Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/mv8cAQ2yrHxJZaxoHDWi9hlUa2c.roa
File: mv8cAQ2yrHxJZaxoHDWi9hlUa2c.roa (raw, json)
Hash identifier: 4wKagaVLjQ0wBjKo3XzJzls88RB7QBbcHsE6XL2PecQ=
Subject key identifier: 9A:FF:1C:01:0D:B2:AC:7C:49:65:AC:68:1C:35:A2:F6:19:54:6B:67
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 018CC26D1F2494CEEF4288CC2C4B6B092A96
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/mv8cAQ2yrHxJZaxoHDWi9hlUa2c.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39590
IP address blocks: 109.105.124.0/22 maxlen: 24
2001:948:40::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:24:94:ce:ef:42:88:cc:2c:4b:6b:09:2a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aff1c010db2ac7c4965ac681c35a2f619546b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ab:67:dd:55:59:d6:da:a4:b3:50:c4:78:fc:
2d:6a:9b:f5:f8:20:75:0a:e2:c0:72:92:3d:e9:7c:
7d:fe:d5:4b:5b:ad:35:8f:af:77:8e:e0:64:64:1b:
e0:0c:d5:45:8a:99:7a:0b:fa:5d:70:8d:50:57:3f:
b5:ed:aa:52:2b:64:7d:0b:d1:96:04:55:6b:ad:11:
df:70:5d:5d:34:18:b3:fe:39:f4:fc:b3:52:3b:ea:
5d:3c:87:6d:6b:49:46:00:02:03:12:df:5e:8d:19:
14:f1:2c:8a:87:af:85:de:c2:f3:6d:f1:95:86:30:
51:4b:5b:9c:0b:44:4c:32:76:db:4d:af:35:5c:cf:
53:cc:12:8f:5f:a3:1c:e3:e9:31:ea:e8:19:55:b6:
85:ad:04:7f:73:f4:02:30:63:d9:dd:af:b2:14:22:
9f:d3:51:f8:bb:f1:0d:b5:95:ee:0e:3f:cf:14:e2:
75:fe:a7:8b:15:d1:a2:f4:b1:d9:51:37:02:ab:e7:
af:71:c3:3d:d9:a0:ff:93:6d:b7:26:d8:35:ff:7f:
a0:37:e3:61:0a:00:6f:d9:5f:10:76:fc:41:35:e7:
01:b2:a4:67:ca:b3:6c:f2:c7:84:2b:c2:b6:af:8c:
17:d5:55:40:a8:4e:96:0d:a1:c5:e4:96:79:25:8b:
97:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FF:1C:01:0D:B2:AC:7C:49:65:AC:68:1C:35:A2:F6:19:54:6B:67
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/mv8cAQ2yrHxJZaxoHDWi9hlUa2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.124.0/22
IPv6:
2001:948:40::/42
Signature Algorithm: sha256WithRSAEncryption
7e:10:9c:b5:a3:97:5c:5b:31:4c:0c:4c:1c:43:a7:b0:fd:83:
a2:e6:3e:d2:2f:5d:35:70:38:ca:b6:5a:e3:57:36:28:19:b0:
f0:cd:fc:64:4d:7f:65:1c:b5:03:d2:1d:25:98:52:29:dd:82:
24:3c:14:ef:84:4c:26:bc:90:8a:76:78:5c:a1:d3:d4:d6:94:
e5:b2:90:cc:c4:c6:e4:ad:07:f0:fe:d5:e8:d7:ae:d0:98:30:
b4:82:ae:c4:32:08:61:f1:d5:f9:de:e3:d0:2a:b1:d5:fb:c0:
c2:9b:3f:4f:f7:b9:f8:17:0f:23:d8:52:1f:33:2e:fe:a3:4a:
d0:1c:36:6a:5c:a5:3b:9d:4c:8c:c1:22:61:02:6b:1b:d0:41:
ce:8f:38:4a:1f:c2:24:98:67:5c:b3:f7:e3:90:a8:fa:98:31:
63:b1:80:87:06:42:84:6c:15:90:2f:52:df:74:d3:1e:33:60:
09:f8:25:68:62:ed:ac:41:60:b1:ab:d8:d5:2d:b3:4b:d9:68:
ad:ba:92:2b:ad:be:cd:dc:f0:0f:01:e8:30:f9:ea:44:1a:a6:
46:7c:b0:80:87:d1:f9:80:65:78:44:c8:6f:6c:66:7f:a7:74:
1a:c3:e4:db:22:45:c5:d9:0b:43:8a:ac:0d:bd:58:b1:87:97:
89:8b:a3:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbR8klM7vQojMLEtrCSqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTZhZTYyNWQ5NTA2ZGY0YTNlNTc3YjI0YTg2ZmNlM2M3
M2E4ZjgwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWZmMWMwMTBkYjJhYzdjNDk2NWFjNjgxYzM1YTJmNjE5NTQ2YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhatn3VVZ1tqks1DEePwtapv1+CB1
CuLAcpI96Xx9/tVLW601j693juBkZBvgDNVFipl6C/pdcI1QVz+17apSK2R9C9GW
BFVrrRHfcF1dNBiz/jn0/LNSO+pdPIdta0lGAAIDEt9ejRkU8SyKh6+F3sLzbfGV
hjBRS1ucC0RMMnbbTa81XM9TzBKPX6Mc4+kx6ugZVbaFrQR/c/QCMGPZ3a+yFCKf
01H4u/ENtZXuDj/PFOJ1/qeLFdGi9LHZUTcCq+evccM92aD/k223Jtg1/3+gN+Nh
CgBv2V8QdvxBNecBsqRnyrNs8seEK8K2r4wX1VVAqE6WDaHF5JZ5JYuXTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJr/HAENsqx8SWWsaBw1ovYZVGtnMB8GA1UdIwQY
MBaAFNNWrmJdlQbfSj5XeySob848c6j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYt
MmVhODdlNmVhMmEwLzEvbXY4Y0FRMnlySHhKWmF4b0hEV2k5aGxVYTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYtMmVhODdlNmVhMmEw
LzEvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCbWl8MA8E
AgACMAkDBwYgAQlIAEAwDQYJKoZIhvcNAQELBQADggEBAH4QnLWjl1xbMUwMTBxD
p7D9g6LmPtIvXTVwOMq2WuNXNigZsPDN/GRNf2UctQPSHSWYUindgiQ8FO+ETCa8
kIp2eFyh09TWlOWykMzExuStB/D+1ejXrtCYMLSCrsQyCGHx1fne49AqsdX7wMKb
P0/3ufgXDyPYUh8zLv6jStAcNmpcpTudTIzBImECaxvQQc6POEofwiSYZ1yz9+OQ
qPqYMWOxgIcGQoRsFZAvUt900x4zYAn4JWhi7axBYLGr2NUts0vZaK26kiutvs3c
8A8B6DD56kQapkZ8sICH0fmAZXhEyG9sZn+ndBrD5NsiRcXZC0OKrA29WLGHl4mL
o0A=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:32 2024 by rpki-client on console-fra.rpki-client.org