Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/Mlf_PecUVHK1vvNW7HZijtWK0XQ.roa
File: Mlf_PecUVHK1vvNW7HZijtWK0XQ.roa (raw, json)
Hash identifier: KKuxSXLf7Ozcjmrx74aZhMNS/8zyxS4jSDVE120/Frk=
Subject key identifier: 32:57:FF:3D:E7:14:54:72:B5:BE:F3:56:EC:76:62:8E:D5:8A:D1:74
Certificate issuer: /CN=4510c69bed03465bff8af9d71a6ae9b183b7c24d
Certificate serial: 018CC8013BF88EE75BD52DF5733B52C4206E
Authority key identifier: 45:10:C6:9B:ED:03:46:5B:FF:8A:F9:D7:1A:6A:E9:B1:83:B7:C2:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRDGm-0DRlv_ivnXGmrpsYO3wk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/Mlf_PecUVHK1vvNW7HZijtWK0XQ.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3215
IP address blocks: 185.217.245.0/24 maxlen: 24
185.217.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/RRDGm-0DRlv_ivnXGmrpsYO3wk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/RRDGm-0DRlv_ivnXGmrpsYO3wk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/RRDGm-0DRlv_ivnXGmrpsYO3wk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:03:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3b:f8:8e:e7:5b:d5:2d:f5:73:3b:52:c4:20:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4510c69bed03465bff8af9d71a6ae9b183b7c24d
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3257ff3de7145472b5bef356ec76628ed58ad174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:88:e9:9e:bd:5b:e5:39:33:4b:0c:1f:c2:2a:
74:f1:1e:56:9c:fe:f8:a2:01:6c:8f:98:ee:ac:6d:
49:96:83:43:86:e0:98:54:30:bd:de:f7:77:54:6b:
c1:00:81:59:f7:e8:67:09:f4:c2:76:03:1f:48:b9:
c8:e6:71:4e:9c:e1:97:e6:54:79:bb:01:0f:c3:20:
23:c7:8d:05:91:de:6e:32:91:dd:5e:01:99:ea:4d:
0b:c1:7a:13:d7:6f:5a:56:58:1c:ef:ce:09:79:8f:
32:ed:95:8e:40:22:d2:b1:b2:0a:72:04:eb:b2:3d:
d9:65:8e:ad:07:ef:11:e3:ab:7e:96:75:d6:48:3e:
f0:d6:61:3f:7f:91:de:ca:93:51:e4:fd:7a:05:c8:
56:96:fc:54:46:80:8e:0e:eb:08:ec:10:f3:86:ca:
89:d3:c9:28:05:3f:7e:61:a5:45:80:ad:9c:80:76:
34:e7:d2:3e:4d:94:0a:38:f2:e8:32:04:61:60:85:
8f:26:c9:36:25:70:2f:2a:c6:f1:1e:5d:15:8d:dd:
c0:cb:91:19:b4:21:48:5c:02:7f:ef:d5:5a:58:ea:
78:4c:47:e7:e2:71:d9:f3:a1:df:8a:4c:59:e1:36:
8f:04:6c:d2:3d:95:ad:a8:0b:a1:1f:08:5d:d8:64:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:57:FF:3D:E7:14:54:72:B5:BE:F3:56:EC:76:62:8E:D5:8A:D1:74
X509v3 Authority Key Identifier:
keyid:45:10:C6:9B:ED:03:46:5B:FF:8A:F9:D7:1A:6A:E9:B1:83:B7:C2:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRDGm-0DRlv_ivnXGmrpsYO3wk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/Mlf_PecUVHK1vvNW7HZijtWK0XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/09c865-ac9c-4913-9cce-e1fd0b1f0efd/1/RRDGm-0DRlv_ivnXGmrpsYO3wk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.244.0/23
Signature Algorithm: sha256WithRSAEncryption
29:69:80:db:20:51:1b:9b:96:fd:e4:09:a2:a8:a7:61:49:95:
50:c3:6b:26:08:2a:d1:8c:2b:d9:23:b9:61:8a:0f:5b:c5:10:
1f:34:ac:78:96:2a:8b:ed:eb:16:69:4a:97:e3:be:79:8d:d0:
e2:a6:5d:2a:64:5e:e8:23:50:a8:20:90:14:71:40:1e:d5:74:
e3:7c:9d:4c:0e:fc:70:2c:e6:c3:3c:02:bd:f3:ec:eb:28:87:
0c:5e:e3:e5:89:82:ac:17:11:0e:6b:cb:a4:13:28:dd:e0:17:
32:e1:52:26:c1:e2:b9:06:c3:4d:06:3a:47:fe:e3:44:e2:fc:
99:36:50:62:d8:8d:65:99:88:50:d2:ca:80:38:f8:23:dd:64:
0d:26:c8:75:c5:53:f8:52:4d:31:a8:fb:54:b7:12:32:c3:96:
b5:c1:0d:1d:e6:f2:53:73:06:99:d6:a0:03:4d:b1:e5:13:0b:
78:2a:a0:85:5b:70:0e:3b:6f:41:c8:b2:b6:91:fe:3d:97:2c:
08:17:b9:f1:79:b5:5e:3a:55:7c:2f:bf:aa:92:a1:56:58:ed:
10:4f:bd:63:7f:00:24:99:3b:e2:d7:d2:b5:d4:31:f1:5a:f6:
cc:04:fd:66:a0:32:cc:53:07:78:bc:35:a8:99:48:19:19:7f:
3d:7b:71:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIATv4judb1S31cztSxCBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MTBjNjliZWQwMzQ2NWJmZjhhZjlkNzFhNmFlOWIxODNi
N2MyNGQwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU3ZmYzZGU3MTQ1NDcyYjViZWYzNTZlYzc2NjI4ZWQ1OGFkMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYjpnr1b5TkzSwwfwip08R5WnP74
ogFsj5jurG1JloNDhuCYVDC93vd3VGvBAIFZ9+hnCfTCdgMfSLnI5nFOnOGX5lR5
uwEPwyAjx40Fkd5uMpHdXgGZ6k0LwXoT129aVlgc784JeY8y7ZWOQCLSsbIKcgTr
sj3ZZY6tB+8R46t+lnXWSD7w1mE/f5HeypNR5P16BchWlvxURoCODusI7BDzhsqJ
08koBT9+YaVFgK2cgHY059I+TZQKOPLoMgRhYIWPJsk2JXAvKsbxHl0Vjd3Ay5EZ
tCFIXAJ/79VaWOp4TEfn4nHZ86HfikxZ4TaPBGzSPZWtqAuhHwhd2GSdFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJX/z3nFFRytb7zVux2Yo7VitF0MB8GA1UdIwQY
MBaAFEUQxpvtA0Zb/4r51xpq6bGDt8JNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJER20tMERSbHZfaXZuWEdtcnBzWU8zd2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wOWM4NjUtYWM5Yy00OTEzLTljY2Ut
ZTFmZDBiMWYwZWZkLzEvTWxmX1BlY1VWSEsxdnZOVzdIWmlqdFdLMFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wOWM4NjUtYWM5Yy00OTEzLTljY2UtZTFmZDBiMWYwZWZk
LzEvUlJER20tMERSbHZfaXZuWEdtcnBzWU8zd2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudn0MA0G
CSqGSIb3DQEBCwUAA4IBAQApaYDbIFEbm5b95AmiqKdhSZVQw2smCCrRjCvZI7lh
ig9bxRAfNKx4liqL7esWaUqX4755jdDipl0qZF7oI1CoIJAUcUAe1XTjfJ1MDvxw
LObDPAK98+zrKIcMXuPliYKsFxEOa8ukEyjd4Bcy4VImweK5BsNNBjpH/uNE4vyZ
NlBi2I1lmYhQ0sqAOPgj3WQNJsh1xVP4Uk0xqPtUtxIyw5a1wQ0d5vJTcwaZ1qAD
TbHlEwt4KqCFW3AOO29ByLK2kf49lywIF7nxebVeOlV8L7+qkqFWWO0QT71jfwAk
mTvi19K11DHxWvbMBP1moDLMUwd4vDWomUgZGX89e3F+
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:23 2024 by rpki-client on console-fra.rpki-client.org