Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/Mqk7D_EpavTTrhvXbKz-4uO5ssk.roa
File: Mqk7D_EpavTTrhvXbKz-4uO5ssk.roa (raw, json)
Hash identifier: R35aR03+xWaLj3RdshTBwjB/30yZD8pfFDuNVs67jgU=
Subject key identifier: 32:A9:3B:0F:F1:29:6A:F4:D3:AE:1B:D7:6C:AC:FE:E2:E3:B9:B2:C9
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 018CEEB1864CC202451D4008AD4CED2A22EB
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/Mqk7D_EpavTTrhvXbKz-4uO5ssk.roa
Signing time: Tue 09 Jan 2024 14:47:40 +0000
ROA not before: Tue 09 Jan 2024 14:47:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 202.22.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:b1:86:4c:c2:02:45:1d:40:08:ad:4c:ed:2a:22:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Jan 9 14:47:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a93b0ff1296af4d3ae1bd76cacfee2e3b9b2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:17:e2:f6:d3:dc:db:37:28:22:cc:c1:68:
62:63:9d:13:aa:e0:ae:5e:cd:b8:11:84:6c:ff:c3:
4a:0e:a1:44:b1:d1:71:b7:5e:6c:0b:0e:03:d2:cb:
c7:72:e6:ec:c9:c4:cd:be:fb:53:6f:d6:a3:78:dc:
09:0a:c8:63:ee:3a:0b:71:56:2c:4d:bb:24:fc:f7:
07:42:73:ab:99:22:e9:5b:8b:f9:e1:c3:ac:92:7f:
cb:20:dd:d4:df:c5:76:15:93:44:11:e6:38:64:d4:
ba:27:6b:bd:a4:e0:5d:b3:37:22:b3:83:59:3c:bc:
cb:dd:28:e1:24:40:57:05:29:8b:43:8f:01:f2:26:
ec:09:a8:b9:29:09:d4:9d:1e:d2:23:d5:d1:31:f7:
af:21:71:d1:e6:7c:76:94:cd:d3:d0:42:d7:c5:df:
5b:4b:2b:65:78:9e:b5:0f:0b:92:55:73:4a:dc:12:
65:38:83:ea:cd:fb:27:1c:26:aa:bf:0f:5d:d4:67:
04:04:1c:1d:1a:92:f8:72:06:8e:fa:14:e2:45:e3:
e2:2a:85:3b:e9:3e:78:7b:69:d5:96:5c:f0:7b:33:
cb:f3:e0:3a:67:bc:16:05:18:ca:84:f5:10:2c:c2:
fb:41:93:50:92:65:f2:59:7a:ba:47:cb:5c:93:27:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A9:3B:0F:F1:29:6A:F4:D3:AE:1B:D7:6C:AC:FE:E2:E3:B9:B2:C9
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/Mqk7D_EpavTTrhvXbKz-4uO5ssk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.22.173.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f2:6b:62:d7:b0:1d:8a:2e:c6:36:5c:35:d8:0a:00:0d:da:
ff:66:59:18:a5:55:6b:ed:0e:9d:97:cb:04:a8:c9:c8:b0:3d:
2a:9a:21:4e:e4:12:b0:b9:24:a4:03:ed:2a:9d:6b:26:ba:0a:
3e:73:1c:cd:ae:10:ec:d1:d2:1b:c6:ee:82:6a:4e:ce:98:69:
a5:c0:ef:20:31:0a:39:e9:90:61:d7:5f:1f:1e:f9:60:6b:3f:
78:67:a3:15:7a:63:7d:da:cb:82:54:4a:85:85:bf:36:96:bc:
c9:ec:c0:16:b9:b3:ab:63:e4:67:23:36:19:62:44:46:07:2b:
35:4a:0f:94:f5:f7:bf:e9:f3:43:49:03:51:90:c4:64:f7:82:
03:4b:9c:61:51:b5:95:62:47:0d:9a:ae:f5:2c:84:e2:da:ea:
c2:cc:00:0d:e1:75:fa:2d:80:14:8f:9b:3d:15:ea:b8:a6:aa:
6c:f1:49:fb:ad:f3:91:b8:90:99:26:f0:ed:89:fe:09:a9:b7:
5c:6b:a1:ad:d1:64:be:e0:c7:cc:b2:06:5b:6d:1e:0b:76:b3:
eb:92:d1:0e:39:42:86:4c:78:a8:2c:1a:5b:b9:bc:bd:5d:20:
41:e2:e6:d0:54:e8:5b:3b:e6:cc:0d:db:41:84:6c:84:de:7c:
4e:b2:e0:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzusYZMwgJFHUAIrUztKiLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjQwMTA5MTQ0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmE5M2IwZmYxMjk2YWY0ZDNhZTFiZDc2Y2FjZmVlMmUzYjliMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNMX4vbT3Ns3KCLMwWhiY50TquCu
Xs24EYRs/8NKDqFEsdFxt15sCw4D0svHcubsycTNvvtTb9ajeNwJCshj7joLcVYs
Tbsk/PcHQnOrmSLpW4v54cOskn/LIN3U38V2FZNEEeY4ZNS6J2u9pOBdszcis4NZ
PLzL3SjhJEBXBSmLQ48B8ibsCai5KQnUnR7SI9XRMfevIXHR5nx2lM3T0ELXxd9b
SytleJ61DwuSVXNK3BJlOIPqzfsnHCaqvw9d1GcEBBwdGpL4cgaO+hTiRePiKoU7
6T54e2nVllzwezPL8+A6Z7wWBRjKhPUQLML7QZNQkmXyWXq6R8tckyeLGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKpOw/xKWr0064b12ys/uLjubLJMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvTXFrN0RfRXBhdlRUcmh2WGJLei00dU81c3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhatMA0G
CSqGSIb3DQEBCwUAA4IBAQAA8mti17Adii7GNlw12AoADdr/ZlkYpVVr7Q6dl8sE
qMnIsD0qmiFO5BKwuSSkA+0qnWsmugo+cxzNrhDs0dIbxu6Cak7OmGmlwO8gMQo5
6ZBh118fHvlgaz94Z6MVemN92suCVEqFhb82lrzJ7MAWubOrY+RnIzYZYkRGBys1
Sg+U9fe/6fNDSQNRkMRk94IDS5xhUbWVYkcNmq71LITi2urCzAAN4XX6LYAUj5s9
Feq4pqps8Un7rfORuJCZJvDtif4Jqbdca6Gt0WS+4MfMsgZbbR4LdrPrktEOOUKG
THioLBpbuby9XSBB4ubQVOhbO+bMDdtBhGyE3nxOsuDm
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:41 2024 by rpki-client on console-fra.rpki-client.org