Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/mu7TvsuJqYdSpNUItYdo4FFUDhc.roa
File: mu7TvsuJqYdSpNUItYdo4FFUDhc.roa (raw, json)
Hash identifier: rz5WXPw5usbJ/nuOXs7HLweGW5GgFxOr9HbKzHDRwps=
Subject key identifier: 9A:EE:D3:BE:CB:89:A9:87:52:A4:D5:08:B5:87:68:E0:51:54:0E:17
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018D0BF9DD1E8CF2C701318A8DFF29087815
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/mu7TvsuJqYdSpNUItYdo4FFUDhc.roa
Signing time: Mon 15 Jan 2024 07:15:40 +0000
ROA not before: Mon 15 Jan 2024 07:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57829
IP address blocks: 91.196.240.0/22 maxlen: 24
91.196.240.0/23 maxlen: 24
217.16.192.0/20 maxlen: 24
91.196.242.0/23 maxlen: 24
185.130.0.0/24 maxlen: 24
185.130.0.0/22 maxlen: 24
62.181.223.0/24 maxlen: 24
31.25.64.0/21 maxlen: 24
31.25.64.0/22 maxlen: 24
31.25.68.0/22 maxlen: 24
2a02:7720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:f9:dd:1e:8c:f2:c7:01:31:8a:8d:ff:29:08:78:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Jan 15 07:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aeed3becb89a98752a4d508b58768e051540e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:56:56:33:39:11:b9:db:1f:d6:4e:13:97:9f:
4f:6a:b8:4f:5c:db:96:72:36:f4:ea:3c:48:d4:99:
c8:3a:76:63:dc:0e:dc:96:3e:3b:7d:a9:21:39:b1:
47:d6:3e:b2:e6:1a:57:14:15:12:c9:22:7b:bd:27:
ce:74:b0:86:8b:24:01:a9:54:6a:06:18:9a:20:ee:
93:84:69:02:d0:76:4b:2f:f8:3b:bd:8b:a9:7b:47:
b8:eb:b3:8a:36:81:cb:a5:2a:bb:10:1c:ff:24:a9:
ce:3b:83:2d:be:0c:f6:42:de:f0:09:d9:fa:0e:96:
07:5a:01:bd:ae:23:66:f6:d4:b0:ea:9f:90:e6:58:
d0:66:5f:c3:4a:48:49:01:d4:4f:62:7d:2f:07:5e:
3c:78:93:71:15:7f:cc:af:af:a7:34:c7:b4:2a:a2:
15:46:31:1f:2f:e3:4c:da:ad:65:9c:d0:33:19:76:
45:91:0a:3b:14:85:d8:af:f5:03:4d:ed:56:31:28:
0f:8f:8e:91:22:c8:33:36:70:2d:e0:6c:58:bb:a1:
4b:e7:65:3f:90:83:9f:05:d9:83:63:d8:56:3f:c1:
13:e9:31:0d:7a:ab:12:c7:65:b5:8e:79:3e:51:60:
59:16:d1:46:9f:64:46:eb:78:de:08:7b:e5:4d:79:
d9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EE:D3:BE:CB:89:A9:87:52:A4:D5:08:B5:87:68:E0:51:54:0E:17
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/mu7TvsuJqYdSpNUItYdo4FFUDhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
62.181.223.0/24
91.196.240.0/22
185.130.0.0/22
217.16.192.0/20
IPv6:
2a02:7720::/32
Signature Algorithm: sha256WithRSAEncryption
25:23:08:3d:16:5c:77:f8:62:db:08:b7:e5:36:f8:f5:12:ad:
1a:89:ef:55:c2:b6:fa:7d:42:de:de:52:13:9a:15:2e:36:e7:
c4:05:35:19:82:40:53:27:88:ad:86:e3:18:f8:59:01:f4:50:
e6:92:e7:b7:67:f5:4f:a2:9d:95:45:8d:a2:33:c1:1f:5a:67:
20:cb:63:01:2f:b5:c5:59:ce:bb:1b:0e:fa:e3:c8:97:90:2a:
df:9f:18:11:41:3f:3c:8c:5c:2b:01:a2:83:3e:af:de:ab:05:
b9:82:f2:f7:14:e0:f2:1b:61:3b:33:5a:27:c7:f3:e3:9f:48:
a6:4f:f0:ca:74:17:e6:09:0e:ae:92:5f:52:57:78:65:27:7f:
b5:87:70:04:2f:5f:19:ae:a1:b1:b8:84:21:ab:f5:f1:69:a2:
98:9e:14:77:4c:cd:6b:6f:fb:48:fd:09:a0:59:af:e7:1a:c6:
cc:8e:ad:a3:98:4b:e3:00:4d:1a:33:4b:f9:72:0d:fb:6a:5f:
59:65:59:04:88:f9:4b:78:08:68:9d:0b:a1:f6:b6:c2:45:b7:
ff:68:f9:c0:20:1f:d9:d3:bd:62:e3:19:8d:95:e2:d2:4e:f7:
d0:8b:1c:c2:27:0a:ae:e9:64:a8:d3:aa:46:c7:bd:ac:c9:6e:
8f:99:85:4a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY0L+d0ejPLHATGKjf8pCHgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjQwMTE1MDcxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVlZDNiZWNiODlhOTg3NTJhNGQ1MDhiNTg3NjhlMDUxNTQwZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFZWMzkRudsf1k4Tl59ParhPXNuW
cjb06jxI1JnIOnZj3A7clj47fakhObFH1j6y5hpXFBUSySJ7vSfOdLCGiyQBqVRq
BhiaIO6ThGkC0HZLL/g7vYupe0e467OKNoHLpSq7EBz/JKnOO4Mtvgz2Qt7wCdn6
DpYHWgG9riNm9tSw6p+Q5ljQZl/DSkhJAdRPYn0vB148eJNxFX/Mr6+nNMe0KqIV
RjEfL+NM2q1lnNAzGXZFkQo7FIXYr/UDTe1WMSgPj46RIsgzNnAt4GxYu6FL52U/
kIOfBdmDY9hWP8ET6TENeqsSx2W1jnk+UWBZFtFGn2RG63jeCHvlTXnZWQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJru077LiamHUqTVCLWHaOBRVA4XMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvbXU3VHZzdUpxWWRTcE5VSXRZZG80RkZVRGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxlAAwQA
PrXfAwQCW8TwAwQCuYIAAwQE2RDAMA0EAgACMAcDBQAqAncgMA0GCSqGSIb3DQEB
CwUAA4IBAQAlIwg9Flx3+GLbCLflNvj1Eq0aie9Vwrb6fULe3lITmhUuNufEBTUZ
gkBTJ4ithuMY+FkB9FDmkue3Z/VPop2VRY2iM8EfWmcgy2MBL7XFWc67Gw7648iX
kCrfnxgRQT88jFwrAaKDPq/eqwW5gvL3FODyG2E7M1onx/Pjn0imT/DKdBfmCQ6u
kl9SV3hlJ3+1h3AEL18ZrqGxuIQhq/XxaaKYnhR3TM1rb/tI/QmgWa/nGsbMjq2j
mEvjAE0aM0v5cg37al9ZZVkEiPlLeAhonQuh9rbCRbf/aPnAIB/Z071i4xmNleLS
TvfQixzCJwqu6WSo06pGx72syW6PmYVK
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:09 2024 by rpki-client on console-ams.rpki-client.org