Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/MdWBZtfN5CSdaop1kaAfzP5wniA.roa
File: MdWBZtfN5CSdaop1kaAfzP5wniA.roa (raw, json)
Hash identifier: eZkXOYbJEsyiynhAMVNKKjNhR7OwV0TTht7Dr9VQUXU=
Subject key identifier: 31:D5:81:66:D7:CD:E4:24:9D:6A:8A:75:91:A0:1F:CC:FE:70:9E:20
Certificate issuer: /CN=d397dc0caa997d504b5a3f0eaf7b18ea730ce8a3
Certificate serial: 018CC3B67A1D22D37D5899C2513FC84B5BBE
Authority key identifier: D3:97:DC:0C:AA:99:7D:50:4B:5A:3F:0E:AF:7B:18:EA:73:0C:E8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05fcDKqZfVBLWj8Or3sY6nMM6KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/MdWBZtfN5CSdaop1kaAfzP5wniA.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41953
IP address blocks: 91.206.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/05fcDKqZfVBLWj8Or3sY6nMM6KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/05fcDKqZfVBLWj8Or3sY6nMM6KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/05fcDKqZfVBLWj8Or3sY6nMM6KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7a:1d:22:d3:7d:58:99:c2:51:3f:c8:4b:5b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d397dc0caa997d504b5a3f0eaf7b18ea730ce8a3
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31d58166d7cde4249d6a8a7591a01fccfe709e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:76:89:f1:42:2b:e1:ee:93:f3:da:ee:67:5e:
b2:a5:44:c5:d6:c7:da:3b:74:5e:5a:19:1d:e9:3e:
6a:94:3f:26:c9:c6:d6:65:7e:df:97:5e:4a:06:e6:
5d:01:a6:0f:49:7b:57:92:c4:3c:56:10:7d:d5:74:
dc:04:97:9c:a0:dd:18:d1:43:8b:8a:66:dc:c9:08:
3f:1a:24:62:fc:99:16:de:a7:99:14:d2:69:ee:c2:
35:af:ec:17:ab:b0:fe:bd:7f:5a:fe:ed:f9:39:f7:
41:b3:3d:00:32:a7:93:02:73:c5:32:aa:8b:b7:fe:
e8:85:46:fd:4e:85:d7:f9:a0:61:40:4e:27:83:6b:
6a:c7:56:0f:1d:9f:83:65:b9:53:76:3c:55:7d:60:
37:a5:47:15:a7:a7:62:af:f9:a4:48:40:4a:a6:cb:
19:c7:e9:f7:73:a1:fc:6e:d6:4a:e0:3c:be:61:5e:
d8:e7:52:c6:5a:e1:24:d3:05:8a:f3:83:e3:30:49:
50:8e:20:3a:76:15:a3:35:3d:2d:29:52:44:51:0c:
2d:a7:f0:c2:80:38:72:1b:62:26:91:11:76:f2:a6:
ac:9c:65:f3:d2:a2:59:a5:9d:62:13:6a:70:52:eb:
56:4f:6d:bc:ed:ea:a4:e8:c3:3d:6e:fa:bc:85:05:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D5:81:66:D7:CD:E4:24:9D:6A:8A:75:91:A0:1F:CC:FE:70:9E:20
X509v3 Authority Key Identifier:
keyid:D3:97:DC:0C:AA:99:7D:50:4B:5A:3F:0E:AF:7B:18:EA:73:0C:E8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05fcDKqZfVBLWj8Or3sY6nMM6KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/MdWBZtfN5CSdaop1kaAfzP5wniA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0d43e3-3e44-4a82-89b4-8ba438e76b53/1/05fcDKqZfVBLWj8Or3sY6nMM6KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.123.0/24
Signature Algorithm: sha256WithRSAEncryption
95:9b:bf:9e:78:49:79:35:1d:4e:de:33:7b:5f:7e:c8:11:15:
11:6c:e3:40:26:f5:fa:19:c7:f5:dc:1e:d1:85:f8:fd:24:31:
11:50:29:3a:6b:ad:58:fa:db:08:47:0e:41:65:b1:6d:f5:3c:
e4:c0:6b:2f:82:ae:08:95:a8:14:d8:e5:35:b9:8e:b3:e2:de:
ab:7c:fc:d4:f3:b6:8d:bb:c4:1c:89:52:fa:76:75:96:f9:21:
3f:b3:1d:9c:d0:cf:7b:e0:5a:fc:b6:c8:15:1e:a7:48:e7:b3:
5d:dc:00:d8:35:a6:4d:8f:05:ad:a8:3b:57:35:0c:53:1f:c9:
c4:bc:3a:e7:99:9f:85:b7:3b:84:00:d4:50:89:15:73:01:ab:
c0:aa:7b:f0:fb:86:ff:bb:f2:a7:5c:cb:fb:82:7b:61:f6:36:
fc:4b:1e:d0:8f:07:4e:88:d1:1c:a9:58:ae:cc:ef:45:bb:ca:
d4:17:e3:b2:b7:ad:72:0e:45:f2:b0:c1:ac:bb:4e:94:1f:12:
bd:a6:7e:44:3d:f8:78:5d:9a:4e:82:ea:b2:4f:0b:69:57:cc:
f8:eb:d7:89:39:cd:0f:a7:62:65:0d:1e:fa:fa:9a:8e:43:16:
fc:b0:9d:71:29:83:2c:0d:96:27:8f:69:70:90:60:0a:1a:d6:
92:86:22:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnodItN9WJnCUT/IS1u+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTdkYzBjYWE5OTdkNTA0YjVhM2YwZWFmN2IxOGVhNzMw
Y2U4YTMwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ1ODE2NmQ3Y2RlNDI0OWQ2YThhNzU5MWEwMWZjY2ZlNzA5ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HaJ8UIr4e6T89ruZ16ypUTF1sfa
O3ReWhkd6T5qlD8mycbWZX7fl15KBuZdAaYPSXtXksQ8VhB91XTcBJecoN0Y0UOL
imbcyQg/GiRi/JkW3qeZFNJp7sI1r+wXq7D+vX9a/u35OfdBsz0AMqeTAnPFMqqL
t/7ohUb9ToXX+aBhQE4ng2tqx1YPHZ+DZblTdjxVfWA3pUcVp6dir/mkSEBKpssZ
x+n3c6H8btZK4Dy+YV7Y51LGWuEk0wWK84PjMElQjiA6dhWjNT0tKVJEUQwtp/DC
gDhyG2ImkRF28qasnGXz0qJZpZ1iE2pwUutWT2287eqk6MM9bvq8hQXgpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHVgWbXzeQknWqKdZGgH8z+cJ4gMB8GA1UdIwQY
MBaAFNOX3AyqmX1QS1o/Dq97GOpzDOijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVmY0RLcVpmVkJMV2o4T3Izc1k2bk1NNktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wZDQzZTMtM2U0NC00YTgyLTg5YjQt
OGJhNDM4ZTc2YjUzLzEvTWRXQlp0Zk41Q1NkYW9wMWthQWZ6UDV3bmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wZDQzZTMtM2U0NC00YTgyLTg5YjQtOGJhNDM4ZTc2YjUz
LzEvMDVmY0RLcVpmVkJMV2o4T3Izc1k2bk1NNktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW857MA0G
CSqGSIb3DQEBCwUAA4IBAQCVm7+eeEl5NR1O3jN7X37IERURbONAJvX6Gcf13B7R
hfj9JDERUCk6a61Y+tsIRw5BZbFt9TzkwGsvgq4IlagU2OU1uY6z4t6rfPzU87aN
u8QciVL6dnWW+SE/sx2c0M974Fr8tsgVHqdI57Nd3ADYNaZNjwWtqDtXNQxTH8nE
vDrnmZ+FtzuEANRQiRVzAavAqnvw+4b/u/KnXMv7gnth9jb8Sx7QjwdOiNEcqViu
zO9Fu8rUF+Oyt61yDkXysMGsu06UHxK9pn5EPfh4XZpOguqyTwtpV8z469eJOc0P
p2JlDR76+pqOQxb8sJ1xKYMsDZYnj2lwkGAKGtaShiJ5
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:30:34 2024 by rpki-client on console-ams.rpki-client.org