Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/mPlpmpbLLGOV1Wmm6ZqVUGS6WDw.roa
File: mPlpmpbLLGOV1Wmm6ZqVUGS6WDw.roa (raw, json)
Hash identifier: e398+licWZpBPKfhotAUnDZ1K8xPaGrXB9DX3j1jpGg=
Subject key identifier: 98:F9:69:9A:96:CB:2C:63:95:D5:69:A6:E9:9A:95:50:64:BA:58:3C
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 018CCA99B2971D44C2A02B9E4BD94B907E3B
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/mPlpmpbLLGOV1Wmm6ZqVUGS6WDw.roa
Signing time: Tue 02 Jan 2024 14:35:19 +0000
ROA not before: Tue 02 Jan 2024 14:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52756
IP address blocks: 149.226.240.0/24 maxlen: 24
149.226.243.0/24 maxlen: 24
149.226.241.0/24 maxlen: 24
149.226.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:b2:97:1d:44:c2:a0:2b:9e:4b:d9:4b:90:7e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Jan 2 14:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98f9699a96cb2c6395d569a6e99a955064ba583c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:57:48:c1:db:81:8f:43:c6:5c:e8:06:de:b4:
d6:7f:33:c2:b6:e7:44:59:0b:8b:6e:85:cc:af:51:
82:23:eb:a9:66:32:f2:04:15:1e:fc:3d:44:a6:ff:
d2:e6:95:55:30:2d:2d:5a:a7:e9:13:cb:4a:a0:05:
62:10:b1:9d:df:bf:be:65:3f:35:48:aa:49:c5:76:
5d:ff:df:44:36:19:41:74:02:8f:da:bd:19:7c:51:
8b:71:55:b8:12:3d:7d:b9:3b:93:31:56:a8:7a:a5:
37:8b:6d:ec:df:ad:b4:01:a7:f8:59:88:ab:41:bc:
5f:e5:dc:38:12:20:28:cd:21:8a:1b:e2:94:67:99:
a1:94:79:7d:3d:59:c1:8e:de:39:74:e3:63:2e:d2:
b3:e4:44:5f:88:eb:96:4b:56:76:f6:e3:54:6d:0f:
62:4a:a0:7c:cd:3c:79:a9:55:24:1d:89:12:dc:b2:
cc:e9:d1:cb:c8:b4:da:33:2a:d7:fa:f0:6f:f9:53:
f5:08:47:b7:61:fc:b9:ae:8a:44:69:b4:b1:5a:28:
85:52:c8:72:d2:7c:a4:60:d2:35:d5:3f:60:68:1c:
43:2a:5c:e2:bb:79:79:0a:fc:95:43:6f:92:2e:f1:
ff:a2:67:59:fb:00:82:96:ad:2e:0e:14:98:5b:5e:
89:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F9:69:9A:96:CB:2C:63:95:D5:69:A6:E9:9A:95:50:64:BA:58:3C
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/mPlpmpbLLGOV1Wmm6ZqVUGS6WDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.226.240.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:46:50:b9:0c:d9:6d:5c:0a:6b:4d:d5:ff:8d:b9:91:57:c3:
e6:57:f2:a7:3f:b0:b2:e9:1b:6b:27:d4:7f:e3:61:40:ce:52:
47:24:7f:70:e1:bd:db:e1:8b:32:75:1a:ba:83:1f:80:a8:0f:
34:8c:0c:43:63:1f:8c:33:95:eb:75:15:5e:fd:e6:c9:0a:81:
c2:7f:55:f8:5e:fd:2b:8c:84:14:a1:2f:1c:85:83:ba:ea:57:
4a:83:af:13:f4:52:3c:b3:1b:78:c3:f9:03:95:94:04:82:17:
6f:50:83:8a:ae:38:df:2a:70:55:43:e0:78:1e:87:7c:00:0c:
b0:b6:9b:08:c3:1f:b4:63:f5:53:3f:29:4e:f1:1a:86:e0:e0:
c9:ee:f7:7d:4e:ca:8b:e0:cc:24:88:e4:4c:cd:04:69:c7:47:
92:1d:65:86:78:64:fc:16:4c:22:51:1b:ad:92:ec:49:0e:a7:
83:4a:ef:18:57:77:54:86:f9:79:0b:a2:1a:b8:9b:49:5c:d0:
c9:32:51:63:cd:5e:16:b0:d5:0d:69:1d:90:36:59:1e:c6:a1:
26:c4:2f:d3:40:a7:ea:a4:57:ab:bc:c2:c7:d5:35:9b:80:d9:
c6:bc:63:d1:c7:cf:00:2c:c9:b6:5d:63:f9:a8:12:4a:a0:62:
8d:03:4c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmbKXHUTCoCueS9lLkH47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjQwMTAyMTQzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY5Njk5YTk2Y2IyYzYzOTVkNTY5YTZlOTlhOTU1MDY0YmE1ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFdIwduBj0PGXOgG3rTWfzPCtudE
WQuLboXMr1GCI+upZjLyBBUe/D1Epv/S5pVVMC0tWqfpE8tKoAViELGd37++ZT81
SKpJxXZd/99ENhlBdAKP2r0ZfFGLcVW4Ej19uTuTMVaoeqU3i23s3620Aaf4WYir
Qbxf5dw4EiAozSGKG+KUZ5mhlHl9PVnBjt45dONjLtKz5ERfiOuWS1Z29uNUbQ9i
SqB8zTx5qVUkHYkS3LLM6dHLyLTaMyrX+vBv+VP1CEe3Yfy5ropEabSxWiiFUshy
0nykYNI11T9gaBxDKlziu3l5CvyVQ2+SLvH/omdZ+wCClq0uDhSYW16J6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJj5aZqWyyxjldVppumalVBkulg8MB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvbVBscG1wYkxMR09WMVdtbTZacVZVR1M2V0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCleLwMA0G
CSqGSIb3DQEBCwUAA4IBAQCqRlC5DNltXAprTdX/jbmRV8PmV/KnP7Cy6RtrJ9R/
42FAzlJHJH9w4b3b4YsydRq6gx+AqA80jAxDYx+MM5XrdRVe/ebJCoHCf1X4Xv0r
jIQUoS8chYO66ldKg68T9FI8sxt4w/kDlZQEghdvUIOKrjjfKnBVQ+B4Hod8AAyw
tpsIwx+0Y/VTPylO8RqG4ODJ7vd9TsqL4MwkiORMzQRpx0eSHWWGeGT8FkwiURut
kuxJDqeDSu8YV3dUhvl5C6IauJtJXNDJMlFjzV4WsNUNaR2QNlkexqEmxC/TQKfq
pFervMLH1TWbgNnGvGPRx88ALMm2XWP5qBJKoGKNA0wV
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:08:13 2024 by rpki-client on console-ams.rpki-client.org