Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/1-MXZ_45rZqW8fbOEu3pAjmwnybU.roa
File: 1-MXZ_45rZqW8fbOEu3pAjmwnybU.roa (raw, json)
Hash identifier: D5V72LUbLlKACmoXF1YZz0Xb4llwr5TLbmDCXFhcPkY=
Subject key identifier: F8:C5:D9:FF:8E:6B:66:A5:BC:7D:B3:84:BB:7A:40:8E:6C:27:C9:B5
Certificate issuer: /CN=75905949e963d3577be076326ca0b91ff32f9684
Certificate serial: 018CC56ED5C4D581F6C54637D4F60B90E29D
Authority key identifier: 75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/1-MXZ_45rZqW8fbOEu3pAjmwnybU.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.229.146.0/24 maxlen: 24
185.229.147.0/24 maxlen: 24
2a0d:d600::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d5:c4:d5:81:f6:c5:46:37:d4:f6:0b:90:e2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75905949e963d3577be076326ca0b91ff32f9684
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8c5d9ff8e6b66a5bc7db384bb7a408e6c27c9b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d8:f2:36:c1:1b:9d:d1:23:c7:f4:ec:4e:cb:
ce:ad:7e:c0:51:ff:68:35:d5:c2:25:71:01:5b:aa:
72:1b:a4:f5:34:99:1c:d9:4d:72:45:bf:10:0a:fe:
91:af:01:11:c8:cc:95:10:c2:5e:3c:3c:02:64:d0:
e3:a6:60:3e:60:da:cf:8c:bd:6e:63:90:92:bd:8c:
c0:19:2b:2e:e5:2e:63:0d:80:1e:e2:94:61:ba:97:
8d:6f:90:be:96:a0:83:6e:75:16:cb:08:dc:e6:1e:
81:8a:13:20:f4:2b:bc:cf:df:f8:94:3d:66:43:1b:
85:97:7f:77:e2:55:06:59:7e:31:40:0f:62:08:f1:
13:6b:8a:36:88:a3:63:ac:2b:8c:e5:ed:3b:d4:d4:
55:86:b4:75:87:78:f1:0b:64:ce:dd:45:2d:39:e8:
9e:d2:66:24:b9:df:6d:99:e1:a2:11:c1:03:93:87:
dd:5e:e9:79:85:75:ec:a7:2c:0f:bd:60:fc:c8:95:
0e:45:9b:25:8b:e6:54:25:4f:3b:f6:b9:54:4e:2b:
df:b9:36:71:fa:c4:e0:cc:fa:7f:8c:de:dd:ff:b8:
1c:4a:0a:a5:60:4c:c8:22:07:8f:b2:0a:05:d6:bd:
31:61:ce:65:b6:35:57:db:20:67:48:a1:2e:30:00:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C5:D9:FF:8E:6B:66:A5:BC:7D:B3:84:BB:7A:40:8E:6C:27:C9:B5
X509v3 Authority Key Identifier:
keyid:75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/1-MXZ_45rZqW8fbOEu3pAjmwnybU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.146.0/23
IPv6:
2a0d:d600::/32
Signature Algorithm: sha256WithRSAEncryption
83:c7:7f:18:46:e9:f5:1c:f9:7d:be:23:ec:b8:ea:c6:a4:aa:
4f:5f:09:0f:fa:92:f1:0b:86:b3:3d:4f:56:a5:2a:13:3a:8b:
ee:ac:84:66:47:87:d7:69:3b:a7:ab:bc:d1:37:a7:be:ed:08:
cd:35:33:bf:55:0b:30:07:07:e9:64:eb:37:2b:59:d9:a5:f0:
38:33:95:49:62:08:70:35:40:c3:0b:39:2b:cc:43:24:23:3e:
50:a6:24:f2:f6:d7:9a:43:80:e6:de:2d:95:5f:6a:84:a0:b8:
ae:2d:f0:55:3e:fd:c4:34:15:79:7f:51:14:72:24:e1:16:d4:
cd:49:e6:f2:d6:9e:b2:a4:38:34:39:51:11:4b:01:fe:31:67:
03:f9:66:34:da:c8:37:7c:2f:80:79:fd:6c:5f:00:8c:33:01:
30:c2:2f:ac:c5:d0:4c:37:b3:26:a0:64:de:4c:c2:87:a1:56:
4f:22:ee:3e:27:1a:40:81:c3:12:d2:e0:13:8b:5c:a0:25:d2:
33:67:d9:af:7c:0d:d1:7c:4d:4c:7e:03:7e:86:b5:3c:0f:58:
37:34:9b:76:bf:37:3c:ff:d4:a3:04:72:ed:60:90:f6:f8:76:
87:9c:87:0c:8c:25:fb:ef:b4:d3:59:1c:8a:c0:13:39:62:6c:
d5:da:40:04
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFbtXE1YH2xUY31PYLkOKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTA1OTQ5ZTk2M2QzNTc3YmUwNzYzMjZjYTBiOTFmZjMy
Zjk2ODQwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM1ZDlmZjhlNmI2NmE1YmM3ZGIzODRiYjdhNDA4ZTZjMjdjOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9jyNsEbndEjx/TsTsvOrX7AUf9o
NdXCJXEBW6pyG6T1NJkc2U1yRb8QCv6RrwERyMyVEMJePDwCZNDjpmA+YNrPjL1u
Y5CSvYzAGSsu5S5jDYAe4pRhupeNb5C+lqCDbnUWywjc5h6BihMg9Cu8z9/4lD1m
QxuFl3934lUGWX4xQA9iCPETa4o2iKNjrCuM5e071NRVhrR1h3jxC2TO3UUtOeie
0mYkud9tmeGiEcEDk4fdXul5hXXspywPvWD8yJUORZsli+ZUJU879rlUTivfuTZx
+sTgzPp/jN7d/7gcSgqlYEzIIgePsgoF1r0xYc5ltjVX2yBnSKEuMAB/0QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPjF2f+Oa2alvH2zhLt6QI5sJ8m1MB8GA1UdIwQY
MBaAFHWQWUnpY9NXe+B2MmyguR/zL5aEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQt
MWE4MzAxYjdlNmRlLzEvMS1NWFpfNDVyWnFXOGZiT0V1M3BBam13bnliVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvZDYxZjczLWFjMGItNDViYy1hNWE0LTFhODMwMWI3ZTZk
ZS8xL2RaQlpTZWxqMDFkNzRIWXliS0M1SF9NdmxvUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbnlkjAN
BAIAAjAHAwUAKg3WADANBgkqhkiG9w0BAQsFAAOCAQEAg8d/GEbp9Rz5fb4j7Ljq
xqSqT18JD/qS8QuGsz1PVqUqEzqL7qyEZkeH12k7p6u80Tenvu0IzTUzv1ULMAcH
6WTrNytZ2aXwODOVSWIIcDVAwws5K8xDJCM+UKYk8vbXmkOA5t4tlV9qhKC4ri3w
VT79xDQVeX9RFHIk4RbUzUnm8taesqQ4NDlREUsB/jFnA/lmNNrIN3wvgHn9bF8A
jDMBMMIvrMXQTDezJqBk3kzCh6FWTyLuPicaQIHDEtLgE4tcoCXSM2fZr3wN0XxN
TH4Dfoa1PA9YNzSbdr83PP/UowRy7WCQ9vh2h5yHDIwl+++001kcisATOWJs1dpA
BA==
-----END CERTIFICATE-----
Generated at Thu May 2 18:07:07 2024 by rpki-client on console-ams.rpki-client.org