Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/MdIMbp2-DEeqLqI0xgHXsn3whqA.roa
File: MdIMbp2-DEeqLqI0xgHXsn3whqA.roa (raw, json)
Hash identifier: J6//H74bozWAyEyVZ4vgqyzyXteIZ3lsbl3ji2JmFIM=
Subject key identifier: 31:D2:0C:6E:9D:BE:0C:47:AA:2E:A2:34:C6:01:D7:B2:7D:F0:86:A0
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B393255F41D42FB682656D17677447
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/MdIMbp2-DEeqLqI0xgHXsn3whqA.roa
Signing time: Thu 02 Jan 2025 15:47:47 +0000
ROA not before: Thu 02 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 45.85.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:93:25:5f:41:d4:2f:b6:82:65:6d:17:67:74:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31d20c6e9dbe0c47aa2ea234c601d7b27df086a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a3:ce:cc:1b:9d:c0:28:60:d7:a2:51:b7:1f:
e4:28:ce:3a:ff:e1:48:b8:dc:88:77:de:06:c8:74:
39:83:d9:52:f7:c9:0f:48:7d:6d:a5:b0:79:35:f5:
8f:8f:8e:2b:b7:a4:b5:fb:3a:c6:f0:e0:56:79:99:
b1:7b:fa:3f:69:6e:fa:88:6b:6e:e9:3b:e5:b1:01:
03:ba:aa:7b:41:8c:f8:f7:e3:fb:6c:8d:44:77:8f:
31:43:a0:c0:aa:04:64:60:17:c2:be:35:28:c8:41:
26:50:27:54:11:2e:0c:b6:5c:a4:63:56:5b:a4:97:
e9:d0:12:dd:31:11:18:d7:d4:65:25:46:18:05:27:
9b:c3:f6:72:32:6c:00:2a:22:12:ef:2a:05:2e:fb:
79:c8:59:22:a7:c1:7b:fa:21:c1:fc:32:16:5f:a5:
df:42:b1:1f:bc:30:82:59:e9:d1:33:15:cd:b2:82:
c2:8c:4c:81:1e:de:f5:c7:bb:80:be:89:a6:bc:a0:
ed:58:05:c6:e2:ca:d5:7f:f5:11:5a:ce:90:bf:b4:
8a:dd:70:6c:9b:42:99:33:77:dd:b5:f3:18:59:21:
1d:55:e6:14:6c:a7:a5:e6:64:5d:aa:b1:47:c3:6b:
5a:a5:45:0a:92:4d:e6:55:66:6e:b2:72:d5:8a:1b:
37:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D2:0C:6E:9D:BE:0C:47:AA:2E:A2:34:C6:01:D7:B2:7D:F0:86:A0
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/MdIMbp2-DEeqLqI0xgHXsn3whqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.89.0/24
Signature Algorithm: sha256WithRSAEncryption
93:bc:ea:ef:4e:37:8e:1c:f9:1b:7e:fd:1b:49:52:07:88:5e:
64:c9:35:b3:b1:2f:15:b9:aa:6b:d6:a1:3a:71:c9:a5:fc:d7:
58:22:1e:c6:70:1e:f8:8a:f0:50:d1:2e:84:c2:44:74:ea:e1:
55:0c:bd:4c:08:bc:ee:ce:ae:31:ea:35:a5:46:db:79:4c:09:
89:31:70:c0:0e:23:d9:42:14:29:ec:c8:4c:5f:0f:62:83:82:
2b:47:86:1a:39:87:ab:58:23:18:3f:7a:37:a1:ba:62:77:ce:
39:84:08:44:98:65:46:13:2f:7a:a7:40:e3:e5:b6:03:ff:0f:
fe:7f:26:b7:93:0e:d4:1e:f1:13:8e:a9:77:a8:33:d9:1e:0c:
c4:12:b9:f5:49:68:25:1b:ed:80:59:3b:33:1a:0b:1d:96:ad:
f7:b9:a3:93:f6:35:91:ca:5d:06:37:87:11:63:71:8b:11:e3:
06:1b:5a:68:35:0e:fa:da:fa:45:ba:2c:aa:fb:cf:fb:b3:f6:
a1:32:7d:6d:84:34:f4:86:2f:c1:62:8b:d4:25:2b:9c:56:57:
a0:71:74:f4:63:a5:37:8c:1c:75:b4:a3:88:51:7b:8c:76:a1:
8b:02:54:db:5d:db:e6:00:36:df:91:44:1c:ed:f8:d0:a1:be:
fb:2c:b4:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns5MlX0HUL7aCZW0XZ3RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQyMGM2ZTlkYmUwYzQ3YWEyZWEyMzRjNjAxZDdiMjdkZjA4NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6POzBudwChg16JRtx/kKM46/+FI
uNyId94GyHQ5g9lS98kPSH1tpbB5NfWPj44rt6S1+zrG8OBWeZmxe/o/aW76iGtu
6TvlsQEDuqp7QYz49+P7bI1Ed48xQ6DAqgRkYBfCvjUoyEEmUCdUES4MtlykY1Zb
pJfp0BLdMREY19RlJUYYBSebw/ZyMmwAKiIS7yoFLvt5yFkip8F7+iHB/DIWX6Xf
QrEfvDCCWenRMxXNsoLCjEyBHt71x7uAvommvKDtWAXG4srVf/URWs6Qv7SK3XBs
m0KZM3fdtfMYWSEdVeYUbKel5mRdqrFHw2tapUUKkk3mVWZusnLVihs3AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHSDG6dvgxHqi6iNMYB17J98IagMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvTWRJTWJwMi1ERWVxTHFJMHhnSFhzbjN3aHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVZMA0G
CSqGSIb3DQEBCwUAA4IBAQCTvOrvTjeOHPkbfv0bSVIHiF5kyTWzsS8Vuapr1qE6
ccml/NdYIh7GcB74ivBQ0S6EwkR06uFVDL1MCLzuzq4x6jWlRtt5TAmJMXDADiPZ
QhQp7MhMXw9ig4IrR4YaOYerWCMYP3o3obpid845hAhEmGVGEy96p0Dj5bYD/w/+
fya3kw7UHvETjql3qDPZHgzEErn1SWglG+2AWTszGgsdlq33uaOT9jWRyl0GN4cR
Y3GLEeMGG1poNQ762vpFuiyq+8/7s/ahMn1thDT0hi/BYovUJSucVlegcXT0Y6U3
jBx1tKOIUXuMdqGLAlTbXdvmADbfkUQc7fjQob77LLR5
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:55:19 2025 by rpki-client