Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/mgnkQPYfCAaXo_1xD3KJigBG04U.roa
File: mgnkQPYfCAaXo_1xD3KJigBG04U.roa (raw, json)
Hash identifier: UAnLhZ555HepM7qFGpXLv4X/Cx7tGXivBReJ/+TqODg=
Subject key identifier: 9A:09:E4:40:F6:1F:08:06:97:A3:FD:71:0F:72:89:8A:00:46:D3:85
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018CD684ABFB2EFA84F365027557F887A801
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/mgnkQPYfCAaXo_1xD3KJigBG04U.roa
Signing time: Thu 04 Jan 2024 22:07:48 +0000
ROA not before: Thu 04 Jan 2024 22:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 88.135.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:84:ab:fb:2e:fa:84:f3:65:02:75:57:f8:87:a8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 4 22:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a09e440f61f080697a3fd710f72898a0046d385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:db:cd:0a:0e:d2:6c:e2:1e:51:0f:63:3e:
f9:8d:39:be:4d:9a:97:9e:13:99:29:1a:91:21:c4:
05:01:5f:cc:80:56:4f:72:43:f8:b7:fb:84:79:8d:
58:da:47:b7:0a:3d:c0:74:44:4d:dd:97:a7:61:d6:
53:42:e0:a0:ca:a8:2a:93:ba:7d:71:fb:cd:a9:93:
49:6c:ea:1c:90:da:44:02:16:0b:ad:8e:c8:85:12:
3e:f9:ea:63:95:de:72:fc:d8:08:52:63:20:56:51:
84:37:3e:af:7c:e2:e2:31:3f:05:07:b0:24:a2:04:
8a:1a:af:3e:96:ce:60:5b:39:a6:87:46:d1:30:13:
9c:f2:a8:a4:72:ee:d2:50:ea:43:ed:c7:68:0e:93:
65:c1:0b:ef:35:b5:54:06:ef:0c:9d:e7:db:72:81:
b9:9a:3e:48:e0:6f:b7:46:0d:be:aa:bd:f5:84:01:
c1:bd:59:13:a9:64:3e:27:f3:ed:c4:9a:c6:e5:2b:
89:e6:38:80:69:cd:16:c9:c4:13:94:c1:ed:6b:3c:
2a:30:2c:5d:16:93:85:8b:34:93:38:35:2f:cc:e4:
24:e7:ec:65:4b:c0:4b:40:47:ce:d6:81:0d:fb:e2:
9a:44:01:b2:c3:c0:e2:99:6e:f9:32:41:c0:02:83:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:09:E4:40:F6:1F:08:06:97:A3:FD:71:0F:72:89:8A:00:46:D3:85
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/mgnkQPYfCAaXo_1xD3KJigBG04U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
Signature Algorithm: sha256WithRSAEncryption
47:4f:40:32:42:09:e7:6d:b4:f2:24:ef:9a:58:0a:f3:bd:c7:
ce:08:59:7d:cd:50:11:78:61:57:f8:f8:5b:91:4c:80:18:07:
18:e1:e1:c2:6e:9c:a4:46:2c:b4:31:c7:9f:c9:a3:c6:51:77:
0a:2f:fe:df:cb:dd:61:6c:cb:c0:9b:35:4a:1a:82:ee:e8:fa:
d0:cb:d0:96:97:2c:18:fa:ce:30:84:9a:d0:74:07:df:74:77:
b6:ac:9c:eb:0c:3a:b1:05:48:ed:21:a3:ea:f1:eb:4d:b6:49:
52:f3:a9:61:d6:b1:72:ab:17:64:eb:dc:0f:65:22:9e:a3:c2:
ac:e4:f0:73:5b:00:d6:68:a5:6b:8e:f9:0c:ce:28:7e:bb:a6:
60:bf:e2:bc:75:4b:67:6f:dd:92:23:7d:63:93:06:01:79:94:
55:3d:a1:0f:ec:00:cc:9a:4d:69:c0:e3:b3:c5:25:7a:3a:7b:
5a:49:9a:f6:c5:25:8d:b8:b9:2a:1a:60:40:01:db:e0:8d:73:
6f:6a:df:cb:23:4a:14:c4:27:47:ca:13:6b:91:31:a5:2a:1d:
f1:1b:07:9d:06:0a:ad:1e:43:59:cd:b6:03:b7:41:6d:7e:7c:
3c:3e:ec:52:66:1a:0f:bf:ad:c6:92:4c:5e:c5:c7:e7:c7:55:
42:18:69:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzWhKv7LvqE82UCdVf4h6gBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTA0MjIwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA5ZTQ0MGY2MWYwODA2OTdhM2ZkNzEwZjcyODk4YTAwNDZkMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHbzQoO0mziHlEPYz75jTm+TZqX
nhOZKRqRIcQFAV/MgFZPckP4t/uEeY1Y2ke3Cj3AdERN3ZenYdZTQuCgyqgqk7p9
cfvNqZNJbOockNpEAhYLrY7IhRI++epjld5y/NgIUmMgVlGENz6vfOLiMT8FB7Ak
ogSKGq8+ls5gWzmmh0bRMBOc8qikcu7SUOpD7cdoDpNlwQvvNbVUBu8MnefbcoG5
mj5I4G+3Rg2+qr31hAHBvVkTqWQ+J/PtxJrG5SuJ5jiAac0WycQTlMHtazwqMCxd
FpOFizSTODUvzOQk5+xlS8BLQEfO1oEN++KaRAGyw8DimW75MkHAAoNEIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoJ5ED2HwgGl6P9cQ9yiYoARtOFMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvbWdua1FQWWZDQWFYb18xeEQzS0ppZ0JHMDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWIdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHT0AyQgnnbbTyJO+aWArzvcfOCFl9zVAReGFX+Phb
kUyAGAcY4eHCbpykRiy0McefyaPGUXcKL/7fy91hbMvAmzVKGoLu6PrQy9CWlywY
+s4whJrQdAffdHe2rJzrDDqxBUjtIaPq8etNtklS86lh1rFyqxdk69wPZSKeo8Ks
5PBzWwDWaKVrjvkMzih+u6Zgv+K8dUtnb92SI31jkwYBeZRVPaEP7ADMmk1pwOOz
xSV6OntaSZr2xSWNuLkqGmBAAdvgjXNvat/LI0oUxCdHyhNrkTGlKh3xGwedBgqt
HkNZzbYDt0Ftfnw8PuxSZhoPv63Gkkxexcfnx1VCGGn/
-----END CERTIFICATE-----
Generated at Sun May 19 20:44:47 2024 by rpki-client on console-fra.rpki-client.org