Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/mKm3gXRb9Ho0xL0Ypyzn6FTqMq0.roa
File: mKm3gXRb9Ho0xL0Ypyzn6FTqMq0.roa (raw, json)
Hash identifier: 3/qHcXBOtCh0RSYEWea1XU3AVy4JJ0/fV7VLpp736/Q=
Subject key identifier: 98:A9:B7:81:74:5B:F4:7A:34:C4:BD:18:A7:2C:E7:E8:54:EA:32:AD
Certificate issuer: /CN=f709528b8828b4d826355e2c52237d642071cd54
Certificate serial: 0190F9BA266A724A000B1A229FE3CBA21B51
Authority key identifier: F7:09:52:8B:88:28:B4:D8:26:35:5E:2C:52:23:7D:64:20:71:CD:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/mKm3gXRb9Ho0xL0Ypyzn6FTqMq0.roa
Signing time: Sun 28 Jul 2024 14:24:04 +0000
ROA not before: Sun 28 Jul 2024 14:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215759
IP address blocks: 2a14:6680::/48 maxlen: 48
2a14:6680:1000::/48 maxlen: 48
2a14:6680:2000::/48 maxlen: 48
2a14:6680:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f9:ba:26:6a:72:4a:00:0b:1a:22:9f:e3:cb:a2:1b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f709528b8828b4d826355e2c52237d642071cd54
Validity
Not Before: Jul 28 14:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a9b781745bf47a34c4bd18a72ce7e854ea32ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:27:f3:0d:53:c8:58:f7:b6:86:b5:ae:f2:
29:ad:3d:ff:f5:33:67:6a:58:f7:e4:28:78:47:de:
1a:42:3a:e2:af:e6:bc:26:29:f9:73:ba:8d:09:33:
e3:40:5b:d3:1a:1c:3e:ea:30:ad:ab:e3:b9:f2:eb:
cb:8e:0b:d9:22:c4:6a:e1:85:fb:05:87:c7:93:e9:
46:14:24:0f:3d:18:fb:c5:5b:32:ba:41:ff:89:31:
60:9f:59:86:5e:9f:b2:81:01:82:9c:d2:ad:d7:82:
c2:b2:1a:ab:75:65:3c:5d:37:46:d7:ef:48:15:be:
86:12:de:a8:45:5a:74:ca:f1:0b:d8:1a:ec:da:59:
b8:16:98:6d:29:3e:a9:cd:cc:88:32:3c:62:08:dd:
52:0e:7a:c6:a7:40:2b:73:32:be:dc:a3:5b:fd:24:
ed:82:b4:a5:f6:5d:95:28:22:bd:17:c0:c9:b6:69:
bb:43:e2:9f:51:8f:a2:e7:0e:17:73:a7:8a:8b:18:
df:04:1b:ed:04:7c:c4:ec:b9:35:4c:ee:11:d8:52:
27:3c:29:ce:88:07:1e:57:5b:36:33:d5:63:4c:86:
90:11:ca:93:7b:1f:2b:de:db:3b:0d:71:0b:6f:a5:
38:50:6f:c8:7f:85:d6:b9:2e:24:08:ea:7a:af:0f:
3e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A9:B7:81:74:5B:F4:7A:34:C4:BD:18:A7:2C:E7:E8:54:EA:32:AD
X509v3 Authority Key Identifier:
keyid:F7:09:52:8B:88:28:B4:D8:26:35:5E:2C:52:23:7D:64:20:71:CD:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/mKm3gXRb9Ho0xL0Ypyzn6FTqMq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d9d80-b8bf-465a-a291-9f74facae8f1/1/9wlSi4gotNgmNV4sUiN9ZCBxzVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6680::/48
2a14:6680:1000::/48
2a14:6680:2000::/47
Signature Algorithm: sha256WithRSAEncryption
2a:41:cf:ea:c9:ba:44:b4:67:2f:86:a1:8f:d8:0a:8b:e3:c3:
e1:14:17:58:58:91:fa:50:89:95:5a:0c:0a:2e:a1:76:9a:1c:
74:e3:93:4b:58:07:21:3a:dc:64:34:c1:39:88:e3:9e:bb:25:
8c:9b:12:91:53:d4:25:d2:a9:5d:72:41:b6:fc:28:bd:2f:e8:
86:46:4b:ee:a9:d1:5c:b8:85:8b:3e:5b:a2:97:79:1e:ee:9c:
ab:26:d6:5d:b5:fd:10:62:bb:b9:ff:12:42:7f:41:32:36:9c:
1d:52:9c:87:8e:df:9f:1d:6f:1b:0a:c0:67:bb:24:07:41:84:
c0:cd:be:e1:b1:9e:bf:8c:60:0d:2d:ac:b0:29:54:f3:49:0c:
4e:01:8c:45:c9:00:ac:15:5b:75:7e:6f:54:63:19:07:f5:ab:
3f:42:42:ef:0f:ae:a7:c7:b8:bc:fe:c2:e2:ad:e8:c0:bf:cc:
c2:0d:1c:37:d3:d0:ff:70:e4:5b:64:f1:37:d9:6a:28:5c:00:
e3:b0:db:42:48:53:d5:7e:6d:0b:02:26:57:a3:af:59:d6:48:
14:eb:16:82:4a:b4:91:e3:68:22:c7:44:51:14:02:43:3a:c9:
18:99:bf:49:95:4c:7d:d1:8e:38:4a:3e:08:63:ca:7c:2c:60:
21:08:77:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZD5uiZqckoACxoin+PLohtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MDk1MjhiODgyOGI0ZDgyNjM1NWUyYzUyMjM3ZDY0MjA3
MWNkNTQwHhcNMjQwNzI4MTQyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE5Yjc4MTc0NWJmNDdhMzRjNGJkMThhNzJjZTdlODU0ZWEzMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKMn8w1TyFj3toa1rvIprT3/9TNn
alj35Ch4R94aQjrir+a8Jin5c7qNCTPjQFvTGhw+6jCtq+O58uvLjgvZIsRq4YX7
BYfHk+lGFCQPPRj7xVsyukH/iTFgn1mGXp+ygQGCnNKt14LCshqrdWU8XTdG1+9I
Fb6GEt6oRVp0yvEL2Brs2lm4FphtKT6pzcyIMjxiCN1SDnrGp0ArczK+3KNb/STt
grSl9l2VKCK9F8DJtmm7Q+KfUY+i5w4Xc6eKixjfBBvtBHzE7Lk1TO4R2FInPCnO
iAceV1s2M9VjTIaQEcqTex8r3ts7DXELb6U4UG/If4XWuS4kCOp6rw8+ZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJipt4F0W/R6NMS9GKcs5+hU6jKtMB8GA1UdIwQY
MBaAFPcJUouIKLTYJjVeLFIjfWQgcc1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXdsU2k0Z290TmdtTlY0c1VpTjlaQ0J4elZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDlkODAtYjhiZi00NjVhLWEyOTEt
OWY3NGZhY2FlOGYxLzEvbUttM2dYUmI5SG8weEwwWXB5em42RlRxTXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDlkODAtYjhiZi00NjVhLWEyOTEtOWY3NGZhY2FlOGYx
LzEvOXdsU2k0Z290TmdtTlY0c1VpTjlaQ0J4elZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKhRmgAAA
AwcAKhRmgBAAAwcBKhRmgCAAMA0GCSqGSIb3DQEBCwUAA4IBAQAqQc/qybpEtGcv
hqGP2AqL48PhFBdYWJH6UImVWgwKLqF2mhx045NLWAchOtxkNME5iOOeuyWMmxKR
U9Ql0qldckG2/Ci9L+iGRkvuqdFcuIWLPluil3ke7pyrJtZdtf0QYru5/xJCf0Ey
NpwdUpyHjt+fHW8bCsBnuyQHQYTAzb7hsZ6/jGANLaywKVTzSQxOAYxFyQCsFVt1
fm9UYxkH9as/QkLvD66nx7i8/sLirejAv8zCDRw309D/cORbZPE32WooXADjsNtC
SFPVfm0LAiZXo69Z1kgU6xaCSrSR42gix0RRFAJDOskYmb9JlUx90Y44Sj4IY8p8
LGAhCHch
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:16 2024 by rpki-client on console-fra.rpki-client.org