Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/M3o_md4yF_1iwyrKBFW1Z88jUYQ.roa
File: M3o_md4yF_1iwyrKBFW1Z88jUYQ.roa (raw, json)
Hash identifier: 30WyeXXsHENzMnLpNYqyxXbSe1LMwIVqRXQdELlWJSA=
Subject key identifier: 33:7A:3F:99:DE:32:17:FD:62:C3:2A:CA:04:55:B5:67:CF:23:51:84
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 018CC2DAF3A42C14637E224EFD0CAB32A80D
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/M3o_md4yF_1iwyrKBFW1Z88jUYQ.roa
Signing time: Mon 01 Jan 2024 02:29:38 +0000
ROA not before: Mon 01 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38937
IP address blocks: 2a03:6100:6100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.mft
rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f3:a4:2c:14:63:7e:22:4e:fd:0c:ab:32:a8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Jan 1 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=337a3f99de3217fd62c32aca0455b567cf235184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:67:db:0c:c6:be:cc:d6:16:90:09:af:11:
74:6a:da:75:9b:23:d4:49:fd:bd:67:5e:d7:bc:0e:
18:c3:19:35:74:22:29:2c:35:cf:41:45:82:31:38:
82:29:c9:7e:f0:e0:d6:a9:f1:b4:e0:58:0f:ca:cd:
f0:9a:16:d8:03:bf:ea:2f:69:78:e3:e9:d2:18:f5:
eb:c6:97:94:25:68:2d:f2:56:19:6c:94:93:e6:31:
52:1b:45:f8:fb:d8:08:cd:71:bb:18:31:2e:50:d4:
cc:87:cb:ce:cb:b3:78:78:0a:f6:e4:a0:66:29:8f:
bd:af:6c:00:18:93:80:bc:1d:4a:74:44:bf:50:26:
85:c6:8e:06:f4:05:7a:1b:1a:dd:67:9f:e5:a4:67:
fd:75:cc:36:83:82:b9:79:69:d9:77:7d:28:07:66:
67:e7:74:b8:0c:1f:08:c7:bc:c6:89:01:b0:2e:8c:
65:44:2c:c2:9c:c4:b8:a2:a6:b2:13:63:cc:29:d0:
da:6c:50:60:33:12:28:6c:de:66:a8:84:0e:f1:b6:
c1:33:7d:81:9b:52:44:bf:63:5b:60:64:f4:7e:10:
2c:cb:f9:09:3f:9b:fa:8d:3e:93:28:95:d0:dc:3c:
14:d7:49:d2:6a:69:ea:17:56:ab:9f:c3:e4:8c:3d:
55:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7A:3F:99:DE:32:17:FD:62:C3:2A:CA:04:55:B5:67:CF:23:51:84
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/M3o_md4yF_1iwyrKBFW1Z88jUYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6100:6100::/48
Signature Algorithm: sha256WithRSAEncryption
13:e0:98:6a:78:82:26:2d:f8:c9:d5:4f:3d:a3:d3:96:bc:20:
2d:05:80:24:51:62:a6:32:6f:a9:4b:fe:c2:80:0a:21:c6:41:
20:8e:dc:3e:fb:d3:47:eb:f7:6a:17:25:ea:03:d2:96:7e:35:
3c:4e:bf:b4:ef:27:e8:af:03:40:a9:86:f9:f2:1c:69:d5:cb:
62:f1:b4:f4:ba:27:21:c7:dd:8b:21:6c:97:a9:fb:70:59:cb:
7e:a7:34:0b:fb:db:e4:6a:41:c8:43:96:8f:6d:ac:7b:ce:3a:
d6:fe:55:6b:e8:84:67:ad:49:ab:b4:5c:9e:ba:71:dd:c7:87:
57:fa:25:92:9b:af:e1:6d:14:df:a0:61:bd:72:a1:51:c9:7f:
a6:ad:02:fa:ad:2f:9c:4c:0f:74:1a:ff:b1:35:c5:44:f2:a3:
8c:ed:4e:0a:d9:ba:58:ec:6d:65:af:8a:09:ee:d4:a0:c5:a4:
ff:c5:33:5c:2d:b6:56:17:e2:e4:5b:76:8c:c0:96:ef:61:f2:
89:82:73:10:18:3c:f4:88:bb:f2:69:b7:30:3b:14:24:ba:0b:
fa:89:1d:cf:00:c8:9a:93:91:f4:7e:02:51:fc:9c:72:17:83:
cb:4e:0c:2c:61:73:e3:82:aa:35:5c:6d:6d:be:11:8c:ab:15:
11:37:29:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2vOkLBRjfiJO/QyrMqgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjQwMTAxMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdhM2Y5OWRlMzIxN2ZkNjJjMzJhY2EwNDU1YjU2N2NmMjM1MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJln2wzGvszWFpAJrxF0atp1myPU
Sf29Z17XvA4Ywxk1dCIpLDXPQUWCMTiCKcl+8ODWqfG04FgPys3wmhbYA7/qL2l4
4+nSGPXrxpeUJWgt8lYZbJST5jFSG0X4+9gIzXG7GDEuUNTMh8vOy7N4eAr25KBm
KY+9r2wAGJOAvB1KdES/UCaFxo4G9AV6GxrdZ5/lpGf9dcw2g4K5eWnZd30oB2Zn
53S4DB8Ix7zGiQGwLoxlRCzCnMS4oqayE2PMKdDabFBgMxIobN5mqIQO8bbBM32B
m1JEv2NbYGT0fhAsy/kJP5v6jT6TKJXQ3DwU10nSamnqF1arn8PkjD1V+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDN6P5neMhf9YsMqygRVtWfPI1GEMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvTTNvX21kNHlGXzFpd3lyS0JGVzFaODhqVVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNhAGEA
MA0GCSqGSIb3DQEBCwUAA4IBAQAT4JhqeIImLfjJ1U89o9OWvCAtBYAkUWKmMm+p
S/7CgAohxkEgjtw++9NH6/dqFyXqA9KWfjU8Tr+07yforwNAqYb58hxp1cti8bT0
uichx92LIWyXqftwWct+pzQL+9vkakHIQ5aPbax7zjrW/lVr6IRnrUmrtFyeunHd
x4dX+iWSm6/hbRTfoGG9cqFRyX+mrQL6rS+cTA90Gv+xNcVE8qOM7U4K2bpY7G1l
r4oJ7tSgxaT/xTNcLbZWF+LkW3aMwJbvYfKJgnMQGDz0iLvyabcwOxQkugv6iR3P
AMiak5H0fgJR/JxyF4PLTgwsYXPjgqo1XG1tvhGMqxURNymJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:56 2024 by rpki-client on console-ams.rpki-client.org