Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/mQTx88mQ0MRlTA_EwTmlpizVjqs.roa
File: mQTx88mQ0MRlTA_EwTmlpizVjqs.roa (raw, json)
Hash identifier: chJjt0RXIogy63vOKuV4oXZ8dZznCbjuQFHZvX8vwjI=
Subject key identifier: 99:04:F1:F3:C9:90:D0:C4:65:4C:0F:C4:C1:39:A5:A6:2C:D5:8E:AB
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CC2DB39987A5A83B28F96BE0AD9A551C1
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/mQTx88mQ0MRlTA_EwTmlpizVjqs.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212330
IP address blocks: 2a04:2dc0:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:39:98:7a:5a:83:b2:8f:96:be:0a:d9:a5:51:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9904f1f3c990d0c4654c0fc4c139a5a62cd58eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:63:b2:a8:39:3f:1a:06:43:09:a6:7a:41:42:
76:25:e0:b8:32:3b:e3:31:40:29:2e:48:0a:d3:65:
01:67:db:ea:3d:4c:bd:b8:57:60:06:7e:f5:22:1b:
bd:4d:de:87:ba:52:1c:89:39:d3:99:a9:0a:47:2b:
d0:87:b0:99:d1:1e:cd:0f:2a:6c:0a:01:74:d8:3c:
b5:f1:0d:45:66:f8:dc:31:13:da:af:e7:0b:b1:15:
f6:ec:5e:e2:9a:71:0e:78:21:7d:f7:68:ea:3b:18:
b7:9b:b2:db:3a:11:26:d3:d7:a0:23:5c:d2:74:ec:
88:ee:7b:44:bf:30:64:2f:b0:ba:a3:0e:20:38:5c:
87:2b:fa:eb:98:ca:1e:ac:82:43:10:36:7e:37:58:
d6:00:4e:5c:aa:0f:00:01:bf:0a:dd:97:b3:f9:0d:
93:bb:bd:da:02:d8:43:d1:4f:bf:87:eb:0f:61:a0:
ee:99:4b:db:3d:5a:02:2d:aa:1d:7d:d1:08:6d:02:
cd:f3:0f:c0:24:12:72:20:cb:71:9f:ee:e2:ff:47:
cb:8f:6c:17:42:51:30:1f:b2:df:86:33:ea:97:4d:
11:e0:a7:88:ac:5f:53:38:c8:c0:7a:94:2c:65:f0:
37:a3:ad:b1:de:bc:ae:0b:2a:2b:89:5c:b7:0a:69:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:04:F1:F3:C9:90:D0:C4:65:4C:0F:C4:C1:39:A5:A6:2C:D5:8E:AB
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/mQTx88mQ0MRlTA_EwTmlpizVjqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
3c:a5:63:a9:90:83:1f:45:5e:38:fa:28:96:a1:d0:15:5f:5d:
1a:20:89:d4:00:ee:bc:fb:03:95:d1:41:ce:e2:4d:b1:53:08:
19:7b:fc:e0:b6:06:83:ce:49:9a:39:ef:30:86:c0:3d:e9:d5:
f2:55:93:43:b4:23:b5:d9:8a:2d:74:68:00:4b:74:98:bf:b3:
5f:7a:e7:df:27:00:6b:04:51:23:81:6c:25:c3:ea:f2:2f:61:
02:d3:eb:9b:9f:6d:b8:01:1b:c0:9c:9a:15:27:98:c6:9b:f6:
af:3c:2f:39:bc:f3:4e:6e:42:84:38:44:9d:ad:5a:d8:06:56:
7e:42:44:6f:23:a3:ff:42:eb:8e:07:a7:cb:78:9f:56:02:e1:
34:7b:9d:08:51:a9:05:16:93:42:65:9b:46:74:9d:f8:4c:8f:
7d:07:df:3c:1f:d1:fa:8c:a3:56:e0:2e:08:3b:54:b7:b1:fe:
28:b9:c7:9e:27:97:2f:8c:bb:ad:21:92:1a:58:a7:fa:41:d1:
6c:e2:d2:b7:b4:32:9c:36:b3:cc:61:a2:3c:63:21:15:56:65:
27:18:30:de:9d:bb:bb:43:f8:a2:be:bc:fa:66:e1:fe:b8:94:
db:80:bd:e2:b9:43:36:3d:e6:53:51:19:9d:8c:78:c9:ba:f1:
5e:03:c5:52
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzC2zmYelqDso+WvgrZpVHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA0ZjFmM2M5OTBkMGM0NjU0YzBmYzRjMTM5YTVhNjJjZDU4ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGOyqDk/GgZDCaZ6QUJ2JeC4Mjvj
MUApLkgK02UBZ9vqPUy9uFdgBn71Ihu9Td6HulIciTnTmakKRyvQh7CZ0R7NDyps
CgF02Dy18Q1FZvjcMRPar+cLsRX27F7imnEOeCF992jqOxi3m7LbOhEm09egI1zS
dOyI7ntEvzBkL7C6ow4gOFyHK/rrmMoerIJDEDZ+N1jWAE5cqg8AAb8K3Zez+Q2T
u73aAthD0U+/h+sPYaDumUvbPVoCLaodfdEIbQLN8w/AJBJyIMtxn+7i/0fLj2wX
QlEwH7LfhjPql00R4KeIrF9TOMjAepQsZfA3o62x3ryuCyoriVy3CmmHpwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFJkE8fPJkNDEZUwPxME5paYs1Y6rMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL21RVHg4OG1RME1SbFRBX0V3VG1scGl6Vmpxcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBC3A
AB0wDQYJKoZIhvcNAQELBQADggEBADylY6mQgx9FXjj6KJah0BVfXRogidQA7rz7
A5XRQc7iTbFTCBl7/OC2BoPOSZo57zCGwD3p1fJVk0O0I7XZii10aABLdJi/s196
598nAGsEUSOBbCXD6vIvYQLT65ufbbgBG8CcmhUnmMab9q88Lzm8805uQoQ4RJ2t
WtgGVn5CRG8jo/9C644Hp8t4n1YC4TR7nQhRqQUWk0Jlm0Z0nfhMj30H3zwf0fqM
o1bgLgg7VLex/ii5x54nly+Mu60hkhpYp/pB0Wzi0re0Mpw2s8xhojxjIRVWZScY
MN6du7tD+KK+vPpm4f64lNuAveK5QzY95lNRGZ2MeMm68V4DxVI=
-----END CERTIFICATE-----
Generated at Tue May 21 17:12:44 2024 by rpki-client on console-fra.rpki-client.org