Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mxlJdBETM5_03xTgV7rB4Q29iNE.roa
File: mxlJdBETM5_03xTgV7rB4Q29iNE.roa (raw, json)
Hash identifier: aDRxmP8D5fYSLJ5NiHw8kpuQNz3+ESz8dSObMAynxk4=
Subject key identifier: 9B:19:49:74:11:13:33:9F:F4:DF:14:E0:57:BA:C1:E1:0D:BD:88:D1
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0192617A7757434AC3CA71E7FB422999CD04
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mxlJdBETM5_03xTgV7rB4Q29iNE.roa
Signing time: Sun 06 Oct 2024 10:57:48 +0000
ROA not before: Sun 06 Oct 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.119.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.255.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:d::/48 maxlen: 48
2a04:2f00:e::/48 maxlen: 48
2a04:2f00:ff01::/48 maxlen: 48
2a04:2f00:ff02::/48 maxlen: 48
2a04:2f00:ff03::/48 maxlen: 48
2a04:2f00:ff06::/48 maxlen: 48
2a04:2f00:ff08::/48 maxlen: 48
2a04:2f00:ff09::/48 maxlen: 48
2a04:2f01:3::/48 maxlen: 48
2a04:2f01:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:61:7a:77:57:43:4a:c3:ca:71:e7:fb:42:29:99:cd:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Oct 6 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b1949741113339ff4df14e057bac1e10dbd88d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:14:68:ba:bf:f9:d6:38:bd:f0:a3:36:2b:
0e:c6:98:72:bf:36:1f:b8:d9:24:1c:7e:f3:bf:1a:
dd:28:34:15:66:16:87:84:05:10:e1:89:58:20:d5:
63:8e:24:ff:25:d2:ea:03:af:7d:91:06:1a:bf:55:
ac:f1:69:3a:74:81:6d:f0:6d:af:47:17:98:19:dc:
18:c6:30:f3:42:26:04:84:3e:f1:f4:0e:09:c4:f1:
77:21:82:57:40:31:fa:05:3d:93:89:52:7b:ca:43:
3e:22:af:60:fe:3e:3b:d9:39:0e:27:a3:a0:85:bf:
fa:ef:62:ce:43:70:5c:51:6b:88:dd:59:89:b7:b7:
07:35:aa:9a:f3:2d:f9:3d:79:de:6f:b2:86:83:ee:
19:ab:f3:3e:3f:da:12:00:7a:3f:de:c5:0b:73:5a:
4c:c1:20:1a:61:05:25:35:2e:f6:22:81:68:5d:d7:
1c:7c:10:5c:a2:e0:62:8b:0c:97:28:1f:15:0e:ef:
98:f4:ea:c8:8d:e9:4b:5e:5f:18:fc:ce:f4:10:16:
b3:ed:36:6e:3a:b0:cf:f9:54:66:fa:e4:f0:5a:c2:
76:8c:db:71:41:6a:a3:b2:73:dd:a9:41:bb:89:83:
2c:11:e9:7b:84:ea:f1:ec:7f:32:09:4c:0a:d9:87:
aa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:19:49:74:11:13:33:9F:F4:DF:14:E0:57:BA:C1:E1:0D:BD:88:D1
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/mxlJdBETM5_03xTgV7rB4Q29iNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.113.0-5.145.114.255
5.145.117.0-5.145.119.255
185.24.252.0/23
185.24.255.0/24
IPv6:
2a04:2f00::/48
2a04:2f00:3::/48
2a04:2f00:d::-2a04:2f00:e:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff01::-2a04:2f00:ff03:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff06::/48
2a04:2f00:ff08::/47
2a04:2f01:3::-2a04:2f01:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b3:2b:3d:4f:62:1b:1d:87:66:89:17:b3:64:16:19:f3:10:fa:
98:d7:e9:42:74:88:bb:18:1b:d3:88:53:72:5f:63:be:e2:58:
ea:53:c0:a6:2b:da:db:0b:6f:b2:aa:8a:dc:6e:7d:8e:16:df:
91:c6:ac:77:44:dc:02:0e:80:43:7e:fc:0f:18:97:65:7d:f1:
c8:d8:71:a2:b8:ff:c1:8c:24:d1:e0:7b:7b:cf:d6:28:95:c2:
35:f0:bc:fd:c2:b1:a4:ff:84:32:4e:1c:d5:0c:58:e0:5c:3d:
6b:b3:d5:86:49:28:10:d5:2e:36:e8:86:2e:ff:1f:11:6d:af:
27:34:09:0f:f8:5b:b3:b8:bd:f5:6f:b4:b4:c8:d0:d9:35:b1:
fa:e7:79:4a:37:6b:14:4c:b9:12:33:d7:3f:f5:e8:0f:f4:f1:
7d:87:13:96:24:21:04:68:a6:b3:79:dd:73:03:c9:0d:51:f6:
57:39:52:10:c9:c9:d4:69:22:a6:da:bd:aa:c8:c5:4d:08:25:
b7:fa:98:73:ab:5f:ca:59:38:ed:a4:42:fb:b4:3b:64:4a:4f:
63:44:aa:ea:1e:ab:01:4a:cb:ec:4f:3d:fa:82:73:e7:14:63:
5b:db:42:af:cf:5b:84:78:e3:56:55:67:9e:04:a3:d8:ab:96:
7e:c3:ea:e5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZJhendXQ0rDynHn+0Ipmc0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjQxMDA2MTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE5NDk3NDExMTMzMzlmZjRkZjE0ZTA1N2JhYzFlMTBkYmQ4OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZsUaLq/+dY4vfCjNisOxphyvzYf
uNkkHH7zvxrdKDQVZhaHhAUQ4YlYINVjjiT/JdLqA699kQYav1Ws8Wk6dIFt8G2v
RxeYGdwYxjDzQiYEhD7x9A4JxPF3IYJXQDH6BT2TiVJ7ykM+Iq9g/j472TkOJ6Og
hb/672LOQ3BcUWuI3VmJt7cHNaqa8y35PXneb7KGg+4Zq/M+P9oSAHo/3sULc1pM
wSAaYQUlNS72IoFoXdccfBBcouBiiwyXKB8VDu+Y9OrIjelLXl8Y/M70EBaz7TZu
OrDP+VRm+uTwWsJ2jNtxQWqjsnPdqUG7iYMsEel7hOrx7H8yCUwK2YeqdQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJsZSXQREzOf9N8U4Fe6weENvYjRMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvbXhsSmRCRVRNNV8wM3hUZ1Y3ckI0UTI5aU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDAuBAIAATAoMAwDBAAF
kXEDBAAFkXIwDAMEAAWRdQMEAwWRcAMEAbkY/AMEALkY/zBmBAIAAjBgAwcAKgQv
AAAAAwcAKgQvAAADMBIDBwAqBC8AAA0DBwAqBC8AAA4wEgMHACoELwD/AQMHAioE
LwD/AAMHACoELwD/BgMHASoELwD/CDASAwcAKgQvAQADAwcAKgQvAQAEMA0GCSqG
SIb3DQEBCwUAA4IBAQCzKz1PYhsdh2aJF7NkFhnzEPqY1+lCdIi7GBvTiFNyX2O+
4ljqU8CmK9rbC2+yqorcbn2OFt+Rxqx3RNwCDoBDfvwPGJdlffHI2HGiuP/BjCTR
4Ht7z9YolcI18Lz9wrGk/4QyThzVDFjgXD1rs9WGSSgQ1S426IYu/x8Rba8nNAkP
+FuzuL31b7S0yNDZNbH653lKN2sUTLkSM9c/9egP9PF9hxOWJCEEaKazed1zA8kN
UfZXOVIQycnUaSKm2r2qyMVNCCW3+phzq1/KWTjtpEL7tDtkSk9jRKrqHqsBSsvs
Tz36gnPnFGNb20Kvz1uEeONWVWeeBKPYq5Z+w+rl
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:36 2024 by rpki-client on console-fra.rpki-client.org