Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mXxC2BUf667tSrLpb6WLurGDCuk.roa
File: mXxC2BUf667tSrLpb6WLurGDCuk.roa (raw, json)
Hash identifier: 5XK3QKasqF7V8vOvMwMh7erqj1wIQtFj0VABiaYqv3E=
Subject key identifier: 99:7C:42:D8:15:1F:EB:AE:ED:4A:B2:E9:6F:A5:8B:BA:B1:83:0A:E9
Certificate issuer: /CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Certificate serial: 01932B598FFC288132B4A0D8037D93CBDB63
Authority key identifier: 9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mXxC2BUf667tSrLpb6WLurGDCuk.roa
Signing time: Thu 14 Nov 2024 15:45:10 +0000
ROA not before: Thu 14 Nov 2024 15:45:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35266
IP address blocks: 46.30.8.0/21 maxlen: 24
185.69.13.0/24 maxlen: 24
185.69.14.0/23 maxlen: 24
185.81.188.0/22 maxlen: 24
2a01:b000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2b:59:8f:fc:28:81:32:b4:a0:d8:03:7d:93:cb:db:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d0a749ae25c1cbb65871d416a79ab4a884ac468
Validity
Not Before: Nov 14 15:45:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=997c42d8151febaeed4ab2e96fa58bbab1830ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c2:81:5b:ac:ff:e3:88:b7:e0:81:5d:db:4f:
cf:60:38:09:70:9b:3c:1a:bb:61:20:d4:ad:af:ba:
29:d3:65:7a:5b:35:d1:42:76:32:ed:f1:ae:04:d4:
4d:7d:72:ca:ef:ba:37:a4:fb:0c:76:d3:42:4a:95:
3f:7d:c6:52:fb:41:b7:c8:20:55:12:6e:52:25:7f:
e0:90:dc:05:f6:59:ae:7a:f3:0d:f4:f4:3b:b4:ac:
75:06:66:09:c1:3a:96:d1:65:09:26:0f:7f:4d:75:
18:7e:d8:7a:dd:c4:f1:01:d1:71:b0:77:37:d8:bd:
18:17:20:4b:8f:e8:cb:bb:3b:dc:1f:16:e2:fb:67:
42:bc:df:55:24:4a:71:ef:2d:a1:b1:6a:e1:46:8f:
52:5a:35:c3:ae:03:27:79:19:08:6f:6a:8b:96:2a:
ca:ad:eb:5e:66:23:fb:2d:44:d1:42:39:84:3d:86:
09:32:38:f7:6f:87:62:40:b2:7f:5b:75:5a:88:1b:
8a:70:32:c4:e4:53:64:fd:d8:4f:9e:25:42:87:6e:
9b:39:4c:c6:4e:b2:cc:7d:03:84:f2:cb:6d:e6:f7:
24:fa:85:dd:ce:c5:93:87:2f:01:1b:48:9b:56:f9:
1e:23:76:10:5b:44:a7:83:fc:43:5e:ce:93:f6:8b:
81:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7C:42:D8:15:1F:EB:AE:ED:4A:B2:E9:6F:A5:8B:BA:B1:83:0A:E9
X509v3 Authority Key Identifier:
keyid:9D:0A:74:9A:E2:5C:1C:BB:65:87:1D:41:6A:79:AB:4A:88:4A:C4:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQp0muJcHLtlhx1BanmrSohKxGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/mXxC2BUf667tSrLpb6WLurGDCuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85d0a7-d802-41c4-81af-1a6d3c99dc48/1/nQp0muJcHLtlhx1BanmrSohKxGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.8.0/21
185.69.13.0-185.69.15.255
185.81.188.0/22
IPv6:
2a01:b000::/32
Signature Algorithm: sha256WithRSAEncryption
9a:fa:5a:51:e2:31:5b:0e:2c:eb:33:8c:93:28:30:3f:57:39:
61:ac:98:c0:e7:01:36:bf:8d:9b:d0:0f:7b:08:fb:26:3b:48:
64:21:2f:ed:ec:13:38:13:ef:1e:25:7f:bf:d8:fe:2e:c9:16:
55:0c:bc:b4:4a:d6:73:76:d3:be:43:9e:de:ae:69:e1:72:1d:
26:ec:4a:0d:ad:ce:1e:d2:4f:a6:5e:b2:ac:1a:72:0e:2b:0a:
fa:9e:10:c5:cf:2c:4c:c1:17:eb:2c:34:d7:51:23:7f:38:2e:
56:a1:b7:28:4e:18:0e:23:9e:2d:3f:b7:fb:c2:bc:ab:34:b5:
d5:a7:6a:c9:e7:43:3d:62:a2:fa:96:50:dc:64:f6:ea:6c:c6:
cc:35:72:88:7a:cc:50:6d:d9:bc:05:89:5c:00:3b:cc:f1:89:
3b:f2:48:9b:1c:9b:1a:db:63:4e:46:e9:c0:f0:18:a9:26:5f:
3e:3e:88:16:7e:f1:64:46:44:ba:b3:b2:54:92:b0:49:c2:83:
56:29:b9:44:de:7f:ff:be:90:4d:50:8c:76:96:f8:dc:f1:e5:
89:4f:e4:7a:0b:ab:a0:1e:be:3f:b7:0d:eb:c9:99:ca:a6:d8:
d2:9a:a4:8b:c0:35:55:94:33:ac:38:01:8f:91:c9:d7:c0:94:
b4:ce:f2:5f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZMrWY/8KIEytKDYA32Ty9tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMGE3NDlhZTI1YzFjYmI2NTg3MWQ0MTZhNzlhYjRhODg0
YWM0NjgwHhcNMjQxMTE0MTU0NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdjNDJkODE1MWZlYmFlZWQ0YWIyZTk2ZmE1OGJiYWIxODMwYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMKBW6z/44i34IFd20/PYDgJcJs8
GrthINStr7op02V6WzXRQnYy7fGuBNRNfXLK77o3pPsMdtNCSpU/fcZS+0G3yCBV
Em5SJX/gkNwF9lmuevMN9PQ7tKx1BmYJwTqW0WUJJg9/TXUYfth63cTxAdFxsHc3
2L0YFyBLj+jLuzvcHxbi+2dCvN9VJEpx7y2hsWrhRo9SWjXDrgMneRkIb2qLlirK
reteZiP7LUTRQjmEPYYJMjj3b4diQLJ/W3VaiBuKcDLE5FNk/dhPniVCh26bOUzG
TrLMfQOE8stt5vck+oXdzsWThy8BG0ibVvkeI3YQW0Sng/xDXs6T9ouBsQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJl8QtgVH+uu7Uqy6W+li7qxgwrpMB8GA1UdIwQY
MBaAFJ0KdJriXBy7ZYcdQWp5q0qISsRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYt
MWE2ZDNjOTlkYzQ4LzEvbVh4QzJCVWY2Njd0U3JMcGI2V0x1ckdEQ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NWQwYTctZDgwMi00MWM0LTgxYWYtMWE2ZDNjOTlkYzQ4
LzEvblFwMG11SmNITHRsaHgxQmFubXJTb2hLeEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDLh4IMAwD
BAC5RQ0DBAS5RQADBAK5UbwwDQQCAAIwBwMFACoBsAAwDQYJKoZIhvcNAQELBQAD
ggEBAJr6WlHiMVsOLOszjJMoMD9XOWGsmMDnATa/jZvQD3sI+yY7SGQhL+3sEzgT
7x4lf7/Y/i7JFlUMvLRK1nN2075Dnt6uaeFyHSbsSg2tzh7ST6Zesqwacg4rCvqe
EMXPLEzBF+ssNNdRI384LlahtyhOGA4jni0/t/vCvKs0tdWnasnnQz1iovqWUNxk
9upsxsw1coh6zFBt2bwFiVwAO8zxiTvySJscmxrbY05G6cDwGKkmXz4+iBZ+8WRG
RLqzslSSsEnCg1YpuUTef/++kE1QjHaW+Nzx5YlP5HoLq6Aevj+3DevJmcqm2NKa
pIvANVWUM6w4AY+RydfAlLTO8l8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:44 2024 by rpki-client on console-ams.rpki-client.org