Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/mxli_m-Z8XYc0U1D8BPUdOB3au4.roa
File: mxli_m-Z8XYc0U1D8BPUdOB3au4.roa (raw, json)
Hash identifier: bVmYC04Aa44GtGL5MErW2NcK0TccOTAShaONSwrwZJ0=
Subject key identifier: 9B:19:62:FE:6F:99:F1:76:1C:D1:4D:43:F0:13:D4:74:E0:77:6A:EE
Certificate issuer: /CN=9d2d86c028bfc38e875455cf82689a36265302c2
Certificate serial: 018CC6B90280C9C97FE665D720E869A0EFA8
Authority key identifier: 9D:2D:86:C0:28:BF:C3:8E:87:54:55:CF:82:68:9A:36:26:53:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nS2GwCi_w46HVFXPgmiaNiZTAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/mxli_m-Z8XYc0U1D8BPUdOB3au4.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205321
IP address blocks: 185.217.248.0/22 maxlen: 24
2a0c:af00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/nS2GwCi_w46HVFXPgmiaNiZTAsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/nS2GwCi_w46HVFXPgmiaNiZTAsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nS2GwCi_w46HVFXPgmiaNiZTAsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:02:80:c9:c9:7f:e6:65:d7:20:e8:69:a0:ef:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2d86c028bfc38e875455cf82689a36265302c2
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b1962fe6f99f1761cd14d43f013d474e0776aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:ff:89:0e:ef:5a:7a:24:57:44:d8:f1:28:
c4:2b:da:aa:0d:41:49:68:be:c0:18:51:55:ce:34:
2f:9f:17:59:e1:49:b7:f8:8c:ff:71:79:7f:e8:28:
1b:91:2d:a9:4b:67:94:08:93:b6:89:27:1f:32:19:
7b:a9:e3:f1:88:83:0e:2a:18:c1:cd:a7:07:68:82:
6e:a7:81:a0:e6:b8:04:ae:d9:ad:0c:73:61:17:c5:
ae:5e:ff:f1:8f:bf:2d:28:8d:51:69:a8:1b:b4:27:
50:06:ed:43:49:5a:20:d8:48:f2:31:fd:c4:5f:c3:
17:01:16:d1:72:b8:63:4f:23:91:30:42:34:d6:29:
1f:a3:e6:d8:c6:eb:77:0c:49:b1:e9:7f:15:fc:03:
02:1d:16:3e:d9:f8:53:bb:b9:f8:8e:02:67:3c:45:
e2:73:26:f2:0b:92:a6:88:24:15:e3:df:13:2c:46:
4b:5b:dc:fd:0d:81:3a:ae:1d:a2:9d:94:ff:93:46:
65:ef:72:2f:ba:b6:8b:6f:4d:4c:d4:04:92:f2:96:
19:46:ef:45:3f:87:60:5d:f2:a0:d8:09:41:c3:dd:
68:08:8e:15:6f:b0:85:4d:ab:18:b9:56:b6:66:4b:
52:b4:02:7c:ce:9e:92:38:93:e4:7c:04:82:5f:56:
46:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:19:62:FE:6F:99:F1:76:1C:D1:4D:43:F0:13:D4:74:E0:77:6A:EE
X509v3 Authority Key Identifier:
keyid:9D:2D:86:C0:28:BF:C3:8E:87:54:55:CF:82:68:9A:36:26:53:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nS2GwCi_w46HVFXPgmiaNiZTAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/mxli_m-Z8XYc0U1D8BPUdOB3au4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c078fd-d2b6-46ba-a6ba-44c3b75d3f33/1/nS2GwCi_w46HVFXPgmiaNiZTAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.248.0/22
IPv6:
2a0c:af00::/29
Signature Algorithm: sha256WithRSAEncryption
04:37:35:54:5b:59:9b:e5:5b:63:97:bb:10:94:58:7e:bc:a6:
f3:ad:1b:ac:22:e1:6d:b3:ca:a3:cf:86:6c:69:6b:f0:f4:08:
46:e2:d2:ef:3d:3c:bb:f6:b0:30:b6:60:65:41:6b:1f:fc:db:
86:11:14:15:6d:2b:c5:a3:18:0c:c7:64:1a:31:7d:aa:cf:c7:
8e:c7:e7:65:02:33:9f:76:a3:79:e2:28:57:90:c3:3a:de:da:
fb:89:6d:e9:71:b7:8e:15:f8:01:b7:68:a9:c4:b8:2c:82:95:
69:a0:95:99:8d:ee:c6:59:64:9b:a2:e3:a2:7e:f2:64:2e:18:
f5:0c:50:8d:9b:33:60:6a:c7:79:7f:ca:92:65:92:5e:0c:08:
61:43:cb:e5:89:75:7b:6e:64:7d:d0:1a:1f:9c:74:58:02:7f:
1d:49:0f:8b:b3:78:b7:47:b3:40:18:ac:fa:8c:94:28:60:39:
68:03:f7:88:ac:2b:68:aa:2c:66:7c:d0:cd:13:43:02:6a:32:
2a:13:23:1a:e2:86:e7:52:d1:ef:7f:19:e8:0f:72:ed:2b:8a:
28:2a:33:3f:ad:25:92:06:55:38:33:77:63:5e:bb:51:24:e3:
31:19:5e:77:b1:da:06:1c:b3:88:fe:d0:45:4d:44:33:23:cb:
e6:b9:59:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuQKAycl/5mXXIOhpoO+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmQ4NmMwMjhiZmMzOGU4NzU0NTVjZjgyNjg5YTM2MjY1
MzAyYzIwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE5NjJmZTZmOTlmMTc2MWNkMTRkNDNmMDEzZDQ3NGUwNzc2YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWL/iQ7vWnokV0TY8SjEK9qqDUFJ
aL7AGFFVzjQvnxdZ4Um3+Iz/cXl/6CgbkS2pS2eUCJO2iScfMhl7qePxiIMOKhjB
zacHaIJup4Gg5rgErtmtDHNhF8WuXv/xj78tKI1RaagbtCdQBu1DSVog2EjyMf3E
X8MXARbRcrhjTyORMEI01ikfo+bYxut3DEmx6X8V/AMCHRY+2fhTu7n4jgJnPEXi
cybyC5KmiCQV498TLEZLW9z9DYE6rh2inZT/k0Zl73IvuraLb01M1ASS8pYZRu9F
P4dgXfKg2AlBw91oCI4Vb7CFTasYuVa2ZktStAJ8zp6SOJPkfASCX1ZGPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJsZYv5vmfF2HNFNQ/AT1HTgd2ruMB8GA1UdIwQY
MBaAFJ0thsAov8OOh1RVz4JomjYmUwLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblMyR3dDaV93NDZIVkZYUGdtaWFOaVpUQXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jMDc4ZmQtZDJiNi00NmJhLWE2YmEt
NDRjM2I3NWQzZjMzLzEvbXhsaV9tLVo4WFljMFUxRDhCUFVkT0IzYXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jMDc4ZmQtZDJiNi00NmJhLWE2YmEtNDRjM2I3NWQzZjMz
LzEvblMyR3dDaV93NDZIVkZYUGdtaWFOaVpUQXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudn4MA0E
AgACMAcDBQMqDK8AMA0GCSqGSIb3DQEBCwUAA4IBAQAENzVUW1mb5Vtjl7sQlFh+
vKbzrRusIuFts8qjz4ZsaWvw9AhG4tLvPTy79rAwtmBlQWsf/NuGERQVbSvFoxgM
x2QaMX2qz8eOx+dlAjOfdqN54ihXkMM63tr7iW3pcbeOFfgBt2ipxLgsgpVpoJWZ
je7GWWSbouOifvJkLhj1DFCNmzNgasd5f8qSZZJeDAhhQ8vliXV7bmR90BofnHRY
An8dSQ+Ls3i3R7NAGKz6jJQoYDloA/eIrCtoqixmfNDNE0MCajIqEyMa4obnUtHv
fxnoD3LtK4ooKjM/rSWSBlU4M3djXrtRJOMxGV53sdoGHLOI/tBFTUQzI8vmuVnk
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:14 2024 by rpki-client on console-ams.rpki-client.org