Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/MIP40YCuA-kpgpC909yKvoTwGlA.roa
File: MIP40YCuA-kpgpC909yKvoTwGlA.roa (raw, json)
Hash identifier: wFpje1opf0KRG1QExFdKd/dnsY+t4PG4kpo+eQX7qg0=
Subject key identifier: 30:83:F8:D1:80:AE:03:E9:29:82:90:BD:D3:DC:8A:BE:84:F0:1A:50
Certificate issuer: /CN=854c8176d9c42c704b310913309470351bb599e5
Certificate serial: 018CC79336A6549BAC29742A0F9433A7B7DC
Authority key identifier: 85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/MIP40YCuA-kpgpC909yKvoTwGlA.roa
Signing time: Tue 02 Jan 2024 00:29:22 +0000
ROA not before: Tue 02 Jan 2024 00:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6768
IP address blocks: 45.14.108.0/22 maxlen: 22
45.14.108.0/24 maxlen: 24
45.14.108.0/23 maxlen: 23
45.14.111.0/24 maxlen: 24
45.14.110.0/24 maxlen: 24
45.14.110.0/23 maxlen: 23
45.14.109.0/24 maxlen: 24
2a01:4a60::/32 maxlen: 32
2a0e:c080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:36:a6:54:9b:ac:29:74:2a:0f:94:33:a7:b7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c8176d9c42c704b310913309470351bb599e5
Validity
Not Before: Jan 2 00:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3083f8d180ae03e9298290bdd3dc8abe84f01a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9c:0e:cd:3c:a4:b7:39:0f:7d:2c:5b:db:29:
f3:91:2a:85:ec:b9:46:17:be:99:16:e7:21:9c:ae:
22:29:c6:75:ad:7f:66:b1:2a:22:88:28:c8:9f:c9:
43:b4:f3:3f:b1:a2:bd:e1:a1:4e:ff:14:49:7f:d5:
fa:b9:ac:b9:16:d9:85:8f:78:26:13:86:69:a2:7b:
4a:52:5d:22:b4:61:96:ea:12:69:06:25:8c:8c:ee:
6d:b3:70:5a:76:ca:fa:1d:a2:d6:47:94:67:f5:38:
43:9d:3e:e1:2d:0c:97:ce:82:74:b8:df:8c:30:a2:
77:af:35:60:b2:04:2f:98:69:db:17:f3:bf:30:c5:
26:f4:df:42:9d:1f:25:8b:d6:1b:33:4b:6e:a1:80:
27:8f:66:28:bc:4c:9c:5a:7a:78:99:0c:64:67:8c:
2b:88:46:89:c0:fc:99:d7:06:dd:5b:3b:d8:38:67:
bd:ce:ad:d7:f6:d9:ed:bf:27:0a:12:31:9c:b3:66:
b7:b9:7b:91:dc:ef:f6:23:fb:e1:81:73:75:ae:3f:
96:84:a6:4c:c7:5d:ba:4e:5d:a8:33:b2:8c:26:c1:
45:04:2f:59:9e:e7:7e:d2:3b:36:02:63:ea:2a:33:
16:e9:6d:cb:18:5a:aa:c0:75:db:ba:fa:07:12:ad:
1f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:83:F8:D1:80:AE:03:E9:29:82:90:BD:D3:DC:8A:BE:84:F0:1A:50
X509v3 Authority Key Identifier:
keyid:85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/MIP40YCuA-kpgpC909yKvoTwGlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.108.0/22
IPv6:
2a01:4a60::/32
2a0e:c080::/29
Signature Algorithm: sha256WithRSAEncryption
05:13:a9:94:a7:69:cc:33:1d:e7:ad:a1:af:31:1f:53:d6:59:
cf:bb:7c:64:79:c5:c4:c3:88:95:71:cb:00:2f:30:57:ea:58:
c3:b0:f0:af:e8:fa:a6:0f:83:74:ed:df:93:b5:6c:d6:8b:df:
3e:74:00:61:22:b5:6f:9a:a7:70:5f:b5:d5:11:4b:36:4a:81:
b2:b1:52:93:71:4b:f5:a7:5c:3b:00:c3:cb:97:88:f4:c9:57:
5d:2c:6c:08:9b:fd:77:83:ab:c2:bc:58:b1:27:74:78:6d:a7:
de:06:55:30:fe:e2:fa:95:f0:53:86:62:61:19:44:01:78:b1:
86:0c:0e:e3:00:8d:7b:b9:ce:3e:1f:79:a6:70:ce:77:8b:74:
ee:a6:ca:ba:b1:f9:82:a5:5c:04:3b:23:b9:05:5a:3e:f9:55:
97:92:47:f4:ef:39:ae:b5:4e:55:a0:d7:ce:3c:55:75:9a:71:
eb:c7:dd:3e:88:d8:6f:b0:09:dd:c5:e5:39:e1:e2:68:5c:00:
15:5c:dd:0c:41:ba:4f:bf:28:98:27:9c:bf:98:f1:19:1c:24:
8a:c5:07:77:1c:0f:c4:be:86:1c:48:57:9a:e4:02:c5:ee:28:
f2:6a:dc:73:d5:3e:2f:19:2a:1f:0b:cc:f0:40:4b:55:bc:2c:
94:6f:b2:99
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHkzamVJusKXQqD5Qzp7fcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM4MTc2ZDljNDJjNzA0YjMxMDkxMzMwOTQ3MDM1MWJi
NTk5ZTUwHhcNMjQwMTAyMDAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgzZjhkMTgwYWUwM2U5Mjk4MjkwYmRkM2RjOGFiZTg0ZjAxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZwOzTyktzkPfSxb2ynzkSqF7LlG
F76ZFuchnK4iKcZ1rX9msSoiiCjIn8lDtPM/saK94aFO/xRJf9X6uay5FtmFj3gm
E4ZpontKUl0itGGW6hJpBiWMjO5ts3Badsr6HaLWR5Rn9ThDnT7hLQyXzoJ0uN+M
MKJ3rzVgsgQvmGnbF/O/MMUm9N9CnR8li9YbM0tuoYAnj2YovEycWnp4mQxkZ4wr
iEaJwPyZ1wbdWzvYOGe9zq3X9tntvycKEjGcs2a3uXuR3O/2I/vhgXN1rj+WhKZM
x126Tl2oM7KMJsFFBC9Znud+0js2AmPqKjMW6W3LGFqqwHXbuvoHEq0f2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDCD+NGArgPpKYKQvdPcir6E8BpQMB8GA1UdIwQY
MBaAFIVMgXbZxCxwSzEJEzCUcDUbtZnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjkt
YjA3ZjAxNmExNzYyLzEvTUlQNDBZQ3VBLWtwZ3BDOTA5eUt2b1R3R2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjktYjA3ZjAxNmExNzYy
LzEvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLQ5sMBQE
AgACMA4DBQAqAUpgAwUDKg7AgDANBgkqhkiG9w0BAQsFAAOCAQEABROplKdpzDMd
562hrzEfU9ZZz7t8ZHnFxMOIlXHLAC8wV+pYw7Dwr+j6pg+DdO3fk7Vs1ovfPnQA
YSK1b5qncF+11RFLNkqBsrFSk3FL9adcOwDDy5eI9MlXXSxsCJv9d4OrwrxYsSd0
eG2n3gZVMP7i+pXwU4ZiYRlEAXixhgwO4wCNe7nOPh95pnDOd4t07qbKurH5gqVc
BDsjuQVaPvlVl5JH9O85rrVOVaDXzjxVdZpx68fdPojYb7AJ3cXlOeHiaFwAFVzd
DEG6T78omCecv5jxGRwkisUHdxwPxL6GHEhXmuQCxe4o8mrcc9U+LxkqHwvM8EBL
VbwslG+ymQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:20:49 2024 by rpki-client on console-ams.rpki-client.org