Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mwlxg-YbWG5snuvhE--spcn-MJ4.roa
File: mwlxg-YbWG5snuvhE--spcn-MJ4.roa (raw, json)
Hash identifier: fsKjk4B55h+nyZ3vraaPly5S+0a8sjSDk0V5meGvw/Q=
Subject key identifier: 9B:09:71:83:E6:1B:58:6E:6C:9E:EB:E1:13:EF:AC:A5:C9:FE:30:9E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A270E0099B5F91DCAB14C5A56EDE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mwlxg-YbWG5snuvhE--spcn-MJ4.roa
Signing time: Thu 02 Jan 2025 15:47:51 +0000
ROA not before: Thu 02 Jan 2025 15:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60262
IP address blocks: 2a06:6ec0::/29 maxlen: 29
2a0e:6c40::/29 maxlen: 29
2a0e:8780::/29 maxlen: 29
2a0e:a280::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
2a0e:a580::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:be80::/29 maxlen: 29
2a0e:c180::/29 maxlen: 29
2a0e:c740::/29 maxlen: 29
2a0e:ee80::/29 maxlen: 29
2a0f:a40::/29 maxlen: 29
2a0f:fc0::/29 maxlen: 29
2a0f:32c0::/29 maxlen: 29
2a0f:3340::/29 maxlen: 29
2a0f:33c0::/29 maxlen: 29
2a0f:3440::/29 maxlen: 29
2a0f:34c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a2:70:e0:09:9b:5f:91:dc:ab:14:c5:a5:6e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b097183e61b586e6c9eebe113efaca5c9fe309e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:aa:7c:b7:df:c6:eb:46:12:90:69:6a:d3:
b7:cf:cb:41:1f:c1:d5:5b:d6:30:ec:83:30:e7:59:
cd:d3:24:11:16:5d:5e:a1:72:d5:0e:96:7d:81:1e:
55:ea:95:cf:53:38:86:20:cf:97:fb:b6:3e:4b:e7:
1e:45:29:71:54:e0:60:eb:b3:ec:f8:25:4a:fc:34:
99:46:b3:23:1e:3b:f1:1e:d0:8d:5b:b9:fd:96:73:
12:e0:47:02:08:fb:1f:e6:4a:b3:c9:ce:6a:2c:f3:
61:b1:32:ef:1d:e1:8b:7d:7f:6a:d6:8d:1d:7a:41:
dc:1f:33:94:37:94:d1:5a:67:56:d1:62:30:a0:f5:
f7:18:fd:30:1f:81:1e:33:f7:ce:c0:2d:81:ec:66:
67:bc:f4:6b:a5:c0:26:a6:a9:b1:ae:c0:47:e6:7a:
c6:58:18:b2:0f:56:ff:d2:d3:28:48:cc:89:d1:49:
cf:b5:7c:2a:c5:e7:58:50:da:70:0a:ba:70:6d:fc:
74:72:09:75:4e:64:fe:b5:45:4d:5a:35:1d:1e:52:
dd:73:47:06:11:42:4c:c1:6d:f0:4b:39:57:a3:06:
ab:ce:60:a3:67:ae:fb:5e:eb:b0:d2:39:22:50:e8:
b1:83:5e:17:60:07:da:7e:0c:fe:91:86:4e:f3:9a:
f7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:09:71:83:E6:1B:58:6E:6C:9E:EB:E1:13:EF:AC:A5:C9:FE:30:9E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mwlxg-YbWG5snuvhE--spcn-MJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6ec0::/29
2a0e:6c40::/29
2a0e:8780::/29
2a0e:a280::/29
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
2a0e:be80::/29
2a0e:c180::/29
2a0e:c740::/29
2a0e:ee80::/29
2a0f:a40::/29
2a0f:fc0::/29
2a0f:32c0::/29
2a0f:3340::/29
2a0f:33c0::/29
2a0f:3440::/29
2a0f:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:60:cc:ce:66:6b:43:4b:7e:f0:e5:34:3d:ae:4f:af:90:84:
e7:5d:8c:8b:9b:fb:26:0a:46:26:a2:e5:0f:da:d1:59:09:74:
da:1b:48:02:3f:d9:ab:71:1b:9a:28:d4:75:e8:49:8a:0a:d1:
ca:44:11:e6:c7:7a:88:b8:56:3d:10:e2:49:51:20:ba:41:a2:
1a:3b:9d:d4:d7:ba:5b:74:fb:fc:40:5d:db:a3:74:bb:fe:4a:
b1:50:b0:47:98:0a:32:6d:1d:a6:7b:b7:6e:0d:0d:08:a9:57:
a0:0b:87:c2:38:e7:10:50:79:a7:9a:ee:b6:a4:94:f4:f9:ff:
8d:86:2a:4d:e8:7a:79:68:dc:b0:fe:77:32:8d:14:14:23:81:
42:bc:c8:12:6a:10:e5:fe:c6:bf:5f:a9:2f:65:92:a4:67:32:
ae:ea:db:80:00:83:12:f4:17:bb:31:25:16:99:04:92:3b:e4:
4e:f2:01:4b:ce:0b:71:24:2d:37:85:87:b1:10:40:f5:b4:60:
df:54:8f:7d:45:78:82:f7:46:e1:99:a1:04:54:40:f3:94:9a:
15:c0:8e:fe:88:aa:f7:3a:6c:47:23:39:45:50:d6:89:75:99:
62:c6:f2:cd:45:a1:86:e5:a6:1a:5b:11:21:28:6c:08:2a:2a:
b4:ac:e9:da
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQns6Jw4AmbX5HcqxTFpW7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjA5NzE4M2U2MWI1ODZlNmM5ZWViZTExM2VmYWNhNWM5ZmUzMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqCqfLffxutGEpBpatO3z8tBH8HV
W9Yw7IMw51nN0yQRFl1eoXLVDpZ9gR5V6pXPUziGIM+X+7Y+S+ceRSlxVOBg67Ps
+CVK/DSZRrMjHjvxHtCNW7n9lnMS4EcCCPsf5kqzyc5qLPNhsTLvHeGLfX9q1o0d
ekHcHzOUN5TRWmdW0WIwoPX3GP0wH4EeM/fOwC2B7GZnvPRrpcAmpqmxrsBH5nrG
WBiyD1b/0tMoSMyJ0UnPtXwqxedYUNpwCrpwbfx0cgl1TmT+tUVNWjUdHlLdc0cG
EUJMwW3wSzlXowarzmCjZ677Xuuw0jkiUOixg14XYAfafgz+kYZO85r3lQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJsJcYPmG1hubJ7r4RPvrKXJ/jCeMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbXdseGctWWJXRzVzbnV2aEUtLXNwY24tTUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoG
bsADBQMqDmxAAwUDKg6HgAMFAyoOooADBQMqDqPAAwUDKg6lgAMFAyoOusADBQMq
Dr6AAwUDKg7BgAMFAyoOx0ADBQMqDu6AAwUDKg8KQAMFAyoPD8ADBQMqDzLAAwUD
Kg8zQAMFAyoPM8ADBQMqDzRAAwUDKg80wDANBgkqhkiG9w0BAQsFAAOCAQEAO2DM
zmZrQ0t+8OU0Pa5Pr5CE512Mi5v7JgpGJqLlD9rRWQl02htIAj/Zq3EbmijUdehJ
igrRykQR5sd6iLhWPRDiSVEgukGiGjud1Ne6W3T7/EBd26N0u/5KsVCwR5gKMm0d
pnu3bg0NCKlXoAuHwjjnEFB5p5rutqSU9Pn/jYYqTeh6eWjcsP53Mo0UFCOBQrzI
EmoQ5f7Gv1+pL2WSpGcyrurbgACDEvQXuzElFpkEkjvkTvIBS84LcSQtN4WHsRBA
9bRg31SPfUV4gvdG4ZmhBFRA85SaFcCO/oiq9zpsRyM5RVDWiXWZYsbyzUWhhuWm
GlsRIShsCCoqtKzp2g==
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:55:13 2025 by rpki-client