Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/M7deqtFae2O8LzwezgWfLo_L-pg.roa
File: M7deqtFae2O8LzwezgWfLo_L-pg.roa (raw, json)
Hash identifier: Zn1wzATz5y98xpUew/dOJCBw0XgmHjeYgM14XRqHeQ8=
Subject key identifier: 33:B7:5E:AA:D1:5A:7B:63:BC:2F:3C:1E:CE:05:9F:2E:8F:CB:FA:98
Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial: 018ECEE746398F58032FA92E47CB4C9FD849
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/M7deqtFae2O8LzwezgWfLo_L-pg.roa
Signing time: Thu 11 Apr 2024 20:44:06 +0000
ROA not before: Thu 11 Apr 2024 20:44:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15425
IP address blocks: 5.53.8.0/21 maxlen: 21
31.28.128.0/19 maxlen: 19
84.16.96.0/19 maxlen: 19
84.21.96.0/19 maxlen: 19
86.61.128.0/17 maxlen: 17
93.181.64.0/18 maxlen: 18
176.227.248.0/21 maxlen: 21
188.134.128.0/17 maxlen: 17
2a03:6e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ce:e7:46:39:8f:58:03:2f:a9:2e:47:cb:4c:9f:d8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Validity
Not Before: Apr 11 20:44:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33b75eaad15a7b63bc2f3c1ece059f2e8fcbfa98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:ef:28:e6:b6:50:77:d0:38:9d:ee:36:25:
b4:39:ef:1e:6c:59:f6:0d:04:63:16:e9:90:b6:26:
97:e9:2b:ec:55:d9:12:47:02:c6:e5:70:d8:92:ae:
ae:cc:cb:8c:56:ec:2c:81:ef:e7:d8:a8:85:3a:62:
09:e5:52:c9:97:96:e8:18:27:22:97:9a:ae:d2:cf:
b5:e3:da:d0:44:e9:1b:e3:29:3e:d0:31:16:96:49:
cf:55:a6:6a:06:f0:28:99:6a:d1:d8:bc:9d:3f:fb:
b6:f6:9d:39:d8:90:a3:67:78:96:99:09:d4:6c:34:
08:dc:5f:3e:d5:1e:fc:1b:f2:fb:ae:39:e0:bb:03:
4d:16:28:39:71:0a:12:e8:4e:e0:19:26:02:60:d8:
ac:ff:af:fa:36:1e:c9:20:65:d0:f1:f6:4d:3e:37:
e8:bd:9d:19:64:06:dc:e9:20:5c:80:c3:21:74:74:
b8:df:bc:26:3f:75:51:5a:21:78:35:a1:58:40:74:
b3:a4:e6:e8:b2:b2:ea:ba:f8:60:ec:60:6c:a4:d7:
27:cc:79:11:49:ef:9c:5a:84:0a:9f:24:19:1e:bb:
d8:82:56:84:5c:72:ca:58:68:4c:93:60:6f:ce:6f:
0c:ab:3f:8c:26:50:75:e8:31:c6:36:25:71:56:8d:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B7:5E:AA:D1:5A:7B:63:BC:2F:3C:1E:CE:05:9F:2E:8F:CB:FA:98
X509v3 Authority Key Identifier:
keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/M7deqtFae2O8LzwezgWfLo_L-pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.8.0/21
31.28.128.0/19
84.16.96.0/19
84.21.96.0/19
86.61.128.0/17
93.181.64.0/18
176.227.248.0/21
188.134.128.0/17
IPv6:
2a03:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
23:1a:d6:f2:16:f8:6a:77:7a:c0:32:48:b8:c7:ea:66:0c:2b:
f4:a5:97:c3:66:e6:95:4c:98:64:59:04:24:98:84:6c:f5:72:
15:1a:b6:2c:e6:38:8d:26:e7:2e:31:a3:2c:88:95:02:20:3e:
41:e7:78:ce:ca:1a:c3:70:94:64:53:1c:c8:c6:fc:34:9b:ce:
57:23:b2:45:2a:1b:e1:68:03:4a:1e:2b:f5:18:cd:93:b2:51:
0d:1e:01:63:60:cd:4d:ba:2b:11:b4:87:1a:23:72:04:d9:8d:
b4:9b:f6:46:c3:f3:37:06:6a:66:7d:56:0e:d1:14:e9:67:36:
75:2d:1a:28:11:0b:38:53:32:bb:2f:d4:7e:7c:c5:08:85:fa:
1f:b5:43:a4:44:cc:b6:8b:1d:82:76:73:e0:42:10:3c:82:66:
ba:b7:8d:23:f8:ae:9b:04:94:92:78:85:f1:d2:e4:e9:1e:e6:
7e:61:b7:93:1d:db:fe:16:6e:5f:bc:4b:6b:f1:27:f6:d1:c1:
6a:17:83:17:22:d5:a6:85:a5:6e:7b:93:5c:0c:8a:39:a8:ce:
f5:de:32:eb:cd:52:e5:79:04:ea:15:23:98:c2:2f:81:a9:ff:
9f:36:73:f4:ae:b3:3f:71:ae:b7:54:9f:4b:9f:d1:7d:dd:dc:
2d:7b:99:9e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY7O50Y5j1gDL6kuR8tMn9hJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjQwNDExMjA0NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2I3NWVhYWQxNWE3YjYzYmMyZjNjMWVjZTA1OWYyZThmY2JmYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraXvKOa2UHfQOJ3uNiW0Oe8ebFn2
DQRjFumQtiaX6SvsVdkSRwLG5XDYkq6uzMuMVuwsge/n2KiFOmIJ5VLJl5boGCci
l5qu0s+149rQROkb4yk+0DEWlknPVaZqBvAomWrR2LydP/u29p052JCjZ3iWmQnU
bDQI3F8+1R78G/L7rjnguwNNFig5cQoS6E7gGSYCYNis/6/6Nh7JIGXQ8fZNPjfo
vZ0ZZAbc6SBcgMMhdHS437wmP3VRWiF4NaFYQHSzpObosrLquvhg7GBspNcnzHkR
Se+cWoQKnyQZHrvYglaEXHLKWGhMk2Bvzm8Mqz+MJlB16DHGNiVxVo2aFwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDO3XqrRWntjvC88Hs4Fny6Py/qYMB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvTTdkZXF0RmFlMk84THp3ZXpnV2ZMb19MLXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm
LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBTUIAwQF
HxyAAwQFVBBgAwQFVBVgAwQHVj2AAwQGXbVAAwQDsOP4AwQHvIaAMA0EAgACMAcD
BQAqA26AMA0GCSqGSIb3DQEBCwUAA4IBAQAjGtbyFvhqd3rAMki4x+pmDCv0pZfD
ZuaVTJhkWQQkmIRs9XIVGrYs5jiNJucuMaMsiJUCID5B53jOyhrDcJRkUxzIxvw0
m85XI7JFKhvhaANKHiv1GM2TslENHgFjYM1NuisRtIcaI3IE2Y20m/ZGw/M3Bmpm
fVYO0RTpZzZ1LRooEQs4UzK7L9R+fMUIhfoftUOkRMy2ix2CdnPgQhA8gma6t40j
+K6bBJSSeIXx0uTpHuZ+YbeTHdv+Fm5fvEtr8Sf20cFqF4MXItWmhaVue5NcDIo5
qM713jLrzVLleQTqFSOYwi+Bqf+fNnP0rrM/ca63VJ9Ln9F93dwte5me
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:33:09 2024 by rpki-client on console-ams.rpki-client.org