Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/MkjhIwngZ-HRHefwdZWMacIgjIE.roa
File: MkjhIwngZ-HRHefwdZWMacIgjIE.roa (raw, json)
Hash identifier: EQEoQj3Rq37I/w36eOjFZnJqJinzqa0cuuwS8HGKGNY=
Subject key identifier: 32:48:E1:23:09:E0:67:E1:D1:1D:E7:F0:75:95:8C:69:C2:20:8C:81
Certificate issuer: /CN=079eb4d8c65f3a7b454ca2a5e5f64094e9d88bd3
Certificate serial: 018CC7259E1CEFD78599D0CE6494B7AB12EA
Authority key identifier: 07:9E:B4:D8:C6:5F:3A:7B:45:4C:A2:A5:E5:F6:40:94:E9:D8:8B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/MkjhIwngZ-HRHefwdZWMacIgjIE.roa
Signing time: Mon 01 Jan 2024 22:29:40 +0000
ROA not before: Mon 01 Jan 2024 22:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49835
IP address blocks: 109.69.12.0/24 maxlen: 24
109.69.14.0/24 maxlen: 24
109.69.15.0/24 maxlen: 24
109.69.13.0/24 maxlen: 24
185.32.17.0/24 maxlen: 24
185.32.16.0/24 maxlen: 24
185.32.18.0/24 maxlen: 24
185.32.19.0/24 maxlen: 24
5.10.205.0/24 maxlen: 24
5.10.206.0/24 maxlen: 24
5.10.203.0/24 maxlen: 24
5.10.204.0/24 maxlen: 24
5.10.202.0/24 maxlen: 24
5.10.200.0/24 maxlen: 24
5.10.201.0/24 maxlen: 24
5.10.207.0/24 maxlen: 24
109.69.11.0/24 maxlen: 24
109.69.9.0/24 maxlen: 24
109.69.10.0/24 maxlen: 24
109.69.8.0/24 maxlen: 24
2a00:1508::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:9e:1c:ef:d7:85:99:d0:ce:64:94:b7:ab:12:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=079eb4d8c65f3a7b454ca2a5e5f64094e9d88bd3
Validity
Not Before: Jan 1 22:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3248e12309e067e1d11de7f075958c69c2208c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:71:55:0e:0f:48:e5:8e:95:7c:a7:ba:21:45:
a4:d9:92:0f:bc:6c:dd:62:16:c6:63:19:c6:0b:80:
7b:d3:34:b8:4d:29:24:b4:a2:a2:25:5c:39:0a:c9:
65:ce:bb:05:5c:c0:c8:db:ed:15:f1:28:d2:8a:1c:
77:24:c6:b9:84:e1:10:7f:d8:3c:4f:f4:f1:34:01:
72:bb:f0:77:d2:40:06:a1:08:ba:2c:be:8b:94:d6:
75:54:2c:58:fe:d6:0c:a6:94:a8:f5:b4:07:88:64:
79:05:a6:76:1b:d1:77:0e:76:b2:f6:07:de:71:0b:
44:50:6b:a6:49:09:67:dd:cc:1d:dd:ba:0a:80:ee:
dd:a0:86:8b:11:fb:db:86:84:c9:be:2c:a3:43:69:
e9:b8:1a:8d:cf:33:7c:13:0e:b6:df:7a:d0:a5:2e:
10:66:c6:c9:49:59:cc:9c:b6:81:92:c8:4c:81:0f:
99:67:55:81:17:fb:c0:d1:fe:83:75:2d:23:26:f4:
be:f8:7e:2f:48:e2:eb:16:35:55:82:49:eb:ce:fc:
b6:a4:f7:aa:ff:5e:64:76:b4:09:03:61:80:65:c3:
84:35:ac:a9:88:59:fe:63:b3:46:36:8a:e2:a5:50:
16:5e:be:dc:c5:09:48:d3:b5:3c:f3:07:f1:95:bf:
89:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:48:E1:23:09:E0:67:E1:D1:1D:E7:F0:75:95:8C:69:C2:20:8C:81
X509v3 Authority Key Identifier:
keyid:07:9E:B4:D8:C6:5F:3A:7B:45:4C:A2:A5:E5:F6:40:94:E9:D8:8B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/MkjhIwngZ-HRHefwdZWMacIgjIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.200.0/21
109.69.8.0/21
185.32.16.0/22
IPv6:
2a00:1508::/32
Signature Algorithm: sha256WithRSAEncryption
3e:97:41:96:4b:7c:c7:64:03:84:a9:57:8f:aa:79:8d:14:19:
77:e8:d3:ab:ed:1c:17:e3:36:6a:24:74:78:2b:56:ea:9d:dc:
ea:d2:03:6b:80:1a:3a:43:99:0a:2d:7b:38:ae:99:de:76:a1:
27:43:25:32:2a:29:cd:1f:f3:21:86:3f:ba:7e:ea:0a:6f:55:
a7:0e:a7:d9:34:eb:c4:6d:ef:59:e6:c0:2d:86:dc:00:2d:2c:
97:2c:c0:cf:3a:9b:1d:a3:a5:df:5b:aa:f5:f0:53:5c:03:bf:
bb:09:e5:a8:9c:71:c2:0f:55:a0:3f:38:91:99:af:1c:24:d5:
6e:e7:ee:88:c1:12:70:03:9e:05:2c:30:64:f8:54:71:57:86:
aa:8b:79:8f:6f:04:38:14:b9:80:66:27:32:67:ff:9b:e0:be:
0c:88:86:93:2d:e2:42:62:45:e0:05:ab:ed:a5:bb:88:32:0a:
27:f3:4a:60:a0:00:ac:4d:e7:51:4c:78:6a:af:43:51:86:d8:
74:10:3b:89:04:77:f9:f4:c5:2a:35:ad:00:e9:02:ac:b6:52:
7f:ec:23:e9:d5:c7:c9:fa:81:76:77:96:fd:84:99:f1:d7:a9:
f2:66:df:5c:66:39:a0:b5:0c:00:af:43:57:f3:f2:31:b9:cc:
76:2d:6c:7e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJZ4c79eFmdDOZJS3qxLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OWViNGQ4YzY1ZjNhN2I0NTRjYTJhNWU1ZjY0MDk0ZTlk
ODhiZDMwHhcNMjQwMTAxMjIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ4ZTEyMzA5ZTA2N2UxZDExZGU3ZjA3NTk1OGM2OWMyMjA4YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XFVDg9I5Y6VfKe6IUWk2ZIPvGzd
YhbGYxnGC4B70zS4TSkktKKiJVw5CsllzrsFXMDI2+0V8SjSihx3JMa5hOEQf9g8
T/TxNAFyu/B30kAGoQi6LL6LlNZ1VCxY/tYMppSo9bQHiGR5BaZ2G9F3Dnay9gfe
cQtEUGumSQln3cwd3boKgO7doIaLEfvbhoTJviyjQ2npuBqNzzN8Ew6233rQpS4Q
ZsbJSVnMnLaBkshMgQ+ZZ1WBF/vA0f6DdS0jJvS++H4vSOLrFjVVgknrzvy2pPeq
/15kdrQJA2GAZcOENaypiFn+Y7NGNoripVAWXr7cxQlI07U88wfxlb+J7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDJI4SMJ4Gfh0R3n8HWVjGnCIIyBMB8GA1UdIwQY
MBaAFAeetNjGXzp7RUyipeX2QJTp2IvTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjU2MDJNWmZPbnRGVEtLbDVmWkFsT25ZaTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yZmMwMDctMzYxZC00ZjQ3LWFhZjct
NDg0ZDg0M2U2ZGUzLzEvTWtqaEl3bmdaLUhSSGVmd2RaV01hY0lnaklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yZmMwMDctMzYxZC00ZjQ3LWFhZjctNDg0ZDg0M2U2ZGUz
LzEvQjU2MDJNWmZPbnRGVEtLbDVmWkFsT25ZaTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBQrIAwQD
bUUIAwQCuSAQMA0EAgACMAcDBQAqABUIMA0GCSqGSIb3DQEBCwUAA4IBAQA+l0GW
S3zHZAOEqVePqnmNFBl36NOr7RwX4zZqJHR4K1bqndzq0gNrgBo6Q5kKLXs4rpne
dqEnQyUyKinNH/Mhhj+6fuoKb1WnDqfZNOvEbe9Z5sAthtwALSyXLMDPOpsdo6Xf
W6r18FNcA7+7CeWonHHCD1WgPziRma8cJNVu5+6IwRJwA54FLDBk+FRxV4aqi3mP
bwQ4FLmAZicyZ/+b4L4MiIaTLeJCYkXgBavtpbuIMgon80pgoACsTedRTHhqr0NR
hth0EDuJBHf59MUqNa0A6QKstlJ/7CPp1cfJ+oF2d5b9hJnx16nyZt9cZjmgtQwA
r0NX8/Ixucx2LWx+
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:08 2024 by rpki-client on console-fra.rpki-client.org