Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/k3JjgyOxRM0kMMzA66gJuHobHww.roa
File: k3JjgyOxRM0kMMzA66gJuHobHww.roa (raw, json)
Hash identifier: ioLFiHVQauTWtOOgF+qsHMWDA1ULeNwcInrgWSDkhto=
Subject key identifier: 93:72:63:83:23:B1:44:CD:24:30:CC:C0:EB:A8:09:B8:7A:1B:1F:0C
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 018CC94DFB966E9CDD0F6516109C9190634B
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/k3JjgyOxRM0kMMzA66gJuHobHww.roa
Signing time: Tue 02 Jan 2024 08:33:00 +0000
ROA not before: Tue 02 Jan 2024 08:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41092
IP address blocks: 148.81.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:fb:96:6e:9c:dd:0f:65:16:10:9c:91:90:63:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 2 08:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9372638323b144cd2430ccc0eba809b87a1b1f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:93:64:ea:39:7c:8e:44:0f:c3:3a:d2:cf:65:
99:42:ce:74:1c:53:9d:b7:7c:27:be:c6:2b:ec:43:
a6:5d:8e:c6:23:eb:60:90:30:06:b2:7c:61:f6:bb:
35:45:f1:36:1e:9b:a4:e4:8d:1f:8f:b4:c0:e6:3e:
81:8f:e3:c6:45:00:a0:75:5c:99:08:f3:1f:2f:a8:
9c:0e:e7:ea:39:30:cc:70:a0:be:fb:3d:b3:84:20:
10:4d:ff:db:5d:62:74:fc:32:7f:5d:4f:cb:4d:02:
6d:78:bd:ed:7e:99:c9:a4:33:eb:f5:73:16:32:93:
16:8d:af:f2:e4:0b:23:b2:fe:a4:84:f0:89:2b:38:
51:f0:8a:b3:2d:a9:c3:44:56:e8:d1:63:57:0c:61:
bb:54:0e:ea:dc:7a:9b:4a:c0:6a:8b:ce:7c:10:10:
9a:d6:16:87:b2:22:55:2e:e1:7f:7e:76:33:45:d8:
b3:ea:64:a0:35:bc:a7:40:c8:c1:cd:fa:a0:63:5e:
9a:26:e1:e9:76:d8:52:56:e6:40:d6:4e:f3:75:2f:
fc:73:45:04:ec:4f:93:06:8a:c5:92:e6:6a:ea:45:
29:98:5a:95:4c:20:fd:3b:cf:92:ec:e4:e4:3a:24:
83:37:3a:44:64:30:c6:d3:32:7e:d2:88:46:4f:4e:
07:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:72:63:83:23:B1:44:CD:24:30:CC:C0:EB:A8:09:B8:7A:1B:1F:0C
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/k3JjgyOxRM0kMMzA66gJuHobHww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.81.127.0/24
Signature Algorithm: sha256WithRSAEncryption
42:3d:51:39:92:18:35:5d:db:fa:81:f7:a3:ff:92:7f:d4:67:
9d:5c:0f:6c:88:35:17:8e:67:08:f7:1b:c0:3e:1f:85:ad:5b:
76:03:3a:df:1a:9e:8c:21:92:6d:19:ef:97:04:b0:6a:57:2c:
72:91:9b:05:7a:b9:4b:46:8a:10:cd:61:0c:5a:bc:34:6a:e3:
db:27:34:04:24:4e:b3:b6:0f:2c:c7:0a:b0:4a:88:9f:3d:7b:
81:9c:f8:cd:d9:1d:30:fb:ec:7d:b0:09:dd:31:a8:08:08:87:
62:59:a4:eb:5e:dc:e0:d5:fe:68:51:81:6c:56:93:7d:39:ff:
50:86:bd:b7:52:df:fb:b8:2d:8d:4c:6a:50:12:c0:b0:ae:5f:
61:e8:d0:5b:d3:75:8a:46:ce:2a:2f:5f:55:fc:c4:11:4c:be:
1e:e2:d0:dc:94:57:55:d0:c0:4d:b1:33:c3:1e:e9:61:f2:0a:
65:e2:3c:4d:c3:6d:3d:b8:e2:8d:dc:01:6d:dd:45:a4:4a:ef:
72:6c:f9:91:54:b2:52:6e:d2:43:72:6b:d1:08:b2:8e:ed:b3:
fb:ad:f0:09:e5:4c:34:4a:6c:94:48:3a:3c:a5:fc:75:44:26:
4c:ae:eb:69:9f:44:f5:ad:d1:4b:d4:28:fb:13:88:a2:1a:ca:
3a:ed:6c:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTfuWbpzdD2UWEJyRkGNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjQwMTAyMDgzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzcyNjM4MzIzYjE0NGNkMjQzMGNjYzBlYmE4MDliODdhMWIxZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JNk6jl8jkQPwzrSz2WZQs50HFOd
t3wnvsYr7EOmXY7GI+tgkDAGsnxh9rs1RfE2Hpuk5I0fj7TA5j6Bj+PGRQCgdVyZ
CPMfL6icDufqOTDMcKC++z2zhCAQTf/bXWJ0/DJ/XU/LTQJteL3tfpnJpDPr9XMW
MpMWja/y5Asjsv6khPCJKzhR8IqzLanDRFbo0WNXDGG7VA7q3HqbSsBqi858EBCa
1haHsiJVLuF/fnYzRdiz6mSgNbynQMjBzfqgY16aJuHpdthSVuZA1k7zdS/8c0UE
7E+TBorFkuZq6kUpmFqVTCD9O8+S7OTkOiSDNzpEZDDG0zJ+0ohGT04HeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNyY4MjsUTNJDDMwOuoCbh6Gx8MMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvazNKamd5T3hSTTBrTU16QTY2Z0p1SG9iSHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlFF/MA0G
CSqGSIb3DQEBCwUAA4IBAQBCPVE5khg1Xdv6gfej/5J/1GedXA9siDUXjmcI9xvA
Ph+FrVt2AzrfGp6MIZJtGe+XBLBqVyxykZsFerlLRooQzWEMWrw0auPbJzQEJE6z
tg8sxwqwSoifPXuBnPjN2R0w++x9sAndMagICIdiWaTrXtzg1f5oUYFsVpN9Of9Q
hr23Ut/7uC2NTGpQEsCwrl9h6NBb03WKRs4qL19V/MQRTL4e4tDclFdV0MBNsTPD
Hulh8gpl4jxNw209uOKN3AFt3UWkSu9ybPmRVLJSbtJDcmvRCLKO7bP7rfAJ5Uw0
SmyUSDo8pfx1RCZMrutpn0T1rdFL1Cj7E4iiGso67WwI
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:27:38 2024 by rpki-client on console-ams.rpki-client.org