Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/mSs2GGpXt_LofJ59COBikVNTPJg.roa
File: mSs2GGpXt_LofJ59COBikVNTPJg.roa (raw, json)
Hash identifier: XFX7wqliHm5bFrhb54wvJAuJlwJPtVY2mrtuAWOgj2k=
Subject key identifier: 99:2B:36:18:6A:57:B7:F2:E8:7C:9E:7D:08:E0:62:91:53:53:3C:98
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018E6613EB759FD9F7B5277C366B099D06DF
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/mSs2GGpXt_LofJ59COBikVNTPJg.roa
Signing time: Fri 22 Mar 2024 12:12:45 +0000
ROA not before: Fri 22 Mar 2024 12:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 2a07:6080::/29 maxlen: 29
2a07:6080::/32 maxlen: 32
2a07:6081::/32 maxlen: 32
2a07:6082::/32 maxlen: 32
2a07:6083::/32 maxlen: 32
2a07:6084::/32 maxlen: 32
2a07:6085::/32 maxlen: 32
2a07:6086::/32 maxlen: 32
2a07:6087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:13:eb:75:9f:d9:f7:b5:27:7c:36:6b:09:9d:06:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 22 12:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=992b36186a57b7f2e87c9e7d08e0629153533c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a3:a4:a6:1a:5a:b7:eb:2f:fa:e0:c3:19:3d:
e1:a3:32:b8:8c:10:34:a3:c0:08:ee:0e:d9:3e:b5:
2d:7b:fc:ae:c0:9e:d0:61:c3:50:bb:83:e6:da:ca:
5a:3d:ec:9c:4c:97:23:97:e0:43:ce:61:d5:9d:c3:
48:c1:e8:dc:45:2f:40:db:2e:bf:1c:f0:ea:68:e1:
fc:64:99:d7:b4:25:63:15:48:6a:e7:d4:8e:2d:b4:
bb:6a:90:17:b3:ea:38:07:27:3e:f5:47:ca:89:ac:
ab:16:8f:03:0b:8f:1a:27:6d:2f:75:24:41:5c:84:
38:ce:82:de:fb:b2:bf:d8:0d:ca:d5:e1:f4:b0:3f:
1e:f6:0e:da:b4:79:5d:52:e1:fb:9f:af:1f:53:b6:
d6:dd:50:fb:7b:b7:06:d9:ed:e4:d8:da:1c:19:33:
6f:e5:dc:bd:ac:68:a1:c7:8e:56:ba:b5:8a:d0:70:
6c:d1:28:6b:77:9c:bd:e3:8d:11:95:f7:77:9f:c5:
df:f8:fe:0d:1e:6e:29:52:91:cb:70:f8:83:a2:ac:
fd:2e:27:3f:41:9d:d0:d9:8d:54:4e:49:50:f3:81:
eb:28:c6:bf:a1:77:c4:ed:13:af:e7:ac:ce:51:0b:
d5:f2:1f:98:44:99:e4:b1:01:aa:f7:3f:f5:39:28:
d7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2B:36:18:6A:57:B7:F2:E8:7C:9E:7D:08:E0:62:91:53:53:3C:98
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/mSs2GGpXt_LofJ59COBikVNTPJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6080::/29
Signature Algorithm: sha256WithRSAEncryption
19:0d:6b:8b:64:ba:6b:94:50:6e:d4:84:e8:a6:d6:93:6f:f6:
b7:8c:52:fd:d8:9e:74:2f:90:93:4e:76:36:91:a3:bb:b9:1d:
5c:cb:f6:10:8b:b8:ad:c6:28:b2:9e:a0:be:2f:53:b9:b0:ca:
98:9e:95:13:d9:27:a4:68:90:23:91:81:cd:7f:27:fe:c7:90:
a5:d4:86:50:b7:47:c3:32:8b:ee:53:76:05:e7:60:8c:f0:b7:
eb:3b:e5:85:f1:26:b0:cc:bf:c6:38:54:d4:60:1e:33:0b:49:
a3:2e:4d:e4:cc:f0:7f:e5:88:e1:f5:c8:64:6f:49:68:06:1c:
21:26:e9:0d:12:17:3a:a9:78:0d:ec:6e:50:6a:20:68:ae:12:
fe:b7:72:b6:91:52:c7:3b:e2:94:c1:d0:fb:b3:1c:46:8b:3a:
f3:a3:f8:6c:6d:53:4f:ea:8c:43:40:a2:96:78:e6:4c:ab:96:
b9:d4:ec:2a:d6:03:d4:75:d1:5c:e3:f5:99:91:99:0a:3b:a5:
f5:fc:93:79:0b:30:60:4b:b6:a2:e4:e7:f3:e4:f0:41:2f:f2:
f5:c1:cc:cd:0c:b9:f1:bd:e6:7a:8a:25:ff:d8:c6:38:a3:98:
7e:df:68:35:37:70:3e:5a:66:c0:b7:3a:bd:64:2c:22:fd:7a:
64:27:dd:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5mE+t1n9n3tSd8NmsJnQbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMzIyMTIxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJiMzYxODZhNTdiN2YyZTg3YzllN2QwOGUwNjI5MTUzNTMzYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqOkphpat+sv+uDDGT3hozK4jBA0
o8AI7g7ZPrUte/yuwJ7QYcNQu4Pm2spaPeycTJcjl+BDzmHVncNIwejcRS9A2y6/
HPDqaOH8ZJnXtCVjFUhq59SOLbS7apAXs+o4Byc+9UfKiayrFo8DC48aJ20vdSRB
XIQ4zoLe+7K/2A3K1eH0sD8e9g7atHldUuH7n68fU7bW3VD7e7cG2e3k2NocGTNv
5dy9rGihx45WurWK0HBs0Shrd5y9440Rlfd3n8Xf+P4NHm4pUpHLcPiDoqz9Lic/
QZ3Q2Y1UTklQ84HrKMa/oXfE7ROv56zOUQvV8h+YRJnksQGq9z/1OSjXowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJkrNhhqV7fy6HyefQjgYpFTUzyYMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvbVNzMkdHcFh0X0xvZko1OUNPQmlrVk5UUEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdggDAN
BgkqhkiG9w0BAQsFAAOCAQEAGQ1ri2S6a5RQbtSE6KbWk2/2t4xS/diedC+Qk052
NpGju7kdXMv2EIu4rcYosp6gvi9TubDKmJ6VE9knpGiQI5GBzX8n/seQpdSGULdH
wzKL7lN2BedgjPC36zvlhfEmsMy/xjhU1GAeMwtJoy5N5Mzwf+WI4fXIZG9JaAYc
ISbpDRIXOql4DexuUGogaK4S/rdytpFSxzvilMHQ+7McRos686P4bG1TT+qMQ0Ci
lnjmTKuWudTsKtYD1HXRXOP1mZGZCjul9fyTeQswYEu2ouTn8+TwQS/y9cHMzQy5
8b3meool/9jGOKOYft9oNTdwPlpmwLc6vWQsIv16ZCfd6Q==
-----END CERTIFICATE-----
Generated at Mon May 6 07:14:52 2024 by rpki-client on console-fra.rpki-client.org