Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/kMLx4tizMztUO7zcmPmpFn4YkiE.roa
File: kMLx4tizMztUO7zcmPmpFn4YkiE.roa (raw, json)
Hash identifier: 98MJukw9nJ90ZJmyoEmxZvBp42LSuuWUMjZ1sUzlRto=
Subject key identifier: 90:C2:F1:E2:D8:B3:33:3B:54:3B:BC:DC:98:F9:A9:16:7E:18:92:21
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 018CC9BC00111CDA8220F520108E6E1654E8
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/kMLx4tizMztUO7zcmPmpFn4YkiE.roa
Signing time: Tue 02 Jan 2024 10:33:10 +0000
ROA not before: Tue 02 Jan 2024 10:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35052
IP address blocks: 2001:67c:133c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:00:11:1c:da:82:20:f5:20:10:8e:6e:16:54:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 2 10:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90c2f1e2d8b3333b543bbcdc98f9a9167e189221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c8:b3:5a:e2:16:8a:28:0a:07:6a:0c:be:e2:
84:26:d6:61:24:a1:24:82:d2:14:37:76:de:d4:7a:
b5:5e:71:7a:f3:f5:02:2a:7b:0e:a5:2d:e9:a6:94:
80:a0:18:df:44:c8:bb:a3:f5:1a:3c:a3:e7:ee:73:
b2:77:23:20:70:d5:d5:c4:1e:88:49:6f:4a:dc:ad:
ef:e7:92:a2:f2:e1:a9:68:ac:fa:a4:f1:ff:c0:16:
6d:a6:fe:f7:9f:c6:b8:4d:2b:b3:9a:0a:c5:ee:86:
69:ce:f8:b1:3f:5a:78:25:da:ac:40:28:0d:54:e3:
08:bc:9a:05:e9:09:44:1c:87:07:f7:58:bd:1d:10:
18:6e:f6:6d:5d:ab:60:3c:e6:86:95:1e:a5:79:f6:
48:3c:70:a6:f0:fa:c9:d9:23:ba:fb:b6:19:7e:d9:
4c:f3:17:57:7c:7b:06:15:ac:a3:8d:34:f7:62:86:
5b:2f:a6:41:2d:d2:e9:ec:bb:a8:96:75:cb:3d:b6:
dd:7f:37:b2:17:06:ef:cc:97:79:ee:72:ec:21:2c:
94:32:36:0c:3e:3f:49:51:c5:fb:6a:f0:b4:d9:76:
71:09:d4:4c:5a:50:37:41:99:09:c8:4b:c5:af:ce:
61:e0:37:5a:6c:de:58:e8:b3:a9:a6:e0:83:e4:7c:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C2:F1:E2:D8:B3:33:3B:54:3B:BC:DC:98:F9:A9:16:7E:18:92:21
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/kMLx4tizMztUO7zcmPmpFn4YkiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:133c::/48
Signature Algorithm: sha256WithRSAEncryption
00:aa:b3:1c:c4:46:f0:0c:4f:87:72:b4:95:ea:1d:61:26:f4:
a6:ca:80:92:0d:4c:dd:19:b0:87:6a:25:7e:48:5a:be:37:aa:
0b:43:72:a0:bc:d7:54:3e:c4:c9:d3:13:eb:83:7b:b2:71:3a:
15:c8:7d:51:ee:ff:75:8a:88:12:37:6a:77:be:65:15:80:96:
e9:c7:17:6c:c2:6e:de:c6:b2:2e:1a:04:f1:f1:44:7a:21:da:
97:10:b6:b2:98:97:c4:4f:d5:59:e4:98:8c:8c:07:fb:22:a3:
3d:d4:61:b0:fa:29:c3:9d:89:b3:1b:8f:02:31:78:1c:78:ba:
dd:13:97:ac:20:90:c8:df:07:4d:3b:68:c6:ae:a3:c2:7b:08:
ef:78:50:04:65:c8:77:09:5f:6d:d2:6e:36:0c:57:d7:28:1a:
94:a9:8f:e4:61:8c:54:06:b6:37:05:56:10:3d:38:e9:8b:55:
ca:f6:d0:31:02:57:e4:87:8c:da:68:15:ee:5f:ef:c0:8a:e1:
d7:35:12:ea:9e:cc:be:21:01:6a:50:53:a2:03:9c:6a:71:3f:
7f:6e:2d:8c:5e:98:c3:66:27:9c:85:4b:55:46:63:c2:9b:f2:
7b:6c:c1:c8:74:05:26:ef:be:17:c9:03:e0:23:00:ed:7b:7c:
20:da:9e:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvAARHNqCIPUgEI5uFlToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjQwMTAyMTAzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGMyZjFlMmQ4YjMzMzNiNTQzYmJjZGM5OGY5YTkxNjdlMTg5MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcizWuIWiigKB2oMvuKEJtZhJKEk
gtIUN3be1Hq1XnF68/UCKnsOpS3pppSAoBjfRMi7o/UaPKPn7nOydyMgcNXVxB6I
SW9K3K3v55Ki8uGpaKz6pPH/wBZtpv73n8a4TSuzmgrF7oZpzvixP1p4JdqsQCgN
VOMIvJoF6QlEHIcH91i9HRAYbvZtXatgPOaGlR6lefZIPHCm8PrJ2SO6+7YZftlM
8xdXfHsGFayjjTT3YoZbL6ZBLdLp7LuolnXLPbbdfzeyFwbvzJd57nLsISyUMjYM
Pj9JUcX7avC02XZxCdRMWlA3QZkJyEvFr85h4DdabN5Y6LOppuCD5HwUGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJDC8eLYszM7VDu83Jj5qRZ+GJIhMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEva01MeDR0aXpNenRVTzd6Y21QbXBGbjRZa2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBM8
MA0GCSqGSIb3DQEBCwUAA4IBAQAAqrMcxEbwDE+HcrSV6h1hJvSmyoCSDUzdGbCH
aiV+SFq+N6oLQ3KgvNdUPsTJ0xPrg3uycToVyH1R7v91iogSN2p3vmUVgJbpxxds
wm7exrIuGgTx8UR6IdqXELaymJfET9VZ5JiMjAf7IqM91GGw+inDnYmzG48CMXgc
eLrdE5esIJDI3wdNO2jGrqPCewjveFAEZch3CV9t0m42DFfXKBqUqY/kYYxUBrY3
BVYQPTjpi1XK9tAxAlfkh4zaaBXuX+/AiuHXNRLqnsy+IQFqUFOiA5xqcT9/bi2M
XpjDZiechUtVRmPCm/J7bMHIdAUm774XyQPgIwDte3wg2p7V
-----END CERTIFICATE-----
Generated at Sun May 19 06:44:27 2024 by rpki-client on console-ams.rpki-client.org