Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/mvlWxjNYfAygnMT08E51HYaK9Ck.roa
File: mvlWxjNYfAygnMT08E51HYaK9Ck.roa (raw, json)
Hash identifier: sSimb/mLnEygX0CAcWuA4aihyyrEcsG1lHMT7cOV1FQ=
Subject key identifier: 9A:F9:56:C6:33:58:7C:0C:A0:9C:C4:F4:F0:4E:75:1D:86:8A:F4:29
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 018CC8DE3B271E66FE10F8AF7ABF16A4AB33
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/mvlWxjNYfAygnMT08E51HYaK9Ck.roa
Signing time: Tue 02 Jan 2024 06:30:56 +0000
ROA not before: Tue 02 Jan 2024 06:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206499
IP address blocks: 2a04:5b81:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3b:27:1e:66:fe:10:f8:af:7a:bf:16:a4:ab:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 06:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9af956c633587c0ca09cc4f4f04e751d868af429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:58:79:e3:a9:37:03:a2:6c:6f:10:f2:aa:
fd:6d:dc:a4:0f:28:9d:a8:1c:1e:41:06:f2:d3:f8:
8a:d9:38:4a:9b:6a:8e:c0:25:18:48:75:76:c1:12:
a6:6c:b6:1a:32:26:05:2e:29:fb:97:9f:94:c8:8c:
3d:b4:5d:36:ad:16:bd:e3:7e:5f:ec:c7:c8:4a:64:
bc:98:ac:05:8b:c4:c4:e0:83:9a:aa:e3:e0:7e:9e:
e7:31:83:ae:1f:4c:a2:1d:8d:4b:ba:d9:4f:cf:60:
01:b5:ae:f3:0e:53:c4:f4:7b:5f:34:f7:bd:3b:e8:
11:6c:93:e7:af:e9:e4:0a:d3:b9:5f:10:3c:d3:e0:
18:b9:22:c3:1c:72:70:87:3f:8a:91:35:6f:e6:d6:
77:cf:52:7a:c2:02:b7:80:9e:d2:88:e2:91:99:49:
6e:47:05:6a:87:25:46:c7:bb:4c:34:3a:f1:60:fe:
5c:3f:86:61:68:20:e7:f8:14:b3:98:64:61:02:5b:
4c:92:94:23:9a:94:18:dc:85:71:8d:88:3d:de:27:
21:61:0c:7e:bb:d8:05:04:6f:9e:2a:b3:b0:53:00:
0e:72:c3:2d:56:38:4b:d6:76:5f:3c:0e:cd:b9:cc:
e0:a2:34:94:18:f8:36:6e:b3:02:24:b4:51:53:a9:
85:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F9:56:C6:33:58:7C:0C:A0:9C:C4:F4:F0:4E:75:1D:86:8A:F4:29
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/mvlWxjNYfAygnMT08E51HYaK9Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:2000::/48
Signature Algorithm: sha256WithRSAEncryption
39:7d:fc:07:56:0b:37:35:c6:f5:f4:05:ff:3a:b9:9f:ac:79:
74:61:dc:1c:51:f3:a2:0a:a2:a1:00:13:ef:73:68:a9:7e:a6:
fa:85:3d:04:96:f7:9c:9b:94:cf:cc:9f:d2:4e:fc:25:db:94:
03:65:fd:b9:34:83:48:47:95:2d:ac:00:d8:c7:40:bb:3b:26:
a0:53:98:d5:8a:f1:1e:be:17:03:de:3d:11:cf:bd:3c:bf:ec:
71:a5:c8:c7:b8:9c:88:ac:94:eb:3a:08:06:db:3a:36:ca:b0:
fa:c7:0c:3a:4f:10:c1:0c:49:49:f5:76:e7:c6:a2:bc:9e:63:
11:3d:00:7c:6e:95:47:53:db:62:85:73:6f:06:98:3b:21:c5:
0d:f5:0d:68:05:22:03:cd:2e:98:88:36:c7:d5:4a:14:fd:26:
71:54:39:87:e2:5d:04:6e:0a:be:53:d5:e9:58:19:4c:ba:7b:
eb:95:d7:19:0c:c1:ef:dd:13:71:96:71:1a:f7:30:51:3e:69:
0c:c7:d4:d6:10:d6:59:87:fb:fd:72:c8:50:b0:d9:25:8e:b2:
ad:a4:13:58:92:85:d7:f9:da:fd:05:20:07:55:05:fb:72:ca:
52:7b:41:49:00:b2:00:40:dd:d2:cd:2b:f6:bb:df:85:26:1e:
4c:20:5a:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3jsnHmb+EPiver8WpKszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY5NTZjNjMzNTg3YzBjYTA5Y2M0ZjRmMDRlNzUxZDg2OGFmNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQVYeeOpNwOibG8Q8qr9bdykDyid
qBweQQby0/iK2ThKm2qOwCUYSHV2wRKmbLYaMiYFLin7l5+UyIw9tF02rRa9435f
7MfISmS8mKwFi8TE4IOaquPgfp7nMYOuH0yiHY1LutlPz2ABta7zDlPE9HtfNPe9
O+gRbJPnr+nkCtO5XxA80+AYuSLDHHJwhz+KkTVv5tZ3z1J6wgK3gJ7SiOKRmUlu
RwVqhyVGx7tMNDrxYP5cP4ZhaCDn+BSzmGRhAltMkpQjmpQY3IVxjYg93ichYQx+
u9gFBG+eKrOwUwAOcsMtVjhL1nZfPA7NuczgojSUGPg2brMCJLRRU6mFkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJr5VsYzWHwMoJzE9PBOdR2GivQpMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvbXZsV3hqTllmQXlnbk1UMDhFNTFIWWFLOUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRbgSAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5ffwHVgs3Ncb19AX/OrmfrHl0YdwcUfOiCqKh
ABPvc2ipfqb6hT0Elvecm5TPzJ/STvwl25QDZf25NINIR5UtrADYx0C7OyagU5jV
ivEevhcD3j0Rz708v+xxpcjHuJyIrJTrOggG2zo2yrD6xww6TxDBDElJ9XbnxqK8
nmMRPQB8bpVHU9tihXNvBpg7IcUN9Q1oBSIDzS6YiDbH1UoU/SZxVDmH4l0Ebgq+
U9XpWBlMunvrldcZDMHv3RNxlnEa9zBRPmkMx9TWENZZh/v9cshQsNkljrKtpBNY
koXX+dr9BSAHVQX7cspSe0FJALIAQN3SzSv2u9+FJh5MIFqL
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:39:12 2024 by rpki-client on console-fra.rpki-client.org