Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/MSAGJvcc1StXHJSzSb0NA0qRObY.roa
File: MSAGJvcc1StXHJSzSb0NA0qRObY.roa (raw, json)
Hash identifier: PKDiHO05RnctEIh8lZhGRARYlweDXO30i2f8xR9+PfU=
Subject key identifier: 31:20:06:26:F7:1C:D5:2B:57:1C:94:B3:49:BD:0D:03:4A:91:39:B6
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 018CC3B7215AC8AF3F2A00BE04791AD8A773
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/MSAGJvcc1StXHJSzSb0NA0qRObY.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203329
IP address blocks: 2a00:b404:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:21:5a:c8:af:3f:2a:00:be:04:79:1a:d8:a7:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31200626f71cd52b571c94b349bd0d034a9139b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1e:9d:1d:60:b6:95:8b:17:6d:00:a4:b5:39:
bb:ce:6e:e2:12:f4:40:81:47:36:06:67:13:3b:b8:
c6:24:29:19:10:21:2e:2c:ba:6f:23:a8:11:94:3d:
44:4a:60:e4:b9:f1:f4:68:c9:cc:a0:31:95:df:76:
dc:11:f2:97:de:a6:9a:ed:24:a0:7f:c3:d7:c3:84:
9d:89:6c:88:32:97:c8:d6:94:e7:bb:58:62:cc:32:
34:81:22:5a:04:8f:25:1d:69:33:23:1b:15:0c:2d:
d4:21:15:43:06:8c:6d:fb:a7:c4:da:82:7f:8d:da:
ad:cb:ba:1b:26:43:06:43:50:c7:28:77:9c:e0:fa:
30:73:68:71:28:06:c0:16:dc:14:27:a8:06:f8:83:
e3:22:3e:d3:ea:ab:bb:f5:a6:47:52:62:95:8d:d2:
19:2e:af:62:4d:af:41:4b:78:59:6d:ac:4f:11:ae:
f3:d4:73:37:f1:73:88:8e:26:f6:31:af:8c:dc:02:
18:06:12:ac:b4:c8:b2:0a:62:e2:1f:1e:cb:09:cd:
90:b9:06:88:48:3c:50:25:31:f3:cf:a5:fa:c1:23:
08:12:05:ce:58:e9:f1:95:2a:6a:59:a1:50:93:d1:
81:3a:bc:f5:62:26:49:71:5f:85:06:d8:77:6f:5b:
43:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:20:06:26:F7:1C:D5:2B:57:1C:94:B3:49:BD:0D:03:4A:91:39:B6
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/MSAGJvcc1StXHJSzSb0NA0qRObY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:b404:e000::/36
Signature Algorithm: sha256WithRSAEncryption
1e:9b:b6:fb:21:e6:ee:a3:c5:4e:8f:ce:83:11:b4:94:9b:08:
b2:cd:e1:66:25:b7:5d:b0:ad:45:a6:f2:ed:1d:14:4a:13:f6:
85:37:9b:12:d9:bd:10:27:d5:20:86:26:e2:56:ea:2c:cb:ad:
c6:dd:9b:09:b4:67:05:37:19:90:40:b8:7d:1f:29:41:2a:83:
37:0e:69:62:b9:b6:9f:bf:f4:3c:46:bf:f2:14:9b:a6:49:45:
a2:86:a5:48:f3:91:6e:68:dc:5f:2e:90:d6:a6:a5:ee:01:7e:
dd:a1:6b:62:5c:09:ef:ba:e2:4e:85:db:89:3f:cc:b4:27:64:
d9:24:0c:a8:13:66:a3:48:58:1c:67:23:fa:98:c8:e2:54:4f:
97:bf:c9:2c:14:80:e3:8b:ce:14:ed:96:63:7d:0a:df:72:df:
7d:59:cf:38:74:27:83:1b:18:6a:6c:cf:1e:14:81:18:2f:37:
dc:e7:af:29:f0:c4:d4:a2:4e:f2:2b:6d:44:c1:4b:73:f1:77:
6b:69:76:b5:7d:6d:db:28:22:53:b9:14:e9:fe:d3:42:bd:41:
56:d5:47:64:34:a0:bb:49:b4:a4:12:b6:81:76:6b:0c:98:ca:
15:f6:e0:f3:c7:88:f7:72:21:9c:44:69:46:ed:cb:df:e8:ad:
cb:41:e1:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDtyFayK8/KgC+BHka2KdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIwMDYyNmY3MWNkNTJiNTcxYzk0YjM0OWJkMGQwMzRhOTEzOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB6dHWC2lYsXbQCktTm7zm7iEvRA
gUc2BmcTO7jGJCkZECEuLLpvI6gRlD1ESmDkufH0aMnMoDGV33bcEfKX3qaa7SSg
f8PXw4SdiWyIMpfI1pTnu1hizDI0gSJaBI8lHWkzIxsVDC3UIRVDBoxt+6fE2oJ/
jdqty7obJkMGQ1DHKHec4Powc2hxKAbAFtwUJ6gG+IPjIj7T6qu79aZHUmKVjdIZ
Lq9iTa9BS3hZbaxPEa7z1HM38XOIjib2Ma+M3AIYBhKstMiyCmLiHx7LCc2QuQaI
SDxQJTHzz6X6wSMIEgXOWOnxlSpqWaFQk9GBOrz1YiZJcV+FBth3b1tD1wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDEgBib3HNUrVxyUs0m9DQNKkTm2MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvTVNBR0p2Y2MxU3RYSEpTelNiME5BMHFST2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgC0BOAw
DQYJKoZIhvcNAQELBQADggEBAB6btvsh5u6jxU6PzoMRtJSbCLLN4WYlt12wrUWm
8u0dFEoT9oU3mxLZvRAn1SCGJuJW6izLrcbdmwm0ZwU3GZBAuH0fKUEqgzcOaWK5
tp+/9DxGv/IUm6ZJRaKGpUjzkW5o3F8ukNampe4Bft2ha2JcCe+64k6F24k/zLQn
ZNkkDKgTZqNIWBxnI/qYyOJUT5e/ySwUgOOLzhTtlmN9Ct9y331Zzzh0J4MbGGps
zx4UgRgvN9znrynwxNSiTvIrbUTBS3Pxd2tpdrV9bdsoIlO5FOn+00K9QVbVR2Q0
oLtJtKQStoF2awyYyhX24PPHiPdyIZxEaUbty9/orctB4VM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:21 2024 by rpki-client on console-fra.rpki-client.org