Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/iEOd_Mgrx_2tYgA6YGui1x6GMnM.roa
File: iEOd_Mgrx_2tYgA6YGui1x6GMnM.roa (raw, json)
Hash identifier: 5VA/fxH1g9my+lZ20grMiZRCARdIQVpb8sET9OT17O0=
Subject key identifier: 88:43:9D:FC:C8:2B:C7:FD:AD:62:00:3A:60:6B:A2:D7:1E:86:32:73
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 019343D9D6366893E4AD441EFFB033D776E9
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/iEOd_Mgrx_2tYgA6YGui1x6GMnM.roa
Signing time: Tue 19 Nov 2024 09:56:09 +0000
ROA not before: Tue 19 Nov 2024 09:56:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15542
IP address blocks: 185.200.96.0/22 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:d9:d6:36:68:93:e4:ad:44:1e:ff:b0:33:d7:76:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Nov 19 09:56:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88439dfcc82bc7fdad62003a606ba2d71e863273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:50:59:25:fe:73:47:b0:9e:cc:2d:65:4a:
cd:0a:66:38:ff:72:b0:bd:13:b3:62:35:f6:91:1d:
47:fa:74:b6:ce:71:82:aa:c6:12:cf:8c:6a:bd:23:
35:bd:a7:80:37:04:74:9a:93:37:b8:0d:58:59:a8:
d3:1b:4d:fc:2a:9f:c6:c3:dd:94:98:f7:82:d3:74:
c2:9b:00:64:ec:49:9b:f6:39:a9:b6:1f:2f:a6:9d:
ac:94:85:2e:84:97:e2:e0:05:02:53:f3:f4:cf:b4:
d7:68:e9:94:47:75:42:92:83:55:6a:52:af:39:b4:
be:a5:b1:92:50:9d:3d:0b:27:66:a3:59:c8:da:df:
d4:86:bc:7f:13:cb:7d:91:d5:e7:a4:66:21:2d:f2:
44:81:f7:95:5f:e8:d6:49:26:0a:56:b6:1b:57:71:
bc:a6:85:b1:8b:70:19:42:5e:c0:1f:5f:01:11:05:
40:b7:b7:4c:cf:bc:be:b4:34:b1:8c:0b:c0:8a:9a:
fa:b8:89:f2:02:b8:ed:64:60:90:90:c3:b0:f7:be:
14:d9:0f:76:b2:fa:fd:45:12:32:e6:72:23:a8:69:
bf:2b:d0:0a:3a:c3:33:86:3d:5e:ee:61:f9:2e:eb:
01:99:3e:75:7e:2f:55:40:7e:ac:b0:a3:29:08:1d:
7f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:43:9D:FC:C8:2B:C7:FD:AD:62:00:3A:60:6B:A2:D7:1E:86:32:73
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/iEOd_Mgrx_2tYgA6YGui1x6GMnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.96.0/22
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
Signature Algorithm: sha256WithRSAEncryption
37:e6:bd:65:ad:53:1e:71:48:ca:33:97:6d:1f:f1:c0:3c:db:
f2:83:03:06:fd:82:76:eb:5f:40:46:8e:fd:02:70:65:36:99:
d9:56:b9:e2:b7:cd:fb:78:dd:be:b6:f6:2e:e8:36:5e:e1:41:
97:7f:9a:06:ec:a0:46:4e:13:5c:29:b1:69:82:04:00:68:4a:
85:cb:87:9f:8d:77:47:b0:3e:bc:ba:e7:09:9c:41:d0:11:08:
67:d5:1c:c6:e7:cf:b4:42:25:7e:1f:27:be:25:d3:b6:2e:72:
d9:74:26:ea:54:0d:86:8f:eb:86:95:e9:55:d3:05:ff:eb:3b:
6d:e5:e5:8c:44:7b:92:37:9f:fa:35:01:eb:a9:32:12:f3:29:
15:90:af:0a:8b:f9:e0:01:e0:8a:55:20:a3:6d:4a:c5:00:4f:
cb:36:b3:34:36:e6:27:d1:90:65:cc:42:59:ed:c0:49:ad:60:
ca:1f:3f:8d:5e:5f:a5:0f:ae:aa:a9:87:59:c2:ee:b0:b0:76:
f6:18:a8:b6:76:a9:14:a9:6f:2d:09:38:c2:72:ce:70:74:e0:
1c:45:f9:df:e9:15:a1:ca:74:7e:66:78:95:2b:fe:28:de:3d:
d7:f4:5c:d7:ce:87:dd:11:f0:88:e1:43:3d:2c:41:ae:35:0b:
2d:3f:9f:a6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZND2dY2aJPkrUQe/7Az13bpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQxMTE5MDk1NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQzOWRmY2M4MmJjN2ZkYWQ2MjAwM2E2MDZiYTJkNzFlODYzMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8VQWSX+c0ewnswtZUrNCmY4/3Kw
vROzYjX2kR1H+nS2znGCqsYSz4xqvSM1vaeANwR0mpM3uA1YWajTG038Kp/Gw92U
mPeC03TCmwBk7Emb9jmpth8vpp2slIUuhJfi4AUCU/P0z7TXaOmUR3VCkoNValKv
ObS+pbGSUJ09Cydmo1nI2t/Uhrx/E8t9kdXnpGYhLfJEgfeVX+jWSSYKVrYbV3G8
poWxi3AZQl7AH18BEQVAt7dMz7y+tDSxjAvAipr6uInyArjtZGCQkMOw974U2Q92
svr9RRIy5nIjqGm/K9AKOsMzhj1e7mH5LusBmT51fi9VQH6ssKMpCB1/LwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIhDnfzIK8f9rWIAOmBrotcehjJzMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvaUVPZF9NZ3J4XzJ0WWdBNllHdWkxeDZHTW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCuchgAwQF
1FxAAwQF1HPAAwQF1SLgAwQF2T9AAwQE2WbwMA0EAgACMAcDBQMqAg9oMA0GCSqG
SIb3DQEBCwUAA4IBAQA35r1lrVMecUjKM5dtH/HAPNvygwMG/YJ2619ARo79AnBl
NpnZVrnit837eN2+tvYu6DZe4UGXf5oG7KBGThNcKbFpggQAaEqFy4efjXdHsD68
uucJnEHQEQhn1RzG58+0QiV+Hye+JdO2LnLZdCbqVA2Gj+uGlelV0wX/6ztt5eWM
RHuSN5/6NQHrqTIS8ykVkK8Ki/ngAeCKVSCjbUrFAE/LNrM0NuYn0ZBlzEJZ7cBJ
rWDKHz+NXl+lD66qqYdZwu6wsHb2GKi2dqkUqW8tCTjCcs5wdOAcRfnf6RWhynR+
ZniVK/4o3j3X9FzXzofdEfCI4UM9LEGuNQstP5+m
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:42 2024 by rpki-client on console-ams.rpki-client.org