Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/MVgzV637WgTA6ixPyXO00bdMcIM.roa
File: MVgzV637WgTA6ixPyXO00bdMcIM.roa (raw, json)
Hash identifier: gxWPy+gadCY9MFa/XKdq5lsRYu0LeVwFhuk2t2kXDKc=
Subject key identifier: 31:58:33:57:AD:FB:5A:04:C0:EA:2C:4F:C9:73:B4:D1:B7:4C:70:83
Certificate issuer: /CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Certificate serial: 019299603447B7167C97CA6D7C851CB1650A
Authority key identifier: AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/MVgzV637WgTA6ixPyXO00bdMcIM.roa
Signing time: Thu 17 Oct 2024 07:27:51 +0000
ROA not before: Thu 17 Oct 2024 07:27:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24740
IP address blocks: 91.223.171.0/24 maxlen: 24
185.59.160.0/23 maxlen: 23
185.59.162.0/23 maxlen: 23
185.227.228.0/24 maxlen: 24
185.227.229.0/24 maxlen: 24
185.227.230.0/24 maxlen: 24
185.227.231.0/24 maxlen: 24
193.111.22.0/23 maxlen: 23
2a04:b4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:60:34:47:b7:16:7c:97:ca:6d:7c:85:1c:b1:65:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0f97e63508219b96cbb2106343f5e1b6dc5a4f
Validity
Not Before: Oct 17 07:27:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31583357adfb5a04c0ea2c4fc973b4d1b74c7083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:1b:ed:12:a6:80:df:33:9c:59:7c:0c:dd:
67:c5:dc:02:0a:be:49:9b:8e:43:75:29:17:ca:80:
fb:e7:91:e8:8c:1b:18:63:78:86:84:17:bd:cf:64:
25:6e:28:c5:bb:cf:2e:ac:1f:51:b5:f9:4e:f4:0c:
ab:79:30:77:f7:c2:3b:a4:f7:1f:b3:ef:30:df:9f:
57:48:c7:d8:10:9a:2f:31:79:7a:bc:3b:e5:5d:52:
c8:33:65:c1:5b:76:4c:6b:38:a4:b0:22:db:a8:a3:
f8:d3:f7:97:87:14:a0:84:47:c5:87:99:52:f7:bf:
fd:06:4a:7a:eb:a3:de:6c:1e:b8:4b:a0:e4:84:cc:
90:b5:0c:7e:69:46:ad:43:32:78:59:6f:56:3e:04:
86:0a:6a:32:e6:79:3e:3d:66:26:f4:eb:d2:9a:9a:
b9:f9:f8:03:c3:78:d1:35:96:f6:ce:0f:4c:0e:d7:
f9:33:91:ae:2e:19:9e:59:59:4d:51:e5:bd:a5:cd:
1c:f0:7c:6b:d0:19:02:8b:24:aa:37:22:c3:9e:65:
73:c9:c1:78:89:0d:3e:a9:aa:72:4d:40:d6:e5:1c:
ee:d8:e5:c7:7a:3c:c9:bd:d4:21:35:14:4a:54:1d:
08:e3:3d:6d:4a:eb:da:34:37:fc:65:9a:01:35:85:
79:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:58:33:57:AD:FB:5A:04:C0:EA:2C:4F:C9:73:B4:D1:B7:4C:70:83
X509v3 Authority Key Identifier:
keyid:AA:0F:97:E6:35:08:21:9B:96:CB:B2:10:63:43:F5:E1:B6:DC:5A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qg-X5jUIIZuWy7IQY0P14bbcWk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/MVgzV637WgTA6ixPyXO00bdMcIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1b66fe-699a-413b-a2fc-f511fd688eda/1/qg-X5jUIIZuWy7IQY0P14bbcWk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.171.0/24
185.59.160.0/22
185.227.228.0/22
193.111.22.0/23
IPv6:
2a04:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:65:e4:ad:cf:5a:ab:54:28:88:e1:5e:e8:71:5d:ab:76:9e:
4e:a2:c2:0f:34:b5:00:1b:6b:fe:39:36:7f:87:90:76:ff:2d:
56:f9:b7:80:90:81:dd:77:a4:51:68:d0:d3:55:de:3b:dc:77:
0a:eb:4a:0f:3f:00:26:53:4f:33:08:cd:4d:e1:31:46:81:79:
51:13:21:ff:fc:e4:2f:66:44:2e:8c:8f:f1:24:7f:d2:17:c9:
35:8c:f3:b8:18:ac:12:4b:a5:73:73:dc:90:b0:21:90:9d:5e:
a6:93:db:9c:b3:7b:ce:29:14:f1:1e:36:d8:0e:00:b4:89:ee:
6e:3b:91:4e:f6:b6:07:fe:c5:42:30:73:79:0e:9b:6f:53:8f:
94:4d:99:45:6e:25:c5:91:67:c2:3a:23:58:6a:68:93:97:a7:
89:0f:7b:13:d3:f4:3b:d4:95:19:24:a6:07:24:58:90:c1:2d:
04:7f:ba:a9:be:c6:f8:e1:08:9b:17:69:0d:be:60:37:41:4a:
6b:39:2e:00:dc:c8:66:d1:1f:5b:5a:43:7a:60:06:bb:87:35:
a2:c8:95:a2:9b:3f:e5:4a:44:d4:38:b5:9c:72:9f:c5:60:1c:
c5:3b:f3:34:44:a7:58:48:91:1f:51:29:0b:3a:93:5c:21:5b:
c3:61:a7:94
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZKZYDRHtxZ8l8ptfIUcsWUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGY5N2U2MzUwODIxOWI5NmNiYjIxMDYzNDNmNWUxYjZk
YzVhNGYwHhcNMjQxMDE3MDcyNzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTU4MzM1N2FkZmI1YTA0YzBlYTJjNGZjOTczYjRkMWI3NGM3MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud0b7RKmgN8znFl8DN1nxdwCCr5J
m45DdSkXyoD755HojBsYY3iGhBe9z2QlbijFu88urB9RtflO9AyreTB398I7pPcf
s+8w359XSMfYEJovMXl6vDvlXVLIM2XBW3ZMaziksCLbqKP40/eXhxSghEfFh5lS
97/9Bkp666PebB64S6DkhMyQtQx+aUatQzJ4WW9WPgSGCmoy5nk+PWYm9OvSmpq5
+fgDw3jRNZb2zg9MDtf5M5GuLhmeWVlNUeW9pc0c8Hxr0BkCiySqNyLDnmVzycF4
iQ0+qapyTUDW5Rzu2OXHejzJvdQhNRRKVB0I4z1tSuvaNDf8ZZoBNYV5LQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDFYM1et+1oEwOosT8lztNG3THCDMB8GA1UdIwQY
MBaAFKoPl+Y1CCGblsuyEGND9eG23FpPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMt
ZjUxMWZkNjg4ZWRhLzEvTVZnelY2MzdXZ1RBNml4UHlYTzAwYmRNY0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYjY2ZmUtNjk5YS00MTNiLWEyZmMtZjUxMWZkNjg4ZWRh
LzEvcWctWDVqVUlJWnVXeTdJUVkwUDE0YmJjV2s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9+rAwQC
uTugAwQCuePkAwQBwW8WMA0EAgACMAcDBQMqBLTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBtZeStz1qrVCiI4V7ocV2rdp5OosIPNLUAG2v+OTZ/h5B2/y1W+beAkIHdd6RR
aNDTVd473HcK60oPPwAmU08zCM1N4TFGgXlREyH//OQvZkQujI/xJH/SF8k1jPO4
GKwSS6Vzc9yQsCGQnV6mk9ucs3vOKRTxHjbYDgC0ie5uO5FO9rYH/sVCMHN5Dptv
U4+UTZlFbiXFkWfCOiNYamiTl6eJD3sT0/Q71JUZJKYHJFiQwS0Ef7qpvsb44Qib
F2kNvmA3QUprOS4A3Mhm0R9bWkN6YAa7hzWiyJWimz/lSkTUOLWccp/FYBzFO/M0
RKdYSJEfUSkLOpNcIVvDYaeU
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:16 2024 by rpki-client on console-ams.rpki-client.org