Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Mp6R3ohJjv79V4EtU9S7yJzL9-Q.roa
File: Mp6R3ohJjv79V4EtU9S7yJzL9-Q.roa (raw, json)
Hash identifier: Chxer8Em0qc8WjoOgwRDFPDwC8zMd1IaiAY4aMXSyq0=
Subject key identifier: 32:9E:91:DE:88:49:8E:FE:FD:57:81:2D:53:D4:BB:C8:9C:CB:F7:E4
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A8E605C27413BE4D0C2AFB37675D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Mp6R3ohJjv79V4EtU9S7yJzL9-Q.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200223
IP address blocks: 45.131.60.0/24 maxlen: 24
2a07:e345:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a8:e6:05:c2:74:13:be:4d:0c:2a:fb:37:67:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=329e91de88498efefd57812d53d4bbc89ccbf7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:8a:51:57:ee:07:e9:1b:1a:b0:32:a6:97:
d3:10:81:2f:67:3d:63:95:f3:b1:8a:ee:cf:2e:96:
95:f4:f4:0e:d9:6e:c6:83:3c:82:db:4d:0c:66:76:
7f:a0:f7:f6:4b:b3:d6:8b:d9:72:ca:b6:7b:9e:8b:
b7:96:21:fd:f8:79:ef:7e:ea:bb:94:c5:16:d6:81:
9b:a3:13:f8:ad:c2:a7:6d:6e:be:ec:74:bc:10:26:
4e:44:76:e3:15:29:86:3d:e5:36:a8:eb:f8:34:b7:
53:4d:c3:7c:fb:c1:53:7f:29:5b:5d:cb:ed:38:be:
bd:51:33:e0:00:47:08:c8:42:28:d0:c4:89:e3:43:
9d:29:b1:96:bf:1b:3d:47:5c:71:12:49:2e:5e:95:
55:83:14:52:28:29:91:8b:f2:94:df:75:2c:de:ef:
87:94:e2:08:0d:b9:6f:17:b8:63:a3:61:a6:c1:58:
97:53:04:e8:ad:92:e4:92:a8:3f:fe:0a:a3:ed:e7:
43:78:3e:ce:5f:b6:76:e2:cf:f4:a1:a6:b4:e6:94:
18:76:4f:c2:13:fe:4a:a2:9a:e3:ed:80:e6:d6:f5:
d4:05:81:90:18:3f:30:81:6a:44:13:ba:0a:b9:78:
8a:30:95:75:d6:7d:88:d7:3a:62:a1:df:c0:c1:0a:
a8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9E:91:DE:88:49:8E:FE:FD:57:81:2D:53:D4:BB:C8:9C:CB:F7:E4
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Mp6R3ohJjv79V4EtU9S7yJzL9-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.60.0/24
IPv6:
2a07:e345:2::/48
Signature Algorithm: sha256WithRSAEncryption
60:08:2e:8e:78:ea:a6:9e:7b:f6:02:b9:78:3e:17:55:18:ac:
b8:67:7f:df:12:63:76:0a:c9:96:69:ee:8d:b8:fd:ad:48:23:
0c:85:02:77:dc:d8:d4:49:16:51:86:07:cd:61:22:9b:bb:e1:
7b:a9:f0:91:ad:d2:41:90:86:40:24:14:c8:b5:3c:b8:2e:59:
ff:6d:5a:75:2d:59:1b:ce:59:a2:87:0a:ee:1e:d3:1f:c5:f1:
23:47:5d:dd:5b:5c:b9:e4:e9:1f:04:b3:9e:50:9f:7a:51:31:
b7:84:31:d1:6f:6b:72:9b:d6:b2:ef:82:6f:15:24:56:6d:3a:
6f:2c:3e:61:96:c4:70:c2:f0:84:82:3d:86:4b:f7:58:bd:3b:
fd:75:b2:b3:6c:38:c0:4a:c0:b1:cc:34:a4:f8:f9:7e:8b:aa:
59:36:2f:f7:ce:da:0d:1c:ca:d6:f7:fa:52:03:e2:2c:0f:67:
45:74:ae:dd:df:20:fa:f2:62:d6:90:00:bf:70:58:58:5b:de:
53:e5:93:2c:8f:81:14:42:c2:09:f2:85:50:66:b0:97:ac:74:
6c:24:95:b1:51:f5:51:59:59:8d:8e:7a:d7:2a:3e:06:36:0e:
3d:37:94:b0:ed:c0:ff:16:67:e8:67:e5:33:4c:9f:e6:91:aa:
23:71:f4:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQns6jmBcJ0E75NDCr7N2ddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjllOTFkZTg4NDk4ZWZlZmQ1NzgxMmQ1M2Q0YmJjODljY2JmN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhGKUVfuB+kbGrAyppfTEIEvZz1j
lfOxiu7PLpaV9PQO2W7GgzyC200MZnZ/oPf2S7PWi9lyyrZ7nou3liH9+Hnvfuq7
lMUW1oGboxP4rcKnbW6+7HS8ECZORHbjFSmGPeU2qOv4NLdTTcN8+8FTfylbXcvt
OL69UTPgAEcIyEIo0MSJ40OdKbGWvxs9R1xxEkkuXpVVgxRSKCmRi/KU33Us3u+H
lOIIDblvF7hjo2GmwViXUwTorZLkkqg//gqj7edDeD7OX7Z24s/0oaa05pQYdk/C
E/5Koprj7YDm1vXUBYGQGD8wgWpEE7oKuXiKMJV11n2I1zpiod/AwQqoRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDKekd6ISY7+/VeBLVPUu8icy/fkMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvTXA2UjNvaEpqdjc5VjRFdFU5Uzd5SnpMOS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYM8MA8E
AgACMAkDBwAqB+NFAAIwDQYJKoZIhvcNAQELBQADggEBAGAILo546qaee/YCuXg+
F1UYrLhnf98SY3YKyZZp7o24/a1IIwyFAnfc2NRJFlGGB81hIpu74Xup8JGt0kGQ
hkAkFMi1PLguWf9tWnUtWRvOWaKHCu4e0x/F8SNHXd1bXLnk6R8Es55Qn3pRMbeE
MdFva3Kb1rLvgm8VJFZtOm8sPmGWxHDC8ISCPYZL91i9O/11srNsOMBKwLHMNKT4
+X6Lqlk2L/fO2g0cytb3+lID4iwPZ0V0rt3fIPryYtaQAL9wWFhb3lPlkyyPgRRC
wgnyhVBmsJesdGwklbFR9VFZWY2OetcqPgY2Dj03lLDtwP8WZ+hn5TNMn+aRqiNx
9Ls=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:40:37 2025 by rpki-client