Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/MBIa8SXcUGoK_adsKxakbZSbwU8.roa
File: MBIa8SXcUGoK_adsKxakbZSbwU8.roa (raw, json)
Hash identifier: MV57JXUyz9XdjlzzVzebJNoDOCD92usDJ0FKzqJKjYg=
Subject key identifier: 30:12:1A:F1:25:DC:50:6A:0A:FD:A7:6C:2B:16:A4:6D:94:9B:C1:4F
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018CC56EEF51803C8FF297B98622A56E2E60
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/MBIa8SXcUGoK_adsKxakbZSbwU8.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205331
IP address blocks: 91.191.216.0/23 maxlen: 24
5.104.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ef:51:80:3c:8f:f2:97:b9:86:22:a5:6e:2e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30121af125dc506a0afda76c2b16a46d949bc14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c5:7d:91:30:e0:74:7c:c8:fd:cc:83:18:6d:
9e:17:54:9b:a1:8a:49:4f:97:29:9a:ac:2f:e4:eb:
62:d1:06:2f:63:c1:d8:ff:17:b2:9e:6e:14:72:b7:
dd:0d:5d:a8:fa:2f:95:8d:2f:2a:16:cc:6e:f0:a3:
08:60:cb:57:a3:50:01:c4:f4:bb:ec:82:b3:7c:f5:
88:3f:39:78:7d:ef:73:cd:4e:46:b1:95:44:b2:e0:
bf:77:6e:ee:32:1d:71:d2:94:20:e4:21:4d:f1:fc:
32:b8:8f:28:24:bb:3d:eb:89:05:31:6f:52:a8:87:
b2:98:ff:5a:d1:44:b8:bc:59:aa:9d:ce:09:33:2f:
f4:8e:c8:a2:1b:07:0c:44:92:8d:b1:f2:19:53:81:
6c:70:e7:ff:d5:49:bb:27:60:fc:8a:61:cf:51:96:
a3:85:bf:79:4e:b6:c6:4a:3e:49:5c:cd:c6:e5:cf:
7b:a0:84:1d:20:48:e4:74:d7:e4:b2:63:cf:5f:71:
d8:12:04:30:92:f4:a7:46:95:87:64:a3:ce:69:70:
54:a5:c7:f5:b7:90:f8:5e:ec:bf:b7:45:16:e3:d5:
00:93:84:e2:bb:e7:e4:9e:79:b4:12:20:42:fa:e3:
f5:c2:bb:da:69:a5:20:6e:b9:d1:d5:08:e9:09:af:
54:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:12:1A:F1:25:DC:50:6A:0A:FD:A7:6C:2B:16:A4:6D:94:9B:C1:4F
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/MBIa8SXcUGoK_adsKxakbZSbwU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.183.0/24
91.191.216.0/23
Signature Algorithm: sha256WithRSAEncryption
44:ca:b7:2d:8a:cc:10:62:59:9b:b1:d9:99:36:cb:44:85:37:
6b:5d:9b:f4:78:2c:f7:7e:57:40:2c:41:bb:bb:dd:41:cc:01:
e9:1d:0f:fc:52:91:3e:5b:8e:21:a9:14:09:c7:99:4d:d5:8a:
7a:d4:3c:e3:f5:82:7e:21:7c:24:2c:75:cd:bc:10:72:3b:ab:
75:bc:9e:9f:b6:60:83:67:38:77:10:09:49:4d:73:f7:c6:0f:
75:79:3a:d3:e0:25:4c:5f:3a:8a:f0:f7:db:0f:d6:9b:0f:39:
06:1c:b5:5d:01:10:57:43:09:f6:43:47:9b:2a:84:ee:b8:3b:
7a:df:9b:ce:21:14:8e:ed:2a:d7:45:af:01:7c:34:a0:a6:f5:
4b:0e:61:79:2b:7b:34:c1:12:35:a6:5a:51:03:4c:98:89:4b:
ac:3e:01:1b:da:31:e2:ba:73:61:14:7e:00:5a:30:8b:6b:b4:
6b:69:40:e9:73:a7:05:26:b3:97:c0:bf:62:f8:8d:6e:70:58:
11:06:d7:f5:6f:ad:57:be:55:1f:27:43:e6:a6:d7:7a:b6:a7:
ff:de:7f:42:81:20:d7:c7:99:e1:20:75:63:77:29:2d:19:3f:
06:fb:e4:d5:7a:8d:bf:fe:94:40:3d:d3:cd:fe:bc:5e:b0:99:
25:ee:ed:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbu9RgDyP8pe5hiKlbi5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDEyMWFmMTI1ZGM1MDZhMGFmZGE3NmMyYjE2YTQ2ZDk0OWJjMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcV9kTDgdHzI/cyDGG2eF1SboYpJ
T5cpmqwv5Oti0QYvY8HY/xeynm4UcrfdDV2o+i+VjS8qFsxu8KMIYMtXo1ABxPS7
7IKzfPWIPzl4fe9zzU5GsZVEsuC/d27uMh1x0pQg5CFN8fwyuI8oJLs964kFMW9S
qIeymP9a0US4vFmqnc4JMy/0jsiiGwcMRJKNsfIZU4FscOf/1Um7J2D8imHPUZaj
hb95TrbGSj5JXM3G5c97oIQdIEjkdNfksmPPX3HYEgQwkvSnRpWHZKPOaXBUpcf1
t5D4Xuy/t0UW49UAk4Tiu+fknnm0EiBC+uP1wrvaaaUgbrnR1QjpCa9UeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDASGvEl3FBqCv2nbCsWpG2Um8FPMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvTUJJYThTWGNVR29LX2Fkc0t4YWtiWlNid1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWi3AwQB
W7/YMA0GCSqGSIb3DQEBCwUAA4IBAQBEyrctiswQYlmbsdmZNstEhTdrXZv0eCz3
fldALEG7u91BzAHpHQ/8UpE+W44hqRQJx5lN1Yp61Dzj9YJ+IXwkLHXNvBByO6t1
vJ6ftmCDZzh3EAlJTXP3xg91eTrT4CVMXzqK8PfbD9abDzkGHLVdARBXQwn2Q0eb
KoTuuDt635vOIRSO7SrXRa8BfDSgpvVLDmF5K3s0wRI1plpRA0yYiUusPgEb2jHi
unNhFH4AWjCLa7RraUDpc6cFJrOXwL9i+I1ucFgRBtf1b61XvlUfJ0Pmptd6tqf/
3n9CgSDXx5nhIHVjdyktGT8G++TVeo2//pRAPdPN/rxesJkl7u1y
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:59:42 2024 by rpki-client on console-ams.rpki-client.org