Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mLRz5OTjGh9j7g5duC4Xo9OJGbg.roa
File: mLRz5OTjGh9j7g5duC4Xo9OJGbg.roa (raw, json)
Hash identifier: iQBsyo2HfK7eeZxhvywxycGtouL3b3WXXJtpQJukQt8=
Subject key identifier: 98:B4:73:E4:E4:E3:1A:1F:63:EE:0E:5D:B8:2E:17:A3:D3:89:19:B8
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01926831D397AEFD623176905F25BDCAF551
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mLRz5OTjGh9j7g5duC4Xo9OJGbg.roa
Signing time: Mon 07 Oct 2024 18:15:48 +0000
ROA not before: Mon 07 Oct 2024 18:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 185.104.153.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:68:31:d3:97:ae:fd:62:31:76:90:5f:25:bd:ca:f5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Oct 7 18:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98b473e4e4e31a1f63ee0e5db82e17a3d38919b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:af:94:55:6a:62:fd:4d:6b:6d:b7:9b:32:
4e:ba:59:ce:c6:e8:55:6a:97:a1:36:f0:c0:ee:c8:
59:15:ff:e2:19:ec:e3:3e:5c:b3:8a:75:c5:12:82:
fd:27:11:4e:64:4d:09:54:07:75:f8:8e:b0:18:1c:
a2:cc:f9:71:4d:b9:7f:d6:26:9a:17:6c:df:b1:86:
50:2c:fe:68:d2:d4:cb:02:0f:27:0f:42:6b:5a:f3:
82:5e:a2:ea:ac:54:ad:9a:ed:45:f3:94:f0:9e:c8:
80:09:44:4c:31:1a:92:e9:b9:ee:d8:3e:39:63:74:
ae:5a:49:80:3f:0b:9f:da:32:cb:a1:9a:6d:40:81:
bb:72:ef:91:0d:3b:9e:6d:f3:b8:98:cd:ed:e5:ec:
09:40:d3:74:bc:7d:bd:22:11:6c:01:4c:6a:08:77:
03:30:f9:b3:1c:f0:b1:30:ab:d6:8d:71:35:70:e0:
5c:61:f0:25:e0:28:5d:8c:0d:f7:49:5c:dd:f7:0f:
26:2b:22:bd:37:87:94:29:b5:a2:bf:17:b6:b2:2a:
03:c7:9d:b2:6e:a6:c0:e7:d2:78:47:e5:0f:3f:03:
13:54:80:f4:7a:cf:39:93:10:27:28:f4:99:45:92:
b8:b2:b8:d8:22:06:ec:0c:9b:78:c4:b3:30:b1:0c:
94:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B4:73:E4:E4:E3:1A:1F:63:EE:0E:5D:B8:2E:17:A3:D3:89:19:B8
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mLRz5OTjGh9j7g5duC4Xo9OJGbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.153.0/24
185.122.186.0/23
Signature Algorithm: sha256WithRSAEncryption
52:91:6d:14:34:48:31:97:eb:c6:05:3e:9a:83:c7:ec:cd:1d:
61:65:a1:1c:7f:0c:4f:50:ed:32:a2:97:76:71:3e:da:2e:27:
61:2f:1f:c5:40:da:0f:d2:13:eb:27:9c:cd:0b:64:60:10:7b:
1a:b1:bc:39:2e:4e:d1:85:a6:6b:61:9a:b0:4f:a0:88:bb:42:
74:67:35:e9:ad:25:f3:83:75:68:f8:b7:3e:0e:60:5e:8b:e2:
33:bd:17:59:8d:af:8a:71:87:a8:df:89:33:7a:04:db:10:4e:
3c:f4:51:cc:db:57:5b:31:8e:5a:98:fd:ce:f6:e4:7c:ea:d8:
25:fe:44:7c:1a:35:60:b4:96:5f:c4:2c:fe:78:14:c6:85:fe:
77:e6:cb:d1:d6:ed:f8:70:1a:66:24:d9:14:21:a9:37:2f:6c:
e6:9b:38:f1:15:1f:b1:7c:48:9a:c9:ca:05:0b:56:e5:f1:fd:
0d:fb:15:0a:75:94:4f:d9:5e:2e:72:b4:15:84:06:18:19:b3:
2a:02:a3:8c:df:af:29:0e:be:fb:c7:08:2a:95:82:3e:07:65:
ae:0d:63:17:d9:1b:b5:4a:c9:3e:50:8c:4f:a3:d8:e6:a8:38:
03:9c:54:c5:d3:26:d0:f2:9b:5c:dc:e2:eb:d6:c2:57:66:5a:
06:f3:8a:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJoMdOXrv1iMXaQXyW9yvVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQxMDA3MTgxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGI0NzNlNGU0ZTMxYTFmNjNlZTBlNWRiODJlMTdhM2QzODkxOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlavlFVqYv1Na223mzJOulnOxuhV
apehNvDA7shZFf/iGezjPlyzinXFEoL9JxFOZE0JVAd1+I6wGByizPlxTbl/1iaa
F2zfsYZQLP5o0tTLAg8nD0JrWvOCXqLqrFStmu1F85TwnsiACURMMRqS6bnu2D45
Y3SuWkmAPwuf2jLLoZptQIG7cu+RDTuebfO4mM3t5ewJQNN0vH29IhFsAUxqCHcD
MPmzHPCxMKvWjXE1cOBcYfAl4ChdjA33SVzd9w8mKyK9N4eUKbWivxe2sioDx52y
bqbA59J4R+UPPwMTVID0es85kxAnKPSZRZK4srjYIgbsDJt4xLMwsQyUTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJi0c+Tk4xofY+4OXbguF6PTiRm4MB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvbUxSejVPVGpHaDlqN2c1ZHVDNFhvOU9KR2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWiZAwQB
uXq6MA0GCSqGSIb3DQEBCwUAA4IBAQBSkW0UNEgxl+vGBT6ag8fszR1hZaEcfwxP
UO0yopd2cT7aLidhLx/FQNoP0hPrJ5zNC2RgEHsasbw5Lk7RhaZrYZqwT6CIu0J0
ZzXprSXzg3Vo+Lc+DmBei+IzvRdZja+KcYeo34kzegTbEE489FHM21dbMY5amP3O
9uR86tgl/kR8GjVgtJZfxCz+eBTGhf535svR1u34cBpmJNkUIak3L2zmmzjxFR+x
fEiaycoFC1bl8f0N+xUKdZRP2V4ucrQVhAYYGbMqAqOM368pDr77xwgqlYI+B2Wu
DWMX2Ru1Ssk+UIxPo9jmqDgDnFTF0ybQ8ptc3OLr1sJXZloG84p7
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:52 2024 by rpki-client on console-ams.rpki-client.org