgKgYpRRb5Sm9Bb+svlAEUfi27BpftDnIbGE0Y
CE9yuUsrvyh9I+32ynxqozayqFgCD6laZDLcUd7TXoWF9OLbdeLronjFwXDUud5Z
KJLQXzBQyawi
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:27 2024 by rpki-client on console-fra.rpki-client.org