Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/MGllzYCse42xpHuUCUGNYxyM1uQ.roa
File: MGllzYCse42xpHuUCUGNYxyM1uQ.roa (raw, json)
Hash identifier: 18o8tZOrzPqvTntMPUB20hl94ZBQy6iZVWnEmQXOvdk=
Subject key identifier: 30:69:65:CD:80:AC:7B:8D:B1:A4:7B:94:09:41:8D:63:1C:8C:D6:E4
Certificate issuer: /CN=0d44da5c1904095860e868180573ee3c895a7b45
Certificate serial: 018CC5DBF00D965E12BBD2248E2875E017A6
Authority key identifier: 0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/MGllzYCse42xpHuUCUGNYxyM1uQ.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25697
IP address blocks: 185.168.48.0/24 maxlen: 24
2a03:3b00:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f0:0d:96:5e:12:bb:d2:24:8e:28:75:e0:17:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d44da5c1904095860e868180573ee3c895a7b45
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=306965cd80ac7b8db1a47b9409418d631c8cd6e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:d2:89:f8:27:0f:72:44:2a:01:0a:5a:95:
d2:34:0d:a9:d9:16:55:f2:96:ac:0d:37:cc:c5:a2:
ae:c2:46:02:4e:b3:47:1b:32:cc:65:45:81:cf:63:
55:70:1e:a2:4c:2b:c2:d1:ac:23:3f:96:2f:19:f4:
9b:84:b2:19:42:dd:30:db:2e:55:48:87:7b:96:50:
cf:f2:cc:80:42:a6:1b:9f:c0:1f:c6:da:8b:e5:16:
84:0f:2d:ed:92:a2:58:62:da:6e:c9:ea:3c:05:64:
cc:b1:b5:43:37:d4:76:03:6b:42:36:05:d0:b9:c7:
b6:3d:2d:c0:72:80:74:b6:c3:84:fa:15:4b:6a:13:
14:4c:36:38:f1:08:31:ae:d1:4f:11:22:41:bd:d1:
b5:2f:76:5a:e9:bc:2d:11:52:a2:7b:0b:a8:7e:9b:
d1:d0:cf:1c:c4:89:30:82:55:1e:93:6c:a8:15:9f:
9b:01:97:1c:87:ad:d8:2d:9b:46:ae:1c:bc:02:4f:
e5:e1:71:c9:11:f5:d9:55:68:fb:b8:da:ef:02:30:
ab:7a:d6:7d:a1:0f:d5:49:b1:5e:d2:d5:68:d8:32:
23:6e:6a:35:50:39:11:90:87:1e:1f:d0:92:ad:77:
d0:8d:86:63:d6:4f:fc:42:ba:e2:6e:e2:f3:16:96:
87:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:69:65:CD:80:AC:7B:8D:B1:A4:7B:94:09:41:8D:63:1C:8C:D6:E4
X509v3 Authority Key Identifier:
keyid:0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/MGllzYCse42xpHuUCUGNYxyM1uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.48.0/24
IPv6:
2a03:3b00:c::/48
Signature Algorithm: sha256WithRSAEncryption
af:21:fa:e4:69:b7:a3:96:6e:cc:3b:2d:16:72:46:6a:a3:0e:
4a:2e:4a:4b:0a:15:af:49:3c:06:a3:5b:51:9d:32:cf:14:f5:
5c:45:7d:c2:12:5a:49:21:98:59:3c:9d:59:25:fc:35:c7:64:
0d:cd:ba:e1:04:0a:87:6e:9c:1b:8e:76:62:eb:15:b2:8d:41:
06:aa:81:4b:60:4c:61:0d:95:4d:20:36:ba:a5:c3:d9:73:9f:
de:85:d6:b7:9c:75:f4:26:6f:d5:51:4b:dc:94:b6:d3:d5:fc:
37:4e:54:8e:e9:09:90:14:cc:41:65:55:5a:36:33:21:63:2b:
ea:eb:3b:84:69:2d:04:27:99:de:0f:56:44:26:4e:86:a3:af:
58:ce:25:4e:c4:e1:98:9d:c9:7b:e4:41:05:a9:78:61:07:6b:
37:bc:ec:43:dd:37:24:0c:94:2a:0a:d4:e7:c5:88:66:64:1d:
74:88:e3:c3:78:03:95:8c:16:ea:69:09:8c:d3:28:ea:17:de:
34:50:f8:49:06:ec:d2:90:b5:b1:0d:09:66:55:ad:4d:9c:5b:
c3:c8:8f:6d:38:24:c8:a4:4b:39:9a:14:4a:fc:fd:b9:70:f1:
7c:5a:bd:4e:c9:dc:3c:b6:97:7c:22:c4:6d:80:84:70:4f:3d:
c6:6f:c8:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF2/ANll4Su9Ikjih14BemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDRkYTVjMTkwNDA5NTg2MGU4NjgxODA1NzNlZTNjODk1
YTdiNDUwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY5NjVjZDgwYWM3YjhkYjFhNDdiOTQwOTQxOGQ2MzFjOGNkNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD3SifgnD3JEKgEKWpXSNA2p2RZV
8pasDTfMxaKuwkYCTrNHGzLMZUWBz2NVcB6iTCvC0awjP5YvGfSbhLIZQt0w2y5V
SId7llDP8syAQqYbn8AfxtqL5RaEDy3tkqJYYtpuyeo8BWTMsbVDN9R2A2tCNgXQ
uce2PS3AcoB0tsOE+hVLahMUTDY48QgxrtFPESJBvdG1L3Za6bwtEVKiewuofpvR
0M8cxIkwglUek2yoFZ+bAZcch63YLZtGrhy8Ak/l4XHJEfXZVWj7uNrvAjCretZ9
oQ/VSbFe0tVo2DIjbmo1UDkRkIceH9CSrXfQjYZj1k/8QrribuLzFpaHYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDBpZc2ArHuNsaR7lAlBjWMcjNbkMB8GA1UdIwQY
MBaAFA1E2lwZBAlYYOhoGAVz7jyJWntFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTct
MjdmYjU4MjJiMzJkLzEvTUdsbHpZQ3NlNDJ4cEh1VUNVR05ZeHlNMXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTctMjdmYjU4MjJiMzJk
LzEvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuagwMA8E
AgACMAkDBwAqAzsAAAwwDQYJKoZIhvcNAQELBQADggEBAK8h+uRpt6OWbsw7LRZy
RmqjDkouSksKFa9JPAajW1GdMs8U9VxFfcISWkkhmFk8nVkl/DXHZA3NuuEECodu
nBuOdmLrFbKNQQaqgUtgTGENlU0gNrqlw9lzn96F1recdfQmb9VRS9yUttPV/DdO
VI7pCZAUzEFlVVo2MyFjK+rrO4RpLQQnmd4PVkQmToajr1jOJU7E4ZidyXvkQQWp
eGEHaze87EPdNyQMlCoK1OfFiGZkHXSI48N4A5WMFuppCYzTKOoX3jRQ+EkG7NKQ
tbENCWZVrU2cW8PIj204JMikSzmaFEr8/blw8XxavU7J3Dy2l3wixG2AhHBPPcZv
yKQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:49 2024 by rpki-client on console-fra.rpki-client.org