Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/mmUPmzv2mbZ_eMSYwLTu3bhgwRA.roa
File: mmUPmzv2mbZ_eMSYwLTu3bhgwRA.roa (raw, json)
Hash identifier: 08HLr65lqcvYq9HeqZ/RoOeX9AiVoSUyQiL9TyPSEDc=
Subject key identifier: 9A:65:0F:9B:3B:F6:99:B6:7F:78:C4:98:C0:B4:EE:DD:B8:60:C1:10
Certificate issuer: /CN=29275327a5e85f3c8c14c984036f493feb59b016
Certificate serial: 018CC3B6C68BE285DB57311A47AC7122149B
Authority key identifier: 29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/mmUPmzv2mbZ_eMSYwLTu3bhgwRA.roa
Signing time: Mon 01 Jan 2024 06:29:44 +0000
ROA not before: Mon 01 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51055
IP address blocks: 194.33.13.0/24 maxlen: 24
185.62.156.0/22 maxlen: 22
46.17.160.0/21 maxlen: 21
193.34.186.0/23 maxlen: 23
2a00:5f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c6:8b:e2:85:db:57:31:1a:47:ac:71:22:14:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29275327a5e85f3c8c14c984036f493feb59b016
Validity
Not Before: Jan 1 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a650f9b3bf699b67f78c498c0b4eeddb860c110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:77:ed:74:7d:ff:ed:21:1c:96:d7:b7:80:
22:1c:31:6c:4a:9f:e6:ae:cb:d7:fc:b1:10:ae:b1:
3e:05:04:09:2f:45:3d:50:55:0d:f4:d5:48:1f:08:
e2:73:65:80:49:ed:26:54:4c:d3:30:63:73:2a:8e:
0f:df:a3:47:f4:2e:3b:32:4b:58:70:f2:39:23:e5:
5d:46:f0:15:3f:5d:27:34:bc:13:e2:36:2e:60:d9:
4f:f1:bc:55:cf:d7:b3:a3:e5:31:fc:eb:c4:48:4a:
7c:e6:16:39:7b:c4:e3:7d:cd:e0:0c:f4:5c:0c:0f:
c5:aa:ab:41:ae:d3:1e:f8:f9:f5:2f:ce:b7:2b:25:
4f:a9:c8:bc:7b:c6:8c:fe:94:de:bc:a6:88:e3:dc:
e2:94:6d:d5:11:0d:ac:57:5f:6e:eb:5c:80:1a:32:
7b:f1:7f:7d:95:0a:d2:93:6d:7e:83:d2:a2:1f:7b:
08:11:d4:e7:9e:2f:5f:72:19:bd:b7:7a:4d:a9:ac:
cc:cb:d9:5d:b8:7c:8c:37:29:ba:44:02:17:dd:70:
63:98:26:da:b4:bd:02:4a:02:71:1a:d4:2b:9d:f6:
62:5d:43:a1:45:de:cd:b0:62:c6:88:7a:47:55:20:
26:22:c0:59:cb:3f:c4:d7:f5:2e:2b:ed:8c:b1:59:
cb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:65:0F:9B:3B:F6:99:B6:7F:78:C4:98:C0:B4:EE:DD:B8:60:C1:10
X509v3 Authority Key Identifier:
keyid:29:27:53:27:A5:E8:5F:3C:8C:14:C9:84:03:6F:49:3F:EB:59:B0:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSdTJ6XoXzyMFMmEA29JP-tZsBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/mmUPmzv2mbZ_eMSYwLTu3bhgwRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a1de44-86a9-4d29-b8e5-166fdd0b1822/1/KSdTJ6XoXzyMFMmEA29JP-tZsBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.160.0/21
185.62.156.0/22
193.34.186.0/23
194.33.13.0/24
IPv6:
2a00:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
d1:8b:7c:9f:1f:77:76:6b:08:28:46:4a:da:0c:1c:55:58:06:
17:86:a3:5e:2a:98:0d:a5:85:90:00:60:35:d5:f4:60:ba:16:
0e:f4:b2:aa:a3:c0:bc:66:f5:f5:97:52:6f:2e:aa:41:c6:08:
58:57:d9:b1:fe:9b:ef:8a:f3:18:d2:5d:3b:03:98:7f:f7:4d:
18:b5:90:00:5a:61:46:cc:6a:1f:7d:9c:ba:1c:16:7c:3b:36:
0e:a3:99:79:da:78:b3:74:a8:d7:30:a5:47:44:32:db:9f:f2:
5d:58:13:4e:b0:bf:12:d1:71:b4:c3:6e:58:52:e4:38:92:b8:
4c:e9:2f:f1:83:7a:bc:56:ed:b7:63:c8:c6:8c:4a:ab:6f:44:
1b:78:b2:08:60:ef:a7:18:30:12:05:c8:93:1b:27:ff:c7:71:
2c:49:2c:1f:c2:be:f7:24:4c:d8:7a:9e:79:00:77:a8:6e:79:
6c:d6:7e:81:b5:67:14:0e:d3:37:32:de:5f:75:f9:74:fb:aa:
56:33:50:ab:f6:af:6c:73:b1:bb:19:0b:57:3d:b9:bf:d2:1f:
64:12:8f:6f:60:f7:45:58:2a:ee:3b:3d:6f:dd:0d:b1:9b:83:
d3:ff:4f:4c:b2:05:f2:ca:96:05:93:27:20:fd:ce:8d:d8:76:
3b:22:17:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtsaL4oXbVzEaR6xxIhSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Mjc1MzI3YTVlODVmM2M4YzE0Yzk4NDAzNmY0OTNmZWI1
OWIwMTYwHhcNMjQwMTAxMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTY1MGY5YjNiZjY5OWI2N2Y3OGM0OThjMGI0ZWVkZGI4NjBjMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApud37XR9/+0hHJbXt4AiHDFsSp/m
rsvX/LEQrrE+BQQJL0U9UFUN9NVIHwjic2WASe0mVEzTMGNzKo4P36NH9C47MktY
cPI5I+VdRvAVP10nNLwT4jYuYNlP8bxVz9ezo+Ux/OvESEp85hY5e8Tjfc3gDPRc
DA/FqqtBrtMe+Pn1L863KyVPqci8e8aM/pTevKaI49zilG3VEQ2sV19u61yAGjJ7
8X99lQrSk21+g9KiH3sIEdTnni9fchm9t3pNqazMy9lduHyMNym6RAIX3XBjmCba
tL0CSgJxGtQrnfZiXUOhRd7NsGLGiHpHVSAmIsBZyz/E1/UuK+2MsVnL4QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJplD5s79pm2f3jEmMC07t24YMEQMB8GA1UdIwQY
MBaAFCknUyel6F88jBTJhANvST/rWbAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUt
MTY2ZmRkMGIxODIyLzEvbW1VUG16djJtYlpfZU1TWXdMVHUzYmhnd1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hMWRlNDQtODZhOS00ZDI5LWI4ZTUtMTY2ZmRkMGIxODIy
LzEvS1NkVEo2WG9YenlNRk1tRUEyOUpQLXRac0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhGgAwQC
uT6cAwQBwSK6AwQAwiENMA0EAgACMAcDBQAqAF8AMA0GCSqGSIb3DQEBCwUAA4IB
AQDRi3yfH3d2awgoRkraDBxVWAYXhqNeKpgNpYWQAGA11fRguhYO9LKqo8C8ZvX1
l1JvLqpBxghYV9mx/pvvivMY0l07A5h/900YtZAAWmFGzGoffZy6HBZ8OzYOo5l5
2nizdKjXMKVHRDLbn/JdWBNOsL8S0XG0w25YUuQ4krhM6S/xg3q8Vu23Y8jGjEqr
b0QbeLIIYO+nGDASBciTGyf/x3EsSSwfwr73JEzYep55AHeobnls1n6BtWcUDtM3
Mt5fdfl0+6pWM1Cr9q9sc7G7GQtXPbm/0h9kEo9vYPdFWCruOz1v3Q2xm4PT/09M
sgXyypYFkycg/c6N2HY7IhcF
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:25 2024 by rpki-client on console-ams.rpki-client.org