Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/MKyRgkSi8lwzkhS39EP-Xji4B_M.roa
File: MKyRgkSi8lwzkhS39EP-Xji4B_M.roa (raw, json)
Hash identifier: RNB4n+igi3MGFGnxeqGyBhLriDyLRXgRwYRheRXKSPw=
Subject key identifier: 30:AC:91:82:44:A2:F2:5C:33:92:14:B7:F4:43:FE:5E:38:B8:07:F3
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018EE7DD080536CDE43F60BEF00F0BA25CD1
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/MKyRgkSi8lwzkhS39EP-Xji4B_M.roa
Signing time: Tue 16 Apr 2024 17:03:26 +0000
ROA not before: Tue 16 Apr 2024 17:03:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.72.0/24 maxlen: 24
192.40.73.0/24 maxlen: 24
192.40.74.0/24 maxlen: 24
192.40.75.0/24 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:dd:08:05:36:cd:e4:3f:60:be:f0:0f:0b:a2:5c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Apr 16 17:03:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30ac918244a2f25c339214b7f443fe5e38b807f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:6f:3a:ce:36:cb:9d:a2:ad:9c:1e:13:79:
aa:fd:5d:87:69:93:7c:91:fa:f1:ca:61:c0:73:c6:
00:63:3a:75:02:a4:42:53:d8:a9:4d:64:12:da:d3:
e2:34:f6:4f:77:ce:d9:7b:35:b3:95:ec:d8:bc:c4:
47:50:4a:f1:fe:22:72:ab:69:0b:0b:98:cb:e5:2e:
a4:ac:5c:16:de:77:7b:fa:38:39:c5:8d:21:e8:d4:
2f:b6:a9:c1:48:a5:da:0a:d1:14:44:2f:bc:11:2f:
7d:3e:da:52:f5:5f:82:e1:7e:8f:fc:56:ab:14:36:
5c:90:71:77:b7:b9:3b:bd:d4:1f:a3:59:f2:36:e3:
c6:38:3e:3c:04:11:63:27:93:d9:99:73:92:b6:0c:
74:e1:3f:9e:dd:5d:99:2a:f0:80:d1:c5:50:2b:61:
23:d6:9e:66:be:c3:e2:a3:a8:e6:2e:2a:9f:80:eb:
8f:06:3d:fc:5b:a0:2d:a0:9d:d7:7d:a8:04:80:2b:
39:46:8a:95:cb:a5:af:a8:99:3d:5b:42:eb:ca:6d:
24:8b:0f:21:1e:8c:c2:21:13:1a:99:9e:19:26:97:
1d:1f:40:3b:bf:5d:86:e1:de:76:67:a7:38:da:41:
72:2e:87:ac:78:34:21:0e:8f:eb:30:48:dc:c7:76:
6e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AC:91:82:44:A2:F2:5C:33:92:14:B7:F4:43:FE:5E:38:B8:07:F3
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/MKyRgkSi8lwzkhS39EP-Xji4B_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0/22
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
31:3a:4d:94:88:a8:26:49:08:54:95:9e:1b:d7:82:fe:f4:b8:
d8:83:7d:87:f4:72:e9:c6:fc:95:7a:9e:4d:29:6c:70:52:41:
2e:e4:08:e3:47:d5:e9:f8:43:2a:13:67:b5:c3:78:c8:d7:07:
17:f6:a8:8a:f9:8d:98:ff:ba:d4:47:3a:32:77:93:52:d4:0f:
b6:34:16:46:14:21:a9:1e:c7:35:99:e0:a6:80:f9:e1:60:90:
e4:2a:f5:7c:8c:7a:ee:b2:e5:cf:21:98:f5:9b:79:07:f4:53:
2d:c2:35:ea:42:c2:92:42:54:3b:66:53:ba:3c:f9:b7:a5:0f:
4b:b1:e7:ce:67:e3:38:e9:09:86:69:ed:25:79:12:79:95:5f:
80:ac:80:4b:ba:90:e2:ce:ec:4a:ac:0e:95:04:d4:c7:0d:0d:
28:d0:a4:77:73:01:53:5b:a4:ab:bf:01:f5:d4:af:38:f9:ec:
67:62:ef:41:46:86:0b:ba:9f:ff:12:c7:bd:e8:b9:77:f2:5e:
39:31:8a:f7:55:02:f8:c8:d5:49:0a:fa:db:a9:8a:ce:05:67:
4b:10:c5:dd:d9:49:f9:76:22:f8:1d:07:97:40:79:51:de:46:
4f:c4:16:a7:25:72:8a:fa:d7:2c:18:88:b3:ed:55:45:63:b9:
ed:ef:1c:29
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY7n3QgFNs3kP2C+8A8LolzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjQwNDE2MTcwMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFjOTE4MjQ0YTJmMjVjMzM5MjE0YjdmNDQzZmU1ZTM4YjgwN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrNvOs42y52irZweE3mq/V2HaZN8
kfrxymHAc8YAYzp1AqRCU9ipTWQS2tPiNPZPd87ZezWzlezYvMRHUErx/iJyq2kL
C5jL5S6krFwW3nd7+jg5xY0h6NQvtqnBSKXaCtEURC+8ES99PtpS9V+C4X6P/Far
FDZckHF3t7k7vdQfo1nyNuPGOD48BBFjJ5PZmXOStgx04T+e3V2ZKvCA0cVQK2Ej
1p5mvsPio6jmLiqfgOuPBj38W6AtoJ3XfagEgCs5RoqVy6WvqJk9W0Lrym0kiw8h
HozCIRMamZ4ZJpcdH0A7v12G4d52Z6c42kFyLoeseDQhDo/rMEjcx3ZudwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDCskYJEovJcM5IUt/RD/l44uAfzMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL01LeVJna1NpOGx3emtoUzM5RVAtWGppNEJfTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMAwEAgABMAYDBALAKEgw
FgQCAAIwEAMHACABBnwhpAMFACoG8EAwDQYJKoZIhvcNAQELBQADggEBADE6TZSI
qCZJCFSVnhvXgv70uNiDfYf0cunG/JV6nk0pbHBSQS7kCONH1en4QyoTZ7XDeMjX
Bxf2qIr5jZj/utRHOjJ3k1LUD7Y0FkYUIakexzWZ4KaA+eFgkOQq9XyMeu6y5c8h
mPWbeQf0Uy3CNepCwpJCVDtmU7o8+belD0ux585n4zjpCYZp7SV5EnmVX4CsgEu6
kOLO7EqsDpUE1McNDSjQpHdzAVNbpKu/AfXUrzj57Gdi70FGhgu6n/8Sx73ouXfy
XjkxivdVAvjI1UkK+tupis4FZ0sQxd3ZSfl2IvgdB5dAeVHeRk/EFqclcor61ywY
iLPtVUVjue3vHCk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:17 2024 by rpki-client on console-ams.rpki-client.org