Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/mWDweMQx6U_Ix4r8_N5UASG4G7w.roa
File: mWDweMQx6U_Ix4r8_N5UASG4G7w.roa (raw, json)
Hash identifier: HPMTQ7o/LzQI/jjcGtvWmbs4nCPslkanjPde2P0dGBw=
Subject key identifier: 99:60:F0:78:C4:31:E9:4F:C8:C7:8A:FC:FC:DE:54:01:21:B8:1B:BC
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC3489717ED5C0FC39BC8312966DD6D06
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/mWDweMQx6U_Ix4r8_N5UASG4G7w.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210842
IP address blocks: 2a0d:2684::/32 maxlen: 48
2a0d:2681::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:97:17:ed:5c:0f:c3:9b:c8:31:29:66:dd:6d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9960f078c431e94fc8c78afcfcde540121b81bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:05:95:24:50:42:cb:22:14:db:29:51:18:d4:
be:99:25:38:81:7e:1f:85:5e:28:bd:19:4f:2b:39:
02:6f:51:c5:be:14:05:d3:b0:4e:b9:22:e2:54:13:
08:8a:e2:3a:2e:33:17:13:c8:6a:47:fa:f0:1b:91:
b1:40:b7:7c:6a:cb:67:4e:3d:62:fd:3c:b2:89:c8:
b7:23:e1:53:34:24:02:0b:40:5d:63:39:62:d6:76:
3d:7c:39:27:31:ca:80:98:97:b2:51:f5:c4:a0:67:
fb:32:ea:23:e2:27:cb:a2:78:ed:77:c8:8e:9f:29:
61:a6:21:7c:ca:1d:a0:55:61:3f:5b:f7:b8:0f:7a:
8e:1c:fa:e1:d6:78:69:2a:e4:89:2e:8e:14:29:bd:
50:50:f1:7c:48:0f:fc:46:7d:b4:c1:fb:90:93:1f:
88:50:df:18:80:dd:85:75:aa:3e:aa:44:61:c9:18:
dc:8a:75:83:76:98:8c:b2:b4:7a:3a:e6:25:e0:fb:
61:fb:47:c2:20:76:62:59:cc:ca:de:35:3b:da:80:
7f:9a:6f:22:35:ad:d7:61:01:b9:cf:40:7a:b0:54:
77:d1:ec:10:f8:d0:71:ae:29:38:46:16:ab:10:e5:
d5:0b:90:7e:72:25:f0:48:fa:6f:2c:0c:e1:d2:5b:
dc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:60:F0:78:C4:31:E9:4F:C8:C7:8A:FC:FC:DE:54:01:21:B8:1B:BC
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/mWDweMQx6U_Ix4r8_N5UASG4G7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2681::/32
2a0d:2684::/32
Signature Algorithm: sha256WithRSAEncryption
4e:84:33:ef:b0:23:06:c7:6b:36:66:5f:0a:32:fe:2c:ba:0a:
fc:c6:c2:0c:c3:46:f3:f9:46:ae:b6:88:d0:e3:26:54:ba:ee:
52:dd:1b:4b:47:77:f1:ad:51:85:ef:ce:c0:5e:0d:b8:71:28:
2d:fb:4d:0a:f8:e4:d5:e8:60:26:9c:96:06:f3:60:2c:7b:63:
3f:4c:2d:c9:dc:c4:a4:d3:e6:1c:af:fb:e9:78:f4:29:7a:18:
de:cd:18:0d:60:ae:88:0d:63:f8:fe:c0:d8:b8:94:bd:b8:6f:
18:40:fe:1e:ef:d0:38:9a:73:08:c0:48:bc:90:a3:b1:5c:25:
2b:b9:01:a5:12:44:c1:20:fe:f2:97:95:6f:5b:15:39:64:88:
cc:ab:01:83:b3:37:62:5e:9e:17:ad:9e:56:b0:6e:7b:71:2f:
1d:4e:19:fe:25:19:fd:e7:c0:5f:71:bd:8e:3d:f2:9f:e8:66:
8a:38:1b:ed:8f:81:94:d4:31:c2:85:30:92:5c:5b:cc:ac:d0:
bc:95:9f:6e:ab:e6:4e:fe:c1:25:03:b4:21:62:ca:f4:d0:fb:
c2:d7:95:59:80:a1:64:00:bc:75:6f:1f:b3:7e:2b:1b:a4:2b:
86:db:f0:e3:8d:be:be:4c:d0:1d:67:10:61:79:4c:a9:9c:bb:
eb:a9:69:4a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSJcX7VwPw5vIMSlm3W0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTYwZjA3OGM0MzFlOTRmYzhjNzhhZmNmY2RlNTQwMTIxYjgxYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgWVJFBCyyIU2ylRGNS+mSU4gX4f
hV4ovRlPKzkCb1HFvhQF07BOuSLiVBMIiuI6LjMXE8hqR/rwG5GxQLd8astnTj1i
/Tyyici3I+FTNCQCC0BdYzli1nY9fDknMcqAmJeyUfXEoGf7Muoj4ifLonjtd8iO
nylhpiF8yh2gVWE/W/e4D3qOHPrh1nhpKuSJLo4UKb1QUPF8SA/8Rn20wfuQkx+I
UN8YgN2Fdao+qkRhyRjcinWDdpiMsrR6OuYl4Pth+0fCIHZiWczK3jU72oB/mm8i
Na3XYQG5z0B6sFR30ewQ+NBxrik4RharEOXVC5B+ciXwSPpvLAzh0lvcCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJlg8HjEMelPyMeK/PzeVAEhuBu8MB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvbVdEd2VNUXg2VV9JeDRyOF9ONVVBU0c0Rzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg0mgQMF
ACoNJoQwDQYJKoZIhvcNAQELBQADggEBAE6EM++wIwbHazZmXwoy/iy6CvzGwgzD
RvP5Rq62iNDjJlS67lLdG0tHd/GtUYXvzsBeDbhxKC37TQr45NXoYCaclgbzYCx7
Yz9MLcncxKTT5hyv++l49Cl6GN7NGA1grogNY/j+wNi4lL24bxhA/h7v0DiacwjA
SLyQo7FcJSu5AaUSRMEg/vKXlW9bFTlkiMyrAYOzN2JenhetnlawbntxLx1OGf4l
Gf3nwF9xvY498p/oZoo4G+2PgZTUMcKFMJJcW8ys0LyVn26r5k7+wSUDtCFiyvTQ
+8LXlVmAoWQAvHVvH7N+KxukK4bb8OONvr5M0B1nEGF5TKmcu+upaUo=
-----END CERTIFICATE-----
Generated at Wed May 15 21:48:47 2024 by rpki-client on console-ams.rpki-client.org