Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MqMUsepTXLp2ST0wRwgMM740SoA.roa
File: MqMUsepTXLp2ST0wRwgMM740SoA.roa (raw, json)
Hash identifier: g3i8LLmod0BpxlAMW3xsHkXblVwwxJyIpV1uWxe9UOk=
Subject key identifier: 32:A3:14:B1:EA:53:5C:BA:76:49:3D:30:47:08:0C:33:BE:34:4A:80
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0193403E1351828A4852273BB9C9C5DDD4AE
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MqMUsepTXLp2ST0wRwgMM740SoA.roa
Signing time: Mon 18 Nov 2024 17:07:10 +0000
ROA not before: Mon 18 Nov 2024 17:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 2a04:c106::/32 maxlen: 32
2a0a:b43::/32 maxlen: 32
2a0a:3545::/32 maxlen: 32
2a0a:3546::/32 maxlen: 32
2a0a:f200::/29 maxlen: 29
2a10:d8c0::/32 maxlen: 32
2a11:b85::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:3e:13:51:82:8a:48:52:27:3b:b9:c9:c5:dd:d4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Nov 18 17:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a314b1ea535cba76493d3047080c33be344a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8d:28:17:96:bf:53:5c:98:52:92:7c:6e:13:
bf:bb:73:74:3e:8c:ce:da:41:5e:c1:09:a6:91:e0:
e8:10:96:4c:31:35:c5:fa:bb:f5:19:66:e1:b7:8f:
ea:74:33:1a:fe:22:87:10:e2:58:2a:f1:d6:92:3f:
0c:dc:1a:d8:00:cb:d6:73:3d:43:9f:82:ae:9c:45:
32:90:e5:ec:5a:09:c4:4f:83:a4:44:e8:9b:45:d5:
cd:80:cf:20:5d:83:a7:36:e0:94:28:26:2b:43:42:
6e:67:10:1f:6a:07:3f:42:a7:04:52:9f:a1:08:eb:
c8:c6:76:6d:f6:e1:c0:b9:01:a2:17:30:bb:3f:10:
f1:79:33:cc:65:b2:18:c3:b9:15:72:65:5f:e6:c3:
76:97:85:fc:53:60:71:30:c3:d9:2a:50:0b:39:23:
bf:52:1c:60:68:84:78:c6:11:0a:21:ff:d1:71:4e:
70:b5:9a:ce:5a:4e:61:d3:f6:49:72:5e:84:ea:a3:
b0:2a:f8:ea:4d:38:9b:c2:b7:04:04:55:90:0d:31:
38:2f:d7:7e:27:ee:31:20:fe:e2:0e:15:43:37:38:
5f:33:f6:6c:26:64:86:30:4c:00:ca:f1:db:88:96:
17:6d:30:70:9a:e6:6f:e8:16:40:92:0a:36:f8:92:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A3:14:B1:EA:53:5C:BA:76:49:3D:30:47:08:0C:33:BE:34:4A:80
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MqMUsepTXLp2ST0wRwgMM740SoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c106::/32
2a0a:b43::/32
2a0a:3545::-2a0a:3546:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:f200::/29
2a10:d8c0::/32
2a11:b85::/32
Signature Algorithm: sha256WithRSAEncryption
9b:d8:5d:41:eb:a8:ec:84:81:03:f3:4a:68:60:d5:10:9d:60:
34:7f:52:03:ce:3a:9b:9a:49:f9:0f:ca:f6:eb:f1:c0:44:a5:
b6:5e:bc:5d:af:a2:e8:eb:4b:8d:88:f5:3d:30:7c:56:f6:c8:
99:8b:a8:43:41:d9:6f:e5:85:07:7a:41:bf:46:98:4e:e4:98:
85:68:c7:7e:85:b5:43:3c:f5:01:51:05:bc:c3:38:b2:40:3e:
fe:a6:3b:0d:20:46:cd:9b:19:b2:1b:d2:b3:c2:a4:4c:d4:25:
75:33:00:67:ac:cf:e1:1e:df:15:76:e4:05:dc:0a:7f:f3:36:
89:d6:4b:a7:e3:3a:9b:a6:6f:c6:62:a6:76:74:64:29:b6:6f:
db:2b:f0:e4:3c:89:7f:83:8a:69:85:6e:08:db:2c:c7:a8:16:
6d:ac:e2:2a:67:25:d3:ea:8d:d2:e8:43:d4:e8:c8:b1:b0:e6:
63:d9:65:57:2a:0d:62:ff:a3:99:3d:72:a5:c6:79:e5:81:59:
00:16:e4:8b:63:47:ac:ba:d3:f3:f0:74:e8:d6:06:b1:ba:6c:
ac:32:9e:05:fc:65:e9:f6:6c:53:5a:c5:f9:93:e5:5c:34:30:
c3:7c:57:ad:bd:ea:aa:11:5b:3d:2b:d9:57:a3:e6:0e:5d:79:
59:45:ee:8d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZNAPhNRgopIUic7ucnF3dSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMTE4MTcwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmEzMTRiMWVhNTM1Y2JhNzY0OTNkMzA0NzA4MGMzM2JlMzQ0YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI0oF5a/U1yYUpJ8bhO/u3N0PozO
2kFewQmmkeDoEJZMMTXF+rv1GWbht4/qdDMa/iKHEOJYKvHWkj8M3BrYAMvWcz1D
n4KunEUykOXsWgnET4OkROibRdXNgM8gXYOnNuCUKCYrQ0JuZxAfagc/QqcEUp+h
COvIxnZt9uHAuQGiFzC7PxDxeTPMZbIYw7kVcmVf5sN2l4X8U2BxMMPZKlALOSO/
UhxgaIR4xhEKIf/RcU5wtZrOWk5h0/ZJcl6E6qOwKvjqTTibwrcEBFWQDTE4L9d+
J+4xIP7iDhVDNzhfM/ZsJmSGMEwAyvHbiJYXbTBwmuZv6BZAkgo2+JJ3kQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDKjFLHqU1y6dkk9MEcIDDO+NEqAMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvTXFNVXNlcFRYTHAyU1Qwd1J3Z01NNzQwU29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUAKgTBBgMF
ACoKC0MwDgMFACoKNUUDBQAqCjVGAwUDKgryAAMFACoQ2MADBQAqEQuFMA0GCSqG
SIb3DQEBCwUAA4IBAQCb2F1B66jshIED80poYNUQnWA0f1IDzjqbmkn5D8r26/HA
RKW2Xrxdr6Lo60uNiPU9MHxW9siZi6hDQdlv5YUHekG/RphO5JiFaMd+hbVDPPUB
UQW8wziyQD7+pjsNIEbNmxmyG9KzwqRM1CV1MwBnrM/hHt8VduQF3Ap/8zaJ1kun
4zqbpm/GYqZ2dGQptm/bK/DkPIl/g4pphW4I2yzHqBZtrOIqZyXT6o3S6EPU6Mix
sOZj2WVXKg1i/6OZPXKlxnnlgVkAFuSLY0esutPz8HTo1gaxumysMp4F/GXp9mxT
WsX5k+VcNDDDfFetveqqEVs9K9lXo+YOXXlZRe6N
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:49 2024 by rpki-client on console-fra.rpki-client.org