Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MUPcensiA5cYW0kk4unRQRRt4hk.roa
File: MUPcensiA5cYW0kk4unRQRRt4hk.roa (raw, json)
Hash identifier: P720qbTZNovsbsZo7uLu1Q3rg16vkNZ8vm+DFBeWbes=
Subject key identifier: 31:43:DC:7A:7B:22:03:97:18:5B:49:24:E2:E9:D1:41:14:6D:E2:19
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019353A1260E649B570D73D77F49446F5D61
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MUPcensiA5cYW0kk4unRQRRt4hk.roa
Signing time: Fri 22 Nov 2024 11:28:10 +0000
ROA not before: Fri 22 Nov 2024 11:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 2a09:9446::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:a1:26:0e:64:9b:57:0d:73:d7:7f:49:44:6f:5d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Nov 22 11:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3143dc7a7b220397185b4924e2e9d141146de219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6a:a1:ee:bf:fd:ba:5c:47:f5:6a:8e:8c:17:
80:59:e6:32:6c:35:bf:c8:ff:43:33:48:f0:8a:ff:
17:4e:09:c3:f2:02:e4:cb:ac:d0:f0:6d:5b:27:b1:
cf:ad:0e:79:45:7c:69:77:27:a1:ba:f3:e2:52:78:
34:9c:6f:23:20:3f:b1:da:13:ba:ce:8d:f3:e3:56:
e9:a8:f2:a6:0c:71:52:35:28:48:0a:b3:39:b9:0b:
fc:48:50:e9:04:d4:e7:0a:a1:14:49:5b:39:19:4a:
e1:a9:1f:e9:ce:e7:44:47:6c:be:dd:c4:f8:e6:df:
79:5b:f0:32:a8:11:64:15:f9:b7:9c:28:4d:2d:1e:
3a:4b:f8:32:41:fc:8d:58:b4:64:0e:a7:54:8c:43:
b2:e8:40:5c:07:65:aa:17:bb:1f:e7:7e:e2:a9:26:
7f:f7:d6:03:a2:44:fa:dc:20:cd:59:0f:ce:28:ae:
6d:7c:46:de:3f:f8:fc:bc:dd:d1:92:e5:07:78:77:
c8:d9:c0:76:46:a7:ba:34:bc:9d:3f:62:9c:9c:f9:
b3:94:e2:c6:bb:58:b8:52:3a:2b:68:09:54:ee:0c:
4d:28:82:dd:7e:1c:cf:9c:9e:a6:49:e5:91:45:7a:
e3:db:ec:02:c6:b3:6b:01:f6:fc:b7:29:00:80:9d:
f4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:43:DC:7A:7B:22:03:97:18:5B:49:24:E2:E9:D1:41:14:6D:E2:19
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MUPcensiA5cYW0kk4unRQRRt4hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9446::/32
Signature Algorithm: sha256WithRSAEncryption
bd:f3:dc:55:df:1b:10:2e:d8:8d:e9:84:69:35:a0:de:af:b7:
96:53:a5:6b:5f:74:7d:5d:52:05:58:8b:78:e6:60:21:77:88:
fe:0d:99:d4:69:70:5c:5d:0c:5a:4b:93:c2:ac:69:8c:98:72:
64:3e:79:01:73:ab:03:28:cd:06:37:8e:e1:3d:4e:44:76:f7:
6a:5e:10:ad:a0:b1:e2:7d:58:0f:c8:14:6c:c7:c6:86:c8:9a:
14:5c:3c:0a:7f:0a:00:77:4a:4b:ed:26:77:93:58:6c:54:b4:
ab:2a:16:39:66:a4:f0:19:ac:f3:1a:4e:89:2b:b3:6b:d9:1d:
20:f8:d6:76:bd:73:07:20:e0:16:e1:a9:0e:ef:ec:14:01:c6:
62:8a:a7:4b:36:45:fa:6b:1d:d6:52:70:b7:39:9c:6f:67:06:
49:9e:2f:75:1a:83:6e:9f:4a:69:9c:f4:e8:fd:76:0a:3c:6e:
ed:87:6a:9e:00:26:62:ff:5d:74:b3:98:0f:5b:0e:fd:0a:27:
55:8b:2a:ec:0b:5e:67:e0:2a:46:21:21:ea:96:b6:7f:c3:9a:
b4:9c:79:df:a4:27:f4:2b:9c:12:da:18:b5:52:7b:92:fc:1c:
c6:df:ad:f1:d2:c1:6c:df:c0:79:90:ac:d9:48:40:6b:09:39:
4f:25:1c:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNToSYOZJtXDXPXf0lEb11hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQxMTIyMTEyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQzZGM3YTdiMjIwMzk3MTg1YjQ5MjRlMmU5ZDE0MTE0NmRlMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWqh7r/9ulxH9WqOjBeAWeYybDW/
yP9DM0jwiv8XTgnD8gLky6zQ8G1bJ7HPrQ55RXxpdyehuvPiUng0nG8jID+x2hO6
zo3z41bpqPKmDHFSNShICrM5uQv8SFDpBNTnCqEUSVs5GUrhqR/pzudER2y+3cT4
5t95W/AyqBFkFfm3nChNLR46S/gyQfyNWLRkDqdUjEOy6EBcB2WqF7sf537iqSZ/
99YDokT63CDNWQ/OKK5tfEbeP/j8vN3RkuUHeHfI2cB2Rqe6NLydP2KcnPmzlOLG
u1i4UjoraAlU7gxNKILdfhzPnJ6mSeWRRXrj2+wCxrNrAfb8tykAgJ30YwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDFD3Hp7IgOXGFtJJOLp0UEUbeIZMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTVVQY2Vuc2lBNWNZVzBrazR1blJRUlJ0NGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmURjAN
BgkqhkiG9w0BAQsFAAOCAQEAvfPcVd8bEC7YjemEaTWg3q+3llOla190fV1SBViL
eOZgIXeI/g2Z1GlwXF0MWkuTwqxpjJhyZD55AXOrAyjNBjeO4T1ORHb3al4QraCx
4n1YD8gUbMfGhsiaFFw8Cn8KAHdKS+0md5NYbFS0qyoWOWak8Bms8xpOiSuza9kd
IPjWdr1zByDgFuGpDu/sFAHGYoqnSzZF+msd1lJwtzmcb2cGSZ4vdRqDbp9KaZz0
6P12Cjxu7YdqngAmYv9ddLOYD1sO/QonVYsq7AteZ+AqRiEh6pa2f8OatJx536Qn
9CucEtoYtVJ7kvwcxt+t8dLBbN/AeZCs2UhAawk5TyUcHw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:24 2024 by rpki-client on console-ams.rpki-client.org