Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/mlPY7JS-letkF0iIiKCI6QtG_0Q.roa
File: mlPY7JS-letkF0iIiKCI6QtG_0Q.roa (raw, json)
Hash identifier: 3p/5VBIGN+vR53WtRYMk0Ni+YzJ6xx2dmKEitWK1Nfk=
Subject key identifier: 9A:53:D8:EC:94:BE:95:EB:64:17:48:88:88:A0:88:E9:0B:46:FF:44
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018CCA99F5EC76414994DD6E9DA598370850
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/mlPY7JS-letkF0iIiKCI6QtG_0Q.roa
Signing time: Tue 02 Jan 2024 14:35:36 +0000
ROA not before: Tue 02 Jan 2024 14:35:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3329
IP address blocks: 2a01:830::/32 maxlen: 32
2a01:8c8::/32 maxlen: 32
2a01:830:8000::/48 maxlen: 48
2a01:830:8001::/48 maxlen: 48
2a01:831::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:f5:ec:76:41:49:94:dd:6e:9d:a5:98:37:08:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 14:35:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a53d8ec94be95eb6417488888a088e90b46ff44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:88:99:fb:d7:69:ab:a0:20:9f:e4:fa:9a:fa:
b8:45:31:41:bb:77:4e:69:7e:c0:7c:9a:f3:80:d6:
dd:57:4e:8c:6c:5d:f6:0e:0b:ff:f6:7a:3e:00:bd:
e3:09:0e:b1:d7:d7:cd:a5:95:e5:56:66:85:67:a6:
b2:e0:49:54:54:34:18:a2:04:4a:48:b0:52:2a:eb:
70:cf:5d:ed:9d:49:10:2d:24:09:d0:e4:16:f7:9c:
92:30:ea:1a:f1:fd:e4:37:8c:bd:19:c3:78:e3:87:
19:6c:a1:ed:96:6b:dc:60:61:fb:3f:65:bd:b2:5f:
d0:ae:2f:ba:54:16:9f:61:66:94:ba:03:bd:51:43:
ae:8d:97:bc:dd:54:dd:cd:a6:e1:94:b9:85:01:b3:
bd:80:a5:1a:80:82:f9:9f:a4:91:c8:6b:da:e3:36:
26:89:9f:eb:37:c8:82:7a:4d:69:f3:b5:c1:da:75:
18:14:7c:2a:90:a0:5b:8e:65:6c:e5:a9:f1:82:07:
27:59:2b:01:2a:86:7c:6b:7b:8d:d1:9c:33:a0:d5:
15:b8:6c:d3:68:44:52:e8:19:da:c5:be:54:03:8c:
81:fd:07:62:75:87:a9:a6:5f:f4:5d:43:bc:87:83:
02:93:84:01:f7:3d:68:d8:19:cc:82:ac:0d:2f:67:
10:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:53:D8:EC:94:BE:95:EB:64:17:48:88:88:A0:88:E9:0B:46:FF:44
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/mlPY7JS-letkF0iIiKCI6QtG_0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:830::/31
2a01:8c8::/32
Signature Algorithm: sha256WithRSAEncryption
98:c4:6f:d6:e1:ab:62:21:f9:43:5e:e5:f9:9f:a2:05:6e:7e:
16:b0:c8:ae:7f:f9:f8:b8:47:c9:97:68:f5:c6:73:d5:27:e0:
d2:3d:eb:6b:47:c5:ef:90:a7:64:e9:80:68:a0:8b:08:29:e2:
ce:98:2f:ce:ef:62:ed:9d:62:9a:60:f8:0f:f8:7d:b1:c1:e1:
07:64:da:9e:69:2a:1a:a0:53:2c:38:9f:28:1c:dd:21:48:32:
9e:62:94:e8:2f:69:f1:6f:af:19:ef:bd:20:c6:48:d3:22:97:
75:56:ec:ce:38:83:24:c5:1d:42:15:ba:2f:bf:16:bd:4c:a8:
47:e3:79:51:92:3b:22:00:16:f7:1d:85:7e:e5:cb:4c:d1:21:
e6:b5:3f:1f:84:19:0b:07:0e:e1:e6:4c:10:5c:04:9f:91:02:
0b:85:8a:cc:42:15:53:26:e3:bb:14:ca:ab:27:44:f5:f4:51:
20:76:14:b3:35:08:77:8e:e2:1d:ad:75:7d:0e:cc:97:e7:09:
76:29:ae:bd:3b:81:39:6d:52:21:df:37:72:36:38:70:e5:9d:
5e:7e:cc:48:e3:d8:8a:a8:65:f1:5f:86:59:26:7c:ff:ed:2e:
60:94:fb:72:34:8d:7f:dd:c7:29:31:6d:15:28:cd:89:07:45:
9b:0f:f8:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmfXsdkFJlN1unaWYNwhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwMTAyMTQzNTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTUzZDhlYzk0YmU5NWViNjQxNzQ4ODg4OGEwODhlOTBiNDZmZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4iZ+9dpq6Agn+T6mvq4RTFBu3dO
aX7AfJrzgNbdV06MbF32Dgv/9no+AL3jCQ6x19fNpZXlVmaFZ6ay4ElUVDQYogRK
SLBSKutwz13tnUkQLSQJ0OQW95ySMOoa8f3kN4y9GcN444cZbKHtlmvcYGH7P2W9
sl/Qri+6VBafYWaUugO9UUOujZe83VTdzabhlLmFAbO9gKUagIL5n6SRyGva4zYm
iZ/rN8iCek1p87XB2nUYFHwqkKBbjmVs5anxggcnWSsBKoZ8a3uN0ZwzoNUVuGzT
aERS6Bnaxb5UA4yB/QdidYeppl/0XUO8h4MCk4QB9z1o2BnMgqwNL2cQfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJpT2OyUvpXrZBdIiIigiOkLRv9EMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvbWxQWTdKUy1sZXRrRjBpSWlLQ0k2UXRHXzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKgEIMAMF
ACoBCMgwDQYJKoZIhvcNAQELBQADggEBAJjEb9bhq2Ih+UNe5fmfogVufhawyK5/
+fi4R8mXaPXGc9Un4NI962tHxe+Qp2TpgGigiwgp4s6YL87vYu2dYppg+A/4fbHB
4Qdk2p5pKhqgUyw4nygc3SFIMp5ilOgvafFvrxnvvSDGSNMil3VW7M44gyTFHUIV
ui+/Fr1MqEfjeVGSOyIAFvcdhX7ly0zRIea1Px+EGQsHDuHmTBBcBJ+RAguFisxC
FVMm47sUyqsnRPX0USB2FLM1CHeO4h2tdX0OzJfnCXYprr07gTltUiHfN3I2OHDl
nV5+zEjj2IqoZfFfhlkmfP/tLmCU+3I0jX/dxykxbRUozYkHRZsP+C4=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:17:15 2024 by rpki-client on console-ams.rpki-client.org