Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/mbN774R2FxWr1iCu6DFKxgODBng.roa
File: mbN774R2FxWr1iCu6DFKxgODBng.roa (raw, json)
Hash identifier: z2Tvg4zLRdxLoMv21UIVvaEb2trHA9vdwaXGO0Ua6YE=
Subject key identifier: 99:B3:7B:EF:84:76:17:15:AB:D6:20:AE:E8:31:4A:C6:03:83:06:78
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 018CC725AD629174EEEF25BF86F922ADFC90
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/mbN774R2FxWr1iCu6DFKxgODBng.roa
Signing time: Mon 01 Jan 2024 22:29:44 +0000
ROA not before: Mon 01 Jan 2024 22:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15958
IP address blocks: 109.245.16.0/20 maxlen: 20
109.245.228.0/22 maxlen: 22
109.245.232.0/21 maxlen: 21
109.245.240.0/20 maxlen: 20
217.65.192.0/20 maxlen: 20
217.65.196.0/22 maxlen: 22
217.65.201.0/24 maxlen: 24
217.65.200.0/21 maxlen: 21
217.65.202.0/23 maxlen: 23
217.65.204.0/22 maxlen: 22
109.245.40.0/21 maxlen: 21
109.245.48.0/20 maxlen: 20
109.245.192.0/19 maxlen: 19
109.106.224.0/20 maxlen: 20
109.245.0.0/21 maxlen: 21
109.245.8.0/22 maxlen: 22
109.245.0.0/16 maxlen: 16
2a01:ac80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:ad:62:91:74:ee:ef:25:bf:86:f9:22:ad:fc:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Jan 1 22:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99b37bef84761715abd620aee8314ac603830678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f7:74:c2:81:43:b7:a9:96:18:d7:d4:a5:46:
01:51:0a:68:47:0d:b7:4b:92:64:27:33:e9:6b:e0:
03:f0:25:74:1c:a1:c6:e6:4b:e5:3d:e0:11:c2:72:
cd:bc:52:86:fd:78:d5:51:07:6c:79:e7:45:ff:19:
8b:79:56:4e:dc:e2:8b:36:ad:bb:c4:5f:1c:a7:89:
2f:0d:42:c6:00:78:47:a1:ba:a5:5b:7f:b3:54:33:
7f:eb:ad:fa:2a:dc:ee:51:bd:1a:98:33:74:c1:b6:
da:b8:27:fa:98:7a:71:16:ee:19:3b:98:64:7a:e9:
c3:a7:5f:ce:4b:16:3f:2f:24:16:97:ba:02:6e:94:
dc:ad:76:5c:24:a7:45:6f:f5:fe:6b:9f:62:6e:f1:
d6:ce:a2:35:49:31:dd:99:f7:da:f4:48:c8:7a:f2:
ad:cc:c1:75:bc:75:39:c0:0c:5c:59:8b:0b:76:09:
7b:5e:e8:b1:20:06:dc:2b:d3:b8:b4:8f:44:ee:ff:
02:25:f9:a7:36:f8:e6:18:e9:b8:e9:71:cf:24:cc:
af:c5:64:46:1b:65:1e:a6:3d:34:8b:0f:e5:e7:a6:
17:f6:44:a6:48:09:bd:aa:cb:27:00:49:55:45:6d:
c2:1a:63:db:0d:44:d9:76:cb:40:55:9e:3b:a7:fb:
d8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B3:7B:EF:84:76:17:15:AB:D6:20:AE:E8:31:4A:C6:03:83:06:78
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/mbN774R2FxWr1iCu6DFKxgODBng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.224.0/20
109.245.0.0/16
217.65.192.0/20
IPv6:
2a01:ac80::/32
Signature Algorithm: sha256WithRSAEncryption
3c:20:c0:5b:2f:04:06:f1:ca:70:e0:55:e2:dd:94:64:ab:00:
46:1f:b9:66:d4:95:69:c6:81:ee:db:fe:1d:a9:2e:05:e9:b4:
1b:3f:41:86:1d:db:0f:13:10:33:2a:e9:22:50:c1:7e:f5:b6:
d7:1a:e5:3c:87:e3:e3:ff:53:28:59:2f:1c:3c:e0:4f:e5:94:
e5:69:a6:6b:f1:aa:f7:6f:33:4a:77:e8:cc:a4:b3:c7:0e:81:
2e:f9:66:39:dd:fd:f8:7d:2a:44:67:31:f6:cb:f7:36:f0:9f:
1f:92:9c:f1:6c:50:f1:55:86:30:1e:a2:3b:54:e2:91:39:bc:
40:31:56:f8:ea:0d:6b:42:33:c4:11:ac:2e:ef:ca:cf:f7:52:
36:69:ac:7e:11:28:00:0f:17:1a:6f:a9:1b:e5:f7:df:01:b8:
9b:26:04:0d:96:2c:f7:ea:93:3c:6c:d5:99:df:30:ec:b2:43:
17:bf:84:10:52:4a:ca:26:d7:78:85:6b:50:9b:08:8b:ae:fd:
f2:bd:c6:4d:7f:e4:f0:06:83:c6:3f:5d:48:6f:80:3a:b3:6a:
25:13:b6:0d:85:cc:7b:a8:01:02:a4:5c:2c:94:cd:b3:ca:37:
44:81:31:2b:f2:2c:f2:c1:bd:73:24:b3:9f:35:78:07:da:d9:
2a:f9:8b:11
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJa1ikXTu7yW/hvkirfyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjQwMTAxMjIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIzN2JlZjg0NzYxNzE1YWJkNjIwYWVlODMxNGFjNjAzODMwNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivd0woFDt6mWGNfUpUYBUQpoRw23
S5JkJzPpa+AD8CV0HKHG5kvlPeARwnLNvFKG/XjVUQdseedF/xmLeVZO3OKLNq27
xF8cp4kvDULGAHhHobqlW3+zVDN/6636KtzuUb0amDN0wbbauCf6mHpxFu4ZO5hk
eunDp1/OSxY/LyQWl7oCbpTcrXZcJKdFb/X+a59ibvHWzqI1STHdmffa9EjIevKt
zMF1vHU5wAxcWYsLdgl7XuixIAbcK9O4tI9E7v8CJfmnNvjmGOm46XHPJMyvxWRG
G2Uepj00iw/l56YX9kSmSAm9qssnAElVRW3CGmPbDUTZdstAVZ47p/vYdQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJmze++EdhcVq9YgrugxSsYDgwZ4MB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvbWJONzc0UjJGeFdyMWlDdTZERkt4Z09EQm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQEbWrgAwMA
bfUDBATZQcAwDQQCAAIwBwMFACoBrIAwDQYJKoZIhvcNAQELBQADggEBADwgwFsv
BAbxynDgVeLdlGSrAEYfuWbUlWnGge7b/h2pLgXptBs/QYYd2w8TEDMq6SJQwX71
ttca5TyH4+P/UyhZLxw84E/llOVppmvxqvdvM0p36Myks8cOgS75Zjnd/fh9KkRn
MfbL9zbwnx+SnPFsUPFVhjAeojtU4pE5vEAxVvjqDWtCM8QRrC7vys/3UjZprH4R
KAAPFxpvqRvl998BuJsmBA2WLPfqkzxs1ZnfMOyyQxe/hBBSSsom13iFa1CbCIuu
/fK9xk1/5PAGg8Y/XUhvgDqzaiUTtg2FzHuoAQKkXCyUzbPKN0SBMSvyLPLBvXMk
s581eAfa2Sr5ixE=
-----END CERTIFICATE-----
Generated at Sun May 26 09:10:08 2024 by rpki-client on console-fra.rpki-client.org