Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/MgK41MKoYV_4hO6nRc_CREnfSIE.roa
File: MgK41MKoYV_4hO6nRc_CREnfSIE.roa (raw, json)
Hash identifier: 9vFU4cLBbGSNEwkJgRZiiZ8OzMSLV1lb4DaWF1P+eJc=
Subject key identifier: 32:02:B8:D4:C2:A8:61:5F:F8:84:EE:A7:45:CF:C2:44:49:DF:48:81
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 0191DAE9EB41D9DF839E93E2C32C691605DC
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/MgK41MKoYV_4hO6nRc_CREnfSIE.roa
Signing time: Tue 10 Sep 2024 07:50:48 +0000
ROA not before: Tue 10 Sep 2024 07:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12444
IP address blocks: 84.17.67.0/24 maxlen: 24
84.17.68.0/24 maxlen: 24
84.17.70.0/24 maxlen: 24
84.17.71.0/24 maxlen: 24
84.17.75.0/24 maxlen: 24
84.17.76.0/24 maxlen: 24
84.17.78.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.83.0/24 maxlen: 24
84.17.84.0/24 maxlen: 24
84.17.86.0/24 maxlen: 24
84.17.87.0/24 maxlen: 24
84.17.89.0/24 maxlen: 24
84.17.90.0/24 maxlen: 24
84.17.91.0/24 maxlen: 24
84.17.93.0/24 maxlen: 24
185.118.176.0/24 maxlen: 24
185.118.177.0/24 maxlen: 24
185.118.178.0/24 maxlen: 24
185.118.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:e9:eb:41:d9:df:83:9e:93:e2:c3:2c:69:16:05:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Sep 10 07:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3202b8d4c2a8615ff884eea745cfc24449df4881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:61:dc:a9:1d:31:98:0c:d4:c8:b4:59:50:
ce:ff:ea:4a:82:64:57:7b:84:d1:df:72:46:78:df:
02:97:1f:a6:ce:4d:df:45:d6:0d:87:59:02:0f:3a:
53:f1:18:8b:ce:13:a5:e6:1f:3a:05:78:0d:39:7d:
57:83:bb:0e:db:bb:39:56:6b:4c:65:4d:c1:8a:17:
d3:6a:aa:e7:7f:92:44:1e:f7:14:8a:37:1f:c4:27:
e4:5d:5d:33:cb:81:d7:44:a7:9e:c6:11:21:d6:d4:
6c:94:4c:88:f0:a4:ca:d3:4a:63:8b:1a:df:e0:d1:
d7:a9:dc:21:c4:85:0b:02:a3:9b:2e:0f:78:6a:6b:
62:27:00:db:4b:06:17:4d:f1:40:8f:4e:d6:28:1d:
76:49:1d:fe:36:e6:d5:82:e2:63:e7:f3:e3:cc:89:
82:84:b8:fe:16:44:83:9d:76:17:4b:58:a0:e2:e9:
0e:31:44:39:59:2c:f3:92:44:8f:1e:ef:84:50:3f:
e1:ca:98:4c:eb:95:5f:68:91:76:e3:6c:92:04:ea:
a9:e1:b5:f2:14:f3:fd:8f:8c:fe:fd:10:81:a6:61:
eb:b8:e2:02:6a:0c:a2:a7:b5:2e:7a:fe:ba:ed:82:
58:91:a4:9f:79:bd:44:87:19:9e:b4:25:ab:e0:b7:
64:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:02:B8:D4:C2:A8:61:5F:F8:84:EE:A7:45:CF:C2:44:49:DF:48:81
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/MgK41MKoYV_4hO6nRc_CREnfSIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.67.0-84.17.68.255
84.17.70.0/23
84.17.75.0-84.17.76.255
84.17.78.0/23
84.17.83.0-84.17.84.255
84.17.86.0/23
84.17.89.0-84.17.91.255
84.17.93.0/24
185.118.176.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e6:e6:40:72:3a:58:a9:13:36:6d:62:3e:ad:85:ed:05:28:
a7:fc:10:86:51:18:43:1b:4a:fa:fb:9b:2e:43:78:8a:ba:8a:
54:01:26:80:3f:5c:5e:59:fa:18:a1:c6:eb:7d:be:08:94:c3:
f5:10:bb:33:c7:a8:c9:cf:24:0c:d9:d6:33:10:03:19:f5:c3:
fe:e1:5d:6a:17:ed:f7:c7:05:26:b7:e6:ba:51:68:36:66:7a:
7f:f0:59:67:05:65:04:79:d2:61:10:d4:ae:4d:cc:0c:a5:fe:
fb:06:e8:b2:a6:2f:7b:d1:5c:5d:6f:17:db:d9:1b:95:37:4f:
8d:48:4a:50:25:a7:80:03:ca:4a:d7:46:e0:52:07:a3:8e:b9:
ec:13:b3:ad:ca:70:3e:59:42:c3:b4:5b:0c:24:a6:08:9e:30:
9b:84:59:92:83:b7:57:12:0d:a0:cb:56:96:65:95:a0:f7:89:
05:69:8c:e8:c5:3a:9b:f1:4b:13:9e:75:3c:cf:79:25:17:31:
2a:42:88:de:c2:ee:16:f9:23:07:c5:2a:a7:d7:18:45:70:7d:
3f:09:3e:2a:07:d2:bc:20:44:77:6a:84:c8:e2:ab:2d:4f:ca:
0c:89:3a:7e:b3:42:2c:76:cb:35:02:e7:17:0f:b4:7a:03:a5:
7e:cc:11:86
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZHa6etB2d+DnpPiwyxpFgXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwOTEwMDc1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAyYjhkNGMyYTg2MTVmZjg4NGVlYTc0NWNmYzI0NDQ5ZGY0ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Zh3KkdMZgM1Mi0WVDO/+pKgmRX
e4TR33JGeN8Clx+mzk3fRdYNh1kCDzpT8RiLzhOl5h86BXgNOX1Xg7sO27s5VmtM
ZU3BihfTaqrnf5JEHvcUijcfxCfkXV0zy4HXRKeexhEh1tRslEyI8KTK00pjixrf
4NHXqdwhxIULAqObLg94amtiJwDbSwYXTfFAj07WKB12SR3+NubVguJj5/PjzImC
hLj+FkSDnXYXS1ig4ukOMUQ5WSzzkkSPHu+EUD/hyphM65VfaJF242ySBOqp4bXy
FPP9j4z+/RCBpmHruOICagyip7Uuev667YJYkaSfeb1EhxmetCWr4LdkywIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFDICuNTCqGFf+ITup0XPwkRJ30iBMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvTWdLNDFNS29ZVl80aE82blJjX0NSRW5mU0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBABUEUMD
BABUEUQDBAFUEUYwDAMEAFQRSwMEAFQRTAMEAVQRTjAMAwQAVBFTAwQAVBFUAwQB
VBFWMAwDBABUEVkDBAJUEVgDBABUEV0DBAK5drAwDQYJKoZIhvcNAQELBQADggEB
AEfm5kByOlipEzZtYj6the0FKKf8EIZRGEMbSvr7my5DeIq6ilQBJoA/XF5Z+hih
xut9vgiUw/UQuzPHqMnPJAzZ1jMQAxn1w/7hXWoX7ffHBSa35rpRaDZmen/wWWcF
ZQR50mEQ1K5NzAyl/vsG6LKmL3vRXF1vF9vZG5U3T41ISlAlp4ADykrXRuBSB6OO
uewTs63KcD5ZQsO0WwwkpgieMJuEWZKDt1cSDaDLVpZllaD3iQVpjOjFOpvxSxOe
dTzPeSUXMSpCiN7C7hb5IwfFKqfXGEVwfT8JPioH0rwgRHdqhMjiqy1PygyJOn6z
Qix2yzUC5xcPtHoDpX7MEYY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:08 2024 by rpki-client on console-ams.rpki-client.org