Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/mxElmtpgGYqaPfs3nuNo-Sf7IXw.roa
File: mxElmtpgGYqaPfs3nuNo-Sf7IXw.roa (raw, json)
Hash identifier: 0tSgufGG0q9NrQ50pjS622Xpe5FN6jyEJG9WwGsYt28=
Subject key identifier: 9B:11:25:9A:DA:60:19:8A:9A:3D:FB:37:9E:E3:68:F9:27:FB:21:7C
Certificate issuer: /CN=9eee4669fc08a4d4337509110613862b314f1ac7
Certificate serial: 01930B627350196A9ABE7E93E02FFFF72618
Authority key identifier: 9E:EE:46:69:FC:08:A4:D4:33:75:09:11:06:13:86:2B:31:4F:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/mxElmtpgGYqaPfs3nuNo-Sf7IXw.roa
Signing time: Fri 08 Nov 2024 10:47:01 +0000
ROA not before: Fri 08 Nov 2024 10:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
45.10.84.0/22 maxlen: 22
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:62:73:50:19:6a:9a:be:7e:93:e0:2f:ff:f7:26:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eee4669fc08a4d4337509110613862b314f1ac7
Validity
Not Before: Nov 8 10:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b11259ada60198a9a3dfb379ee368f927fb217c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:c2:4a:7b:2a:9a:46:f7:95:f9:55:cb:82:
52:fb:20:6b:e6:3f:e2:fb:3e:6d:0b:cf:09:fb:07:
1d:cb:3e:64:cf:88:e1:a5:7c:0f:d6:87:7a:3c:3b:
c7:b3:ce:6e:31:fa:90:cd:84:81:aa:7d:67:9a:26:
55:c6:16:8b:4b:86:bf:76:9e:6a:69:ce:bd:f1:cd:
d8:8f:08:43:b5:f2:be:6d:3e:35:66:70:f8:bb:ab:
c6:8e:71:f1:12:a9:2a:d6:a6:ab:9b:3b:bf:fe:08:
66:2c:2e:41:07:f5:8a:12:c3:42:3f:52:bf:86:25:
e3:35:e9:f9:70:a6:9d:4e:77:80:f8:ee:7a:a9:23:
33:d5:84:4a:39:09:6e:f4:c4:a2:cc:a8:ae:9c:c2:
39:aa:38:1e:58:67:80:88:0f:66:6d:f0:6e:9c:4e:
21:32:9b:d7:39:d7:82:28:a8:a0:30:85:69:c4:e6:
33:23:67:e9:5d:08:e8:8f:e4:36:04:a1:df:51:14:
28:6b:62:c7:b2:b8:fb:d5:4f:0d:60:c9:81:64:0f:
87:b8:d2:7d:ee:d6:d9:48:bb:e2:4e:d3:8e:97:8b:
2b:d7:d2:9c:40:6a:b0:9b:0f:f7:bc:69:72:89:e6:
0b:f9:18:2d:df:3d:33:e1:b5:13:62:7d:4c:06:58:
5e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:11:25:9A:DA:60:19:8A:9A:3D:FB:37:9E:E3:68:F9:27:FB:21:7C
X509v3 Authority Key Identifier:
keyid:9E:EE:46:69:FC:08:A4:D4:33:75:09:11:06:13:86:2B:31:4F:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nu5GafwIpNQzdQkRBhOGKzFPGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/mxElmtpgGYqaPfs3nuNo-Sf7IXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b9467c-84af-493a-9db9-4dd59c7c6305/1/nu5GafwIpNQzdQkRBhOGKzFPGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
45.10.84.0/22
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
4d:e6:8e:41:db:b4:e4:5b:c1:99:33:e5:9d:c4:c0:98:52:8b:
47:93:18:e9:b9:f9:e7:02:df:3d:9c:87:29:3b:90:58:de:db:
66:65:c0:aa:fa:13:5a:30:19:1c:f7:15:a6:12:9a:90:0f:72:
15:ca:6e:57:62:81:3f:ae:3e:c2:f4:1d:c0:42:05:04:0f:6a:
95:b8:e5:10:17:9f:00:11:72:f6:d4:e7:0d:af:b4:56:88:45:
75:75:39:c7:33:58:c6:13:42:32:eb:29:26:0e:f7:94:43:a3:
75:7b:81:da:d2:59:fb:40:23:fa:d1:3b:3f:a6:92:ce:5a:e9:
c0:ef:42:ba:d4:7d:15:6a:59:fa:2f:0c:eb:d7:b6:82:71:e1:
00:e7:b9:0a:2b:2c:30:26:da:f7:6d:d1:1a:26:44:5a:1e:1a:
40:8d:72:63:83:b2:87:94:00:80:5e:07:de:c3:72:bf:ed:9b:
e9:9a:0b:be:6b:3b:1b:f7:a9:04:ba:8b:0e:42:2e:23:39:b3:
19:fc:9d:fd:0b:2c:8f:79:53:6c:88:ce:2a:17:31:19:85:72:
5e:22:e4:54:e2:18:c7:cd:a6:43:b6:a6:ff:bd:48:3b:e0:d7:
1c:a5:28:1a:3c:94:63:bb:57:c9:53:75:6d:37:57:63:ed:90:
da:81:c3:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMLYnNQGWqavn6T4C//9yYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWU0NjY5ZmMwOGE0ZDQzMzc1MDkxMTA2MTM4NjJiMzE0
ZjFhYzcwHhcNMjQxMTA4MTA0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjExMjU5YWRhNjAxOThhOWEzZGZiMzc5ZWUzNjhmOTI3ZmIyMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLXCSnsqmkb3lflVy4JS+yBr5j/i
+z5tC88J+wcdyz5kz4jhpXwP1od6PDvHs85uMfqQzYSBqn1nmiZVxhaLS4a/dp5q
ac698c3YjwhDtfK+bT41ZnD4u6vGjnHxEqkq1qarmzu//ghmLC5BB/WKEsNCP1K/
hiXjNen5cKadTneA+O56qSMz1YRKOQlu9MSizKiunMI5qjgeWGeAiA9mbfBunE4h
MpvXOdeCKKigMIVpxOYzI2fpXQjoj+Q2BKHfURQoa2LHsrj71U8NYMmBZA+HuNJ9
7tbZSLviTtOOl4sr19KcQGqwmw/3vGlyieYL+Rgt3z0z4bUTYn1MBlheCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJsRJZraYBmKmj37N57jaPkn+yF8MB8GA1UdIwQY
MBaAFJ7uRmn8CKTUM3UJEQYThisxTxrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnU1R2Fmd0lwTlF6ZFFrUkJoT0dLekZQR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iOTQ2N2MtODRhZi00OTNhLTlkYjkt
NGRkNTljN2M2MzA1LzEvbXhFbG10cGdHWXFhUGZzM251Tm8tU2Y3SVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iOTQ2N2MtODRhZi00OTNhLTlkYjktNGRkNTljN2M2MzA1
LzEvbnU1R2Fmd0lwTlF6ZFFrUkJoT0dLekZQR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJcoQAwQC
LQpUAwQCufHIMA0EAgACMAcDBQMqAv8AMA0GCSqGSIb3DQEBCwUAA4IBAQBN5o5B
27TkW8GZM+WdxMCYUotHkxjpufnnAt89nIcpO5BY3ttmZcCq+hNaMBkc9xWmEpqQ
D3IVym5XYoE/rj7C9B3AQgUED2qVuOUQF58AEXL21OcNr7RWiEV1dTnHM1jGE0Iy
6ykmDveUQ6N1e4Ha0ln7QCP60Ts/ppLOWunA70K61H0Valn6Lwzr17aCceEA57kK
KywwJtr3bdEaJkRaHhpAjXJjg7KHlACAXgfew3K/7Zvpmgu+azsb96kEuosOQi4j
ObMZ/J39CyyPeVNsiM4qFzEZhXJeIuRU4hjHzaZDtqb/vUg74NccpSgaPJRju1fJ
U3VtN1dj7ZDagcMK
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:32 2024 by rpki-client on console-fra.rpki-client.org