Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/A131XIjFLbU49iZ4ww_MTLHIh0U.roa
File: A131XIjFLbU49iZ4ww_MTLHIh0U.roa (raw, json)
Hash identifier: hL7i+Rwr0AWi5WumBBGhVEXP1cRXeDNUsGWzFDcl53A=
Subject key identifier: 03:5D:F5:5C:88:C5:2D:B5:38:F6:26:78:C3:0F:CC:4C:B1:C8:87:45
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 01920EBAFE5F38A66E9DC21AAEB015BFAEC2
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/A131XIjFLbU49iZ4ww_MTLHIh0U.roa
Signing time: Fri 20 Sep 2024 09:19:48 +0000
ROA not before: Fri 20 Sep 2024 09:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56958
IP address blocks: 45.130.18.0/23 maxlen: 24
178.211.133.0/24 maxlen: 24
201.46.112.0/23 maxlen: 24
2a12:d280::/31 maxlen: 31
2a12:d282::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:ba:fe:5f:38:a6:6e:9d:c2:1a:ae:b0:15:bf:ae:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Sep 20 09:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=035df55c88c52db538f62678c30fcc4cb1c88745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0f:4a:7f:e2:cc:89:e7:bd:33:90:b4:1e:89:
cf:6a:4e:24:9e:3a:63:74:32:0d:e9:58:6e:9c:ad:
fe:6a:95:2f:7e:69:f1:a1:d8:95:3b:39:b3:19:62:
15:3a:04:15:d0:e9:da:b9:92:e1:88:3e:9d:66:32:
5e:f9:b6:e5:d4:5a:9b:9c:9c:76:69:67:a6:ac:81:
c4:b6:28:24:fa:a6:d7:4d:04:6a:83:7f:10:46:d9:
3c:3b:7a:b8:95:c1:8b:2e:ba:b2:f8:1a:6f:5a:66:
9a:09:87:bd:0a:78:d5:57:f5:b6:7e:18:ac:c4:97:
21:43:50:4e:f8:bd:b4:8b:7f:39:c2:86:61:de:55:
33:23:ee:0b:41:83:2e:f9:6c:dc:4c:42:0f:20:bb:
c5:b1:53:33:23:72:73:7f:b8:41:a9:7c:4f:1e:b8:
81:eb:4b:98:de:6f:d8:33:88:12:6c:44:38:2f:b1:
bd:37:4b:60:57:d8:99:88:c9:3d:5b:67:a1:a9:7f:
4d:69:6b:45:bd:7e:c9:e4:4a:86:b9:65:a1:cc:23:
16:8a:b1:f3:b5:e7:5e:1f:a7:81:c6:f9:a4:d1:03:
9b:a5:76:ca:9f:d9:9c:d5:56:f0:36:9c:ec:b1:38:
83:8e:95:36:51:40:7e:84:d8:02:fd:8c:98:ec:3a:
32:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5D:F5:5C:88:C5:2D:B5:38:F6:26:78:C3:0F:CC:4C:B1:C8:87:45
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/A131XIjFLbU49iZ4ww_MTLHIh0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.18.0/23
178.211.133.0/24
201.46.112.0/23
IPv6:
2a12:d280::/30
Signature Algorithm: sha256WithRSAEncryption
58:e1:9e:2d:4a:d3:81:43:6c:f3:03:52:a4:c6:cf:a3:e9:05:
f4:2b:73:c4:72:69:e8:00:9d:b0:5f:0a:33:61:34:ee:4f:c7:
b0:76:a2:9a:04:70:20:34:b0:44:f8:6c:7b:75:e3:e1:f7:e5:
42:38:72:9d:61:4d:ca:77:ef:5b:f6:19:af:47:48:97:21:86:
8a:5e:8e:53:1f:a0:d3:55:0c:c2:f8:e4:ff:26:49:4e:d9:7f:
e8:96:4c:5c:dc:ca:d3:ca:02:6c:4b:fa:26:c6:f8:3c:17:b7:
1b:b2:bd:07:3f:a1:c3:d6:8d:31:18:c5:ab:94:5a:39:47:be:
fc:5a:10:2c:c9:83:97:5a:40:fa:2c:cd:b8:e9:83:36:cd:1c:
b0:11:29:1e:a8:65:de:8e:de:2d:8f:a9:52:b8:d7:93:f2:ef:
3a:a8:8e:2f:79:2f:ba:ad:d0:d2:49:a1:be:9d:be:c9:70:13:
92:6d:94:7d:3b:54:02:2a:53:3d:58:cb:eb:c4:7f:54:6e:b7:
5c:ed:a6:87:13:c8:4c:3e:87:a2:48:30:cc:53:97:1d:80:1a:
2d:d7:ae:b9:e8:17:64:02:b4:a2:43:17:dc:35:da:8e:95:b3:
a5:96:43:2e:aa:2c:4a:db:88:6c:15:16:24:d1:1e:dc:35:5b:
52:0a:66:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZIOuv5fOKZuncIarrAVv67CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjQwOTIwMDkxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVkZjU1Yzg4YzUyZGI1MzhmNjI2NzhjMzBmY2M0Y2IxYzg4NzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog9Kf+LMiee9M5C0HonPak4knjpj
dDIN6VhunK3+apUvfmnxodiVOzmzGWIVOgQV0OnauZLhiD6dZjJe+bbl1FqbnJx2
aWemrIHEtigk+qbXTQRqg38QRtk8O3q4lcGLLrqy+BpvWmaaCYe9CnjVV/W2fhis
xJchQ1BO+L20i385woZh3lUzI+4LQYMu+WzcTEIPILvFsVMzI3Jzf7hBqXxPHriB
60uY3m/YM4gSbEQ4L7G9N0tgV9iZiMk9W2ehqX9NaWtFvX7J5EqGuWWhzCMWirHz
tedeH6eBxvmk0QObpXbKn9mc1VbwNpzssTiDjpU2UUB+hNgC/YyY7DoymwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFANd9VyIxS21OPYmeMMPzEyxyIdFMB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvQTEzMVhJakZMYlU0OWlaNHd3X01UTEhJaDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLYISAwQA
stOFAwQByS5wMA0EAgACMAcDBQIqEtKAMA0GCSqGSIb3DQEBCwUAA4IBAQBY4Z4t
StOBQ2zzA1Kkxs+j6QX0K3PEcmnoAJ2wXwozYTTuT8ewdqKaBHAgNLBE+Gx7dePh
9+VCOHKdYU3Kd+9b9hmvR0iXIYaKXo5TH6DTVQzC+OT/JklO2X/olkxc3MrTygJs
S/omxvg8F7cbsr0HP6HD1o0xGMWrlFo5R778WhAsyYOXWkD6LM246YM2zRywESke
qGXejt4tj6lSuNeT8u86qI4veS+6rdDSSaG+nb7JcBOSbZR9O1QCKlM9WMvrxH9U
brdc7aaHE8hMPoeiSDDMU5cdgBot16656BdkArSiQxfcNdqOlbOllkMuqixK24hs
FRYk0R7cNVtSCmby
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:32:04 2024 by rpki-client on console-ams.rpki-client.org