Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MSqub2ADYzqO9vgMLaV-ADkvX00.roa
File: MSqub2ADYzqO9vgMLaV-ADkvX00.roa (raw, json)
Hash identifier: atrduMdjiMGHyMU9caMA9tXErnHnuqEw6JXW78l3/y8=
Subject key identifier: 31:2A:AE:6F:60:03:63:3A:8E:F6:F8:0C:2D:A5:7E:00:39:2F:5F:4D
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0193392A3EED6ADD3DE9A23BCC0C17804462
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MSqub2ADYzqO9vgMLaV-ADkvX00.roa
Signing time: Sun 17 Nov 2024 08:08:10 +0000
ROA not before: Sun 17 Nov 2024 08:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a09:1a00::/29 maxlen: 29
2a09:3a80::/29 maxlen: 29
2a0e:f740::/29 maxlen: 29
2a12:3c0::/29 maxlen: 29
2a12:a880::/29 maxlen: 29
2a12:e700::/29 maxlen: 29
2a12:ed80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:39:2a:3e:ed:6a:dd:3d:e9:a2:3b:cc:0c:17:80:44:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Nov 17 08:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=312aae6f6003633a8ef6f80c2da57e00392f5f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:aa:f7:b3:5d:75:40:9c:36:e6:a0:49:a5:02:
99:ae:f3:ec:bb:35:4f:e8:c1:bc:c3:d3:36:d2:92:
ee:42:25:40:b8:09:6a:45:29:ba:4c:d1:09:ca:48:
d8:a6:2c:cd:72:9e:96:6d:95:60:54:65:17:e5:7b:
f9:25:38:ea:78:66:b8:04:1b:31:4b:f9:94:1c:2e:
44:1f:bc:7f:8f:fe:32:e0:fc:55:d9:7d:68:6d:b1:
a1:b2:fc:29:72:82:a1:15:77:e9:d6:e6:06:fa:de:
11:f9:1c:97:47:43:65:c6:ee:ef:f0:3f:3f:f3:de:
f2:3a:22:88:ef:ed:70:1f:b4:bf:2e:f3:15:19:65:
b9:14:aa:0f:88:0b:9d:3c:ba:1d:3a:03:6d:24:e5:
ae:a9:31:d0:11:48:40:e5:cc:f8:a5:c8:59:01:11:
7c:ce:6c:70:04:fc:66:54:dc:7b:da:65:9d:d3:b6:
39:98:e4:a5:5c:d1:cb:f5:03:20:63:6d:a4:d7:c3:
49:e0:e3:89:d9:f8:63:34:c2:c9:2e:d3:43:cd:72:
04:41:ce:8d:06:04:db:e4:37:60:1e:b1:c6:5b:52:
d7:c8:5e:5d:5c:b0:1b:91:4c:eb:33:4f:c6:8b:c8:
e1:63:8b:7e:ae:60:cb:d0:c7:1a:8e:aa:52:f5:f6:
93:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2A:AE:6F:60:03:63:3A:8E:F6:F8:0C:2D:A5:7E:00:39:2F:5F:4D
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MSqub2ADYzqO9vgMLaV-ADkvX00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:1a00::/29
2a09:3a80::/29
2a0e:f740::/29
2a12:3c0::/29
2a12:a880::/29
2a12:e700::/29
2a12:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
13:fe:a5:02:f4:a9:0e:97:3e:5a:fd:3b:37:84:78:f2:a7:40:
0e:48:e6:cd:2d:b2:28:e4:18:ec:bc:83:63:67:90:89:1f:79:
fd:7e:d4:ec:8f:20:19:8c:68:f2:70:fb:ae:7e:94:c5:2b:7b:
18:8f:3c:c2:84:05:bc:36:7a:ca:f2:df:db:c5:ce:e5:6e:83:
08:cf:4e:81:c5:63:ce:fb:5a:db:8a:a6:0a:95:d8:6f:33:c9:
b1:e0:bd:6f:ff:eb:c8:32:9f:02:af:d1:93:03:5c:19:9f:b8:
4f:8e:eb:ee:1f:ab:f6:a2:6c:3b:5c:d4:f1:ce:f6:6f:72:53:
de:7d:29:45:ff:5e:ba:60:51:88:25:64:82:20:d0:54:b8:9f:
77:1b:98:73:0d:79:ea:bd:94:06:4b:91:9f:e2:6c:dd:e7:f9:
81:cf:d3:98:8f:d6:40:83:30:57:61:01:63:3a:9f:e8:a6:59:
83:6c:02:c1:8c:ff:8a:dc:de:41:d0:af:54:4b:8d:98:58:d4:
e2:7e:76:a3:f2:fe:4d:79:64:f0:3d:0f:07:cb:7e:dc:f4:6f:
a5:59:c3:92:19:2c:d5:58:0e:90:79:56:7c:0c:6e:a6:8b:74:
aa:35:ba:31:36:da:1f:94:69:21:be:4e:d3:6d:91:7c:d9:b6:
07:86:af:bf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZM5Kj7tat096aI7zAwXgERiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQxMTE3MDgwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJhYWU2ZjYwMDM2MzNhOGVmNmY4MGMyZGE1N2UwMDM5MmY1ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKr3s111QJw25qBJpQKZrvPsuzVP
6MG8w9M20pLuQiVAuAlqRSm6TNEJykjYpizNcp6WbZVgVGUX5Xv5JTjqeGa4BBsx
S/mUHC5EH7x/j/4y4PxV2X1obbGhsvwpcoKhFXfp1uYG+t4R+RyXR0Nlxu7v8D8/
897yOiKI7+1wH7S/LvMVGWW5FKoPiAudPLodOgNtJOWuqTHQEUhA5cz4pchZARF8
zmxwBPxmVNx72mWd07Y5mOSlXNHL9QMgY22k18NJ4OOJ2fhjNMLJLtNDzXIEQc6N
BgTb5DdgHrHGW1LXyF5dXLAbkUzrM0/Gi8jhY4t+rmDL0McajqpS9faTfwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDEqrm9gA2M6jvb4DC2lfgA5L19NMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvTVNxdWIyQURZenFPOXZnTUxhVi1BRGt2WDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgkaAAMF
AyoJOoADBQMqDvdAAwUDKhIDwAMFAyoSqIADBQMqEucAAwUDKhLtgDANBgkqhkiG
9w0BAQsFAAOCAQEAE/6lAvSpDpc+Wv07N4R48qdADkjmzS2yKOQY7LyDY2eQiR95
/X7U7I8gGYxo8nD7rn6UxSt7GI88woQFvDZ6yvLf28XO5W6DCM9OgcVjzvta24qm
CpXYbzPJseC9b//ryDKfAq/RkwNcGZ+4T47r7h+r9qJsO1zU8c72b3JT3n0pRf9e
umBRiCVkgiDQVLifdxuYcw156r2UBkuRn+Js3ef5gc/TmI/WQIMwV2EBYzqf6KZZ
g2wCwYz/itzeQdCvVEuNmFjU4n52o/L+TXlk8D0PB8t+3PRvpVnDkhks1VgOkHlW
fAxupot0qjW6MTbaH5RpIb5O022RfNm2B4avvw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:04 2024 by rpki-client on console-ams.rpki-client.org