Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/mgpkxJiIsVqpiRLh4J64EMfaCpI.roa
File: mgpkxJiIsVqpiRLh4J64EMfaCpI.roa (raw, json)
Hash identifier: fsfmg1IWScLj0Xl9trYe+QcsKk4J7rMpL8zo54/wB/c=
Subject key identifier: 9A:0A:64:C4:98:88:B1:5A:A9:89:12:E1:E0:9E:B8:10:C7:DA:0A:92
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 018CC802D95A78D0EEDF340DCF409B600894
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/mgpkxJiIsVqpiRLh4J64EMfaCpI.roa
Signing time: Tue 02 Jan 2024 02:31:19 +0000
ROA not before: Tue 02 Jan 2024 02:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 128.127.169.0/24 maxlen: 24
128.127.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d9:5a:78:d0:ee:df:34:0d:cf:40:9b:60:08:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 2 02:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a0a64c49888b15aa98912e1e09eb810c7da0a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b2:86:fc:78:3b:01:29:28:27:b6:82:39:fa:
9c:04:f0:f0:14:44:db:8d:92:11:b3:46:6d:f8:52:
01:27:b5:ce:fb:e0:3c:fc:a9:44:99:9d:a7:e5:be:
c4:01:06:6d:54:4b:ec:a9:c8:48:c1:4b:99:d7:eb:
d7:c9:f2:dc:fb:cb:89:7e:11:8b:36:6d:f7:1f:f9:
d0:3c:98:38:4e:fa:2a:15:48:5a:26:f3:a8:69:17:
26:0f:f6:0b:1c:e6:c4:c8:31:1e:2c:1a:22:8c:72:
4b:64:a8:ad:0b:0d:bc:3c:c2:d9:c7:11:1c:1b:95:
c3:a4:fd:af:fe:ca:1e:93:0c:6e:67:56:d8:c4:f0:
8c:2b:bf:fd:4a:90:4c:6a:24:57:ac:32:8a:ed:c9:
f6:39:c0:00:1d:9c:db:d1:99:a9:7c:73:f1:7e:d5:
25:c1:23:18:45:df:60:be:77:9f:b4:9a:6e:ce:1a:
6d:68:87:23:b0:6f:a4:a7:ca:22:89:fb:dc:39:07:
ff:63:f2:d9:bf:39:95:a1:61:1d:e2:b1:2b:b6:f5:
fc:26:5f:14:ef:04:05:21:a1:28:32:46:28:6c:4d:
93:39:d0:19:23:18:9b:76:3c:5b:70:9d:b2:b4:89:
60:53:53:0b:cb:6f:7b:db:f0:98:11:95:b9:50:84:
2d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0A:64:C4:98:88:B1:5A:A9:89:12:E1:E0:9E:B8:10:C7:DA:0A:92
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/mgpkxJiIsVqpiRLh4J64EMfaCpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.169.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
36:c9:d4:1f:ef:18:ff:73:3b:5e:30:81:a4:f6:91:3b:f5:ac:
81:73:5e:7a:a0:65:41:35:1f:31:3c:bc:44:a4:ae:4a:e4:24:
a7:24:24:92:33:35:79:7b:42:2d:c3:4a:7b:47:82:51:5c:f6:
53:ca:7a:69:78:44:37:2c:c5:3a:47:cc:5d:25:8a:28:53:a2:
fc:1f:7e:9b:e8:bb:47:f4:d4:13:85:41:95:de:56:25:d9:d5:
c4:a7:e3:87:43:ea:30:7b:3b:ef:bf:ff:79:93:12:b4:80:bd:
4f:ac:98:a7:96:0e:ff:b3:c3:8d:97:4f:2c:ae:cd:aa:6c:7b:
62:d0:a1:b9:bc:59:84:60:7c:77:11:16:ed:72:9c:a4:f7:7f:
0f:f3:a8:0a:e8:85:4f:71:cb:9d:bc:d9:fa:10:06:cb:07:7b:
f2:e6:1b:c6:d9:f4:e9:30:46:07:13:1f:ee:b3:7e:bb:86:fe:
21:20:97:7a:13:53:6e:e8:29:c1:9b:0a:00:ff:c1:0d:3e:a7:
c6:7c:10:39:e7:15:7b:90:77:ce:bb:28:33:c1:67:97:f4:60:
07:4d:4c:f7:db:18:ad:e1:0d:af:9a:7a:26:c8:a6:18:25:63:
f7:10:15:0f:91:a2:a9:f0:dc:46:56:2a:98:a8:46:3d:9d:7b:
26:7f:76:d6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIAtlaeNDu3zQNz0CbYAiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGIxZTM4YzcwNGJkMDhlM2I5ZDE3ZjU5MDM2N2IxZDFm
MDNjNGEwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTBhNjRjNDk4ODhiMTVhYTk4OTEyZTFlMDllYjgxMGM3ZGEwYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLKG/Hg7ASkoJ7aCOfqcBPDwFETb
jZIRs0Zt+FIBJ7XO++A8/KlEmZ2n5b7EAQZtVEvsqchIwUuZ1+vXyfLc+8uJfhGL
Nm33H/nQPJg4TvoqFUhaJvOoaRcmD/YLHObEyDEeLBoijHJLZKitCw28PMLZxxEc
G5XDpP2v/soekwxuZ1bYxPCMK7/9SpBMaiRXrDKK7cn2OcAAHZzb0ZmpfHPxftUl
wSMYRd9gvneftJpuzhptaIcjsG+kp8oiifvcOQf/Y/LZvzmVoWEd4rErtvX8Jl8U
7wQFIaEoMkYobE2TOdAZIxibdjxbcJ2ytIlgU1MLy2972/CYEZW5UIQtqwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJoKZMSYiLFaqYkS4eCeuBDH2gqSMB8GA1UdIwQY
MBaAFAULHjjHBL0I47nRf1kDZ7HR8DxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYt
YTAxZTllNmRjYmYyLzEvbWdwa3hKaUlzVnFwaVJMaDRKNjRFTWZhQ3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zY2M5YjQtMWVmZi00OGM5LWIyZjYtYTAxZTllNmRjYmYy
LzEvQlFzZU9NY0V2UWpqdWRGX1dRTm5zZEh3UEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACAf6kD
BACAf6owDQYJKoZIhvcNAQELBQADggEBADbJ1B/vGP9zO14wgaT2kTv1rIFzXnqg
ZUE1HzE8vESkrkrkJKckJJIzNXl7Qi3DSntHglFc9lPKeml4RDcsxTpHzF0liihT
ovwffpvou0f01BOFQZXeViXZ1cSn44dD6jB7O++//3mTErSAvU+smKeWDv+zw42X
Tyyuzapse2LQobm8WYRgfHcRFu1ynKT3fw/zqArohU9xy5282foQBssHe/LmG8bZ
9OkwRgcTH+6zfruG/iEgl3oTU27oKcGbCgD/wQ0+p8Z8EDnnFXuQd867KDPBZ5f0
YAdNTPfbGK3hDa+aeibIphglY/cQFQ+Roqnw3EZWKpioRj2deyZ/dtY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:05 2024 by rpki-client on console-ams.rpki-client.org