Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/3MT-MBOjM_fLo7WZJJYydkGM80M.roa
File: 3MT-MBOjM_fLo7WZJJYydkGM80M.roa (raw, json)
Hash identifier: h4zX3/7+6CoudfHjSu4a0XixWS6dRqO5IEuKbftjnlk=
Subject key identifier: DC:C4:FE:30:13:A3:33:F7:CB:A3:B5:99:24:96:32:76:41:8C:F3:43
Certificate issuer: /CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Certificate serial: 019425220A07118D588A8B01F6D612D8710B
Authority key identifier: 9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/3MT-MBOjM_fLo7WZJJYydkGM80M.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206123
IP address blocks: 45.131.168.0/22 maxlen: 24
93.115.211.0/24 maxlen: 24
93.115.253.0/24 maxlen: 24
109.106.16.0/23 maxlen: 24
109.106.18.0/23 maxlen: 24
109.237.72.0/22 maxlen: 24
171.22.12.0/22 maxlen: 24
185.123.128.0/22 maxlen: 24
185.195.196.0/22 maxlen: 24
185.211.92.0/22 maxlen: 24
185.254.118.0/23 maxlen: 24
2a0a:5ec0::/29 maxlen: 29
2a0d:c340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0a:07:11:8d:58:8a:8b:01:f6:d6:12:d8:71:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e30294b7e4645aaedb54672d48065b1b1cebc62
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcc4fe3013a333f7cba3b59924963276418cf343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:e0:a4:aa:8c:3c:66:bf:46:17:04:19:e2:
09:55:54:91:87:f4:82:f9:3d:d0:55:39:b8:fb:cd:
fc:4d:d5:37:c2:ac:cc:65:c3:42:ec:dd:c4:5c:84:
72:23:39:01:d1:70:7f:78:a8:76:7b:79:bf:e2:2f:
60:8f:c4:bc:ca:4d:54:19:3b:3c:60:c7:c0:9a:f8:
a2:57:99:77:6d:42:1f:3a:2e:02:c8:f6:43:ff:5c:
8f:90:b4:18:03:73:f7:0e:6d:54:53:c8:4f:56:43:
97:83:1c:8e:d9:ae:38:d6:82:16:38:8c:8c:78:5b:
12:69:a1:bc:d8:69:03:fb:fb:75:30:98:25:0d:ab:
90:f6:8b:7f:5e:25:c2:dd:8d:3d:07:b2:94:d9:9e:
80:cf:be:70:85:cc:d9:07:8a:cc:2d:49:38:41:a6:
2b:70:43:b7:ae:e9:22:5d:db:7f:64:2a:8a:47:71:
ca:9b:1a:f7:05:29:69:0b:96:05:57:96:1c:79:c7:
28:2d:6b:f7:1f:00:f9:8b:28:65:3a:21:4d:67:c3:
f0:a0:cc:83:76:47:c5:57:cc:82:40:eb:c6:f3:15:
74:4e:92:00:51:15:a5:c6:50:23:8f:94:6f:ed:a0:
e2:78:90:b6:18:6e:8e:c6:23:39:98:09:58:40:51:
db:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C4:FE:30:13:A3:33:F7:CB:A3:B5:99:24:96:32:76:41:8C:F3:43
X509v3 Authority Key Identifier:
keyid:9E:30:29:4B:7E:46:45:AA:ED:B5:46:72:D4:80:65:B1:B1:CE:BC:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njApS35GRarttUZy1IBlsbHOvGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/3MT-MBOjM_fLo7WZJJYydkGM80M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/44e893-9247-452e-9f67-6913387b8083/1/njApS35GRarttUZy1IBlsbHOvGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.168.0/22
93.115.211.0/24
93.115.253.0/24
109.106.16.0/22
109.237.72.0/22
171.22.12.0/22
185.123.128.0/22
185.195.196.0/22
185.211.92.0/22
185.254.118.0/23
IPv6:
2a0a:5ec0::/29
2a0d:c340::/29
Signature Algorithm: sha256WithRSAEncryption
93:04:91:8e:8b:3a:77:a2:83:5c:b4:60:85:1d:d3:c6:99:53:
ce:ee:c9:00:ed:01:71:54:55:7f:31:97:7f:be:a1:20:98:81:
67:fc:17:9f:3d:0e:7a:3f:a6:9c:a4:8f:2e:9e:96:24:22:e4:
72:b3:0a:c0:dc:0c:29:93:71:9e:e0:7b:bc:7e:cf:e3:a1:42:
11:1a:dc:85:49:ce:df:a9:55:ba:d7:d8:9f:f1:52:9c:7e:2c:
fa:d9:16:68:7d:5a:4a:79:a0:c1:15:6e:bc:7e:bb:f4:e2:b3:
ac:ad:1d:a5:47:4c:d8:c5:e2:3b:5d:a1:74:80:7b:88:8f:0a:
e1:da:c1:6d:31:00:2a:24:f7:1f:fb:74:78:1b:9d:52:36:d7:
d0:75:11:57:a6:8f:20:e3:b6:06:02:0a:73:e9:ff:72:50:d1:
80:bf:db:92:83:ae:b6:b0:86:43:1f:a1:6e:a2:42:5d:7d:0e:
cd:07:2c:32:1c:67:44:4c:ba:2e:f5:94:db:c3:a3:15:64:47:
fb:c1:15:ce:ec:dc:73:be:59:89:19:17:09:b1:dd:93:d9:c0:
bd:e1:dc:11:0d:1f:bb:df:dd:6d:10:2a:49:dc:32:63:d1:80:
48:e5:65:df:2e:ad:02:12:47:5e:70:f1:b5:00:cf:93:83:ef:
19:fa:70:7d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQlIgoHEY1YiosB9tYS2HELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzAyOTRiN2U0NjQ1YWFlZGI1NDY3MmQ0ODA2NWIxYjFj
ZWJjNjIwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M0ZmUzMDEzYTMzM2Y3Y2JhM2I1OTkyNDk2MzI3NjQxOGNmMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7LgpKqMPGa/RhcEGeIJVVSRh/SC
+T3QVTm4+838TdU3wqzMZcNC7N3EXIRyIzkB0XB/eKh2e3m/4i9gj8S8yk1UGTs8
YMfAmviiV5l3bUIfOi4CyPZD/1yPkLQYA3P3Dm1UU8hPVkOXgxyO2a441oIWOIyM
eFsSaaG82GkD+/t1MJglDauQ9ot/XiXC3Y09B7KU2Z6Az75whczZB4rMLUk4QaYr
cEO3rukiXdt/ZCqKR3HKmxr3BSlpC5YFV5YceccoLWv3HwD5iyhlOiFNZ8PwoMyD
dkfFV8yCQOvG8xV0TpIAURWlxlAjj5Rv7aDieJC2GG6OxiM5mAlYQFHbhwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFNzE/jATozP3y6O1mSSWMnZBjPNDMB8GA1UdIwQY
MBaAFJ4wKUt+RkWq7bVGctSAZbGxzrxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjct
NjkxMzM4N2I4MDgzLzEvM01ULU1CT2pNX2ZMbzdXWkpKWXlka0dNODBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80NGU4OTMtOTI0Ny00NTJlLTlmNjctNjkxMzM4N2I4MDgz
LzEvbmpBcFMzNUdSYXJ0dFVaeTFJQmxzYkhPdkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQCLYOoAwQA
XXPTAwQAXXP9AwQCbWoQAwQCbe1IAwQCqxYMAwQCuXuAAwQCucPEAwQCudNcAwQB
uf52MBQEAgACMA4DBQMqCl7AAwUDKg3DQDANBgkqhkiG9w0BAQsFAAOCAQEAkwSR
jos6d6KDXLRghR3TxplTzu7JAO0BcVRVfzGXf76hIJiBZ/wXnz0Oej+mnKSPLp6W
JCLkcrMKwNwMKZNxnuB7vH7P46FCERrchUnO36lVutfYn/FSnH4s+tkWaH1aSnmg
wRVuvH679OKzrK0dpUdM2MXiO12hdIB7iI8K4drBbTEAKiT3H/t0eBudUjbX0HUR
V6aPIOO2BgIKc+n/clDRgL/bkoOutrCGQx+hbqJCXX0OzQcsMhxnREy6LvWU28Oj
FWRH+8EVzuzcc75ZiRkXCbHdk9nAveHcEQ0fu9/dbRAqSdwyY9GASOVl3y6tAhJH
XnDxtQDPk4PvGfpwfQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:02 2025 by rpki-client