Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/MMlB3yj0I6dudWlxPEfy2C6E-o8.roa
File: MMlB3yj0I6dudWlxPEfy2C6E-o8.roa (raw, json)
Hash identifier: /x+hnjmC2deiLkDU2OJQe28cT+OVRHLNi9CNObugNB4=
Subject key identifier: 30:C9:41:DF:28:F4:23:A7:6E:75:69:71:3C:47:F2:D8:2E:84:FA:8F
Certificate issuer: /CN=77001bcc69a16503421b88851f47aa16c5cf2dbc
Certificate serial: 018CC6B837533D682159836E0A84EA5F6F76
Authority key identifier: 77:00:1B:CC:69:A1:65:03:42:1B:88:85:1F:47:AA:16:C5:CF:2D:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dwAbzGmhZQNCG4iFH0eqFsXPLbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/MMlB3yj0I6dudWlxPEfy2C6E-o8.roa
Signing time: Mon 01 Jan 2024 20:30:10 +0000
ROA not before: Mon 01 Jan 2024 20:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 94.154.9.0/24 maxlen: 24
2a0f:f0c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/dwAbzGmhZQNCG4iFH0eqFsXPLbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/dwAbzGmhZQNCG4iFH0eqFsXPLbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dwAbzGmhZQNCG4iFH0eqFsXPLbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:37:53:3d:68:21:59:83:6e:0a:84:ea:5f:6f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77001bcc69a16503421b88851f47aa16c5cf2dbc
Validity
Not Before: Jan 1 20:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c941df28f423a76e7569713c47f2d82e84fa8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:69:fa:2f:8e:f7:a8:5a:50:4a:47:f7:89:
26:65:eb:f9:ff:c7:39:d2:d2:13:7e:93:70:ce:18:
31:41:99:e7:3f:25:2b:ac:c4:e6:7c:02:69:cd:b2:
98:78:6f:99:d4:ab:15:aa:5d:57:12:c5:87:b5:3d:
51:b4:6a:0e:b0:84:91:17:cf:a4:98:42:74:88:d8:
45:92:eb:74:42:c8:8c:d9:48:4b:55:21:86:13:1b:
cc:de:be:36:03:f5:fd:3e:48:4e:46:b4:2e:2f:5d:
b2:af:8c:3e:53:f8:8e:14:55:1b:8c:0d:c3:3b:ee:
9a:7f:69:bf:45:9a:e8:49:78:c6:92:ba:00:4d:4d:
b8:d3:d7:09:cd:ce:10:29:7e:d4:43:6a:ae:57:09:
4b:29:fa:a8:dc:11:95:25:d4:9c:14:c5:40:05:15:
0d:f4:0f:b8:9e:d5:8f:92:bc:c9:19:f1:48:ad:9a:
7e:98:28:3a:e9:ba:a6:fb:16:c2:31:ad:de:31:04:
7c:fd:f0:87:db:87:7d:49:ab:4e:95:b1:3a:4e:bb:
56:f4:3f:d3:70:30:79:9b:bf:92:46:05:f5:42:23:
26:79:73:b6:d1:9d:7f:b5:a3:db:77:2a:e7:80:61:
42:1f:62:16:7f:94:32:aa:2a:a3:7b:89:a7:4d:a7:
38:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C9:41:DF:28:F4:23:A7:6E:75:69:71:3C:47:F2:D8:2E:84:FA:8F
X509v3 Authority Key Identifier:
keyid:77:00:1B:CC:69:A1:65:03:42:1B:88:85:1F:47:AA:16:C5:CF:2D:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwAbzGmhZQNCG4iFH0eqFsXPLbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/MMlB3yj0I6dudWlxPEfy2C6E-o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/dwAbzGmhZQNCG4iFH0eqFsXPLbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.9.0/24
IPv6:
2a0f:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
56:e2:30:22:f9:c4:bd:d9:af:47:73:b6:53:02:f8:11:fc:cf:
e3:16:83:21:04:92:67:8f:49:66:c2:4c:8f:95:bb:2d:56:42:
aa:75:0b:68:77:ae:ad:1d:3e:e5:96:fd:ad:8c:d3:4a:93:4c:
c6:d5:ce:83:76:6a:5e:cf:9f:0c:df:98:fd:da:87:d4:2e:fc:
6c:d8:22:ce:0e:a3:ff:a1:63:bb:96:1b:aa:62:da:62:00:e8:
ce:ca:0e:85:ec:61:e0:24:8b:4a:f5:a6:f7:c8:59:0e:75:f2:
d6:09:7f:62:0b:78:04:e3:67:3c:70:95:d9:bd:e7:c6:2a:14:
22:8b:a4:27:29:b6:d4:df:c8:74:82:aa:83:30:b5:64:43:e3:
51:4c:e5:dc:bb:8f:96:43:cf:fa:b6:b4:3f:3e:52:63:f6:9a:
06:4f:44:ed:cd:fe:cc:f2:74:af:f1:2f:89:17:f4:18:c0:0c:
82:dc:3c:cc:e2:f4:d3:5d:56:75:95:2f:7f:99:97:5c:80:81:
7a:17:e6:3a:e0:26:cb:4b:69:b4:61:f0:0d:dc:a8:af:37:f2:
73:95:72:85:11:20:9d:ab:87:ca:d3:24:7d:56:c8:91:29:00:
d7:af:ff:2c:06:39:5f:53:f8:9a:fe:a5:5c:e4:3e:f8:d2:85:
a9:89:d6:85
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuDdTPWghWYNuCoTqX292MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MDAxYmNjNjlhMTY1MDM0MjFiODg4NTFmNDdhYTE2YzVj
ZjJkYmMwHhcNMjQwMTAxMjAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM5NDFkZjI4ZjQyM2E3NmU3NTY5NzEzYzQ3ZjJkODJlODRmYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTJp+i+O96haUEpH94kmZev5/8c5
0tITfpNwzhgxQZnnPyUrrMTmfAJpzbKYeG+Z1KsVql1XEsWHtT1RtGoOsISRF8+k
mEJ0iNhFkut0QsiM2UhLVSGGExvM3r42A/X9PkhORrQuL12yr4w+U/iOFFUbjA3D
O+6af2m/RZroSXjGkroATU2409cJzc4QKX7UQ2quVwlLKfqo3BGVJdScFMVABRUN
9A+4ntWPkrzJGfFIrZp+mCg66bqm+xbCMa3eMQR8/fCH24d9SatOlbE6TrtW9D/T
cDB5m7+SRgX1QiMmeXO20Z1/taPbdyrngGFCH2IWf5Qyqiqje4mnTac4DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDDJQd8o9COnbnVpcTxH8tguhPqPMB8GA1UdIwQY
MBaAFHcAG8xpoWUDQhuIhR9HqhbFzy28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdBYnpHbWhaUU5DRzRpRkgwZXFGc1hQTGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZmYyMzAtZTAxMi00NTMxLTg2NmMt
MGE4YmQyZjM2YzcyLzEvTU1sQjN5ajBJNmR1ZFdseFBFZnkyQzZFLW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZmYyMzAtZTAxMi00NTMxLTg2NmMtMGE4YmQyZjM2Yzcy
LzEvZHdBYnpHbWhaUU5DRzRpRkgwZXFGc1hQTGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpoJMA0E
AgACMAcDBQAqD/DAMA0GCSqGSIb3DQEBCwUAA4IBAQBW4jAi+cS92a9Hc7ZTAvgR
/M/jFoMhBJJnj0lmwkyPlbstVkKqdQtod66tHT7llv2tjNNKk0zG1c6Ddmpez58M
35j92ofULvxs2CLODqP/oWO7lhuqYtpiAOjOyg6F7GHgJItK9ab3yFkOdfLWCX9i
C3gE42c8cJXZvefGKhQii6QnKbbU38h0gqqDMLVkQ+NRTOXcu4+WQ8/6trQ/PlJj
9poGT0Ttzf7M8nSv8S+JF/QYwAyC3DzM4vTTXVZ1lS9/mZdcgIF6F+Y64CbLS2m0
YfAN3KivN/JzlXKFESCdq4fK0yR9VsiRKQDXr/8sBjlfU/ia/qVc5D740oWpidaF
-----END CERTIFICATE-----
Generated at Sat May 18 02:11:06 2024 by rpki-client on console-ams.rpki-client.org