Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/MEIlS7IwiLZFZAjDbUEW9wVxJWQ.roa
File: MEIlS7IwiLZFZAjDbUEW9wVxJWQ.roa (raw, json)
Hash identifier: kPmoUN/wsSxhThYCYRNvT0+6Lnaebye7g5WdMN4Zri0=
Subject key identifier: 30:42:25:4B:B2:30:88:B6:45:64:08:C3:6D:41:16:F7:05:71:25:64
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018E26064A41704BC0C6E81E28EFAA6655DD
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/MEIlS7IwiLZFZAjDbUEW9wVxJWQ.roa
Signing time: Sun 10 Mar 2024 01:42:10 +0000
ROA not before: Sun 10 Mar 2024 01:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48266
IP address blocks: 2a0e:da40:3000::/36 maxlen: 128
2a12:8c00::/36 maxlen: 128
2a12:8c00:1000::/36 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 00:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:26:06:4a:41:70:4b:c0:c6:e8:1e:28:ef:aa:66:55:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Mar 10 01:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3042254bb23088b6456408c36d4116f705712564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6d:3c:d1:20:08:72:62:dc:44:a8:b1:7f:5c:
24:9a:3e:30:09:ca:c9:2a:6a:2f:e8:3a:a5:20:13:
fa:09:0a:00:b9:a4:00:72:d0:2f:e8:fd:d8:c6:8b:
bd:5f:9c:57:90:3e:d4:73:58:b7:59:c4:c5:cc:b6:
62:f1:16:9e:df:94:98:b4:7c:b0:98:f8:1b:07:99:
dd:32:81:f8:da:73:35:6f:a5:14:20:64:f2:01:1c:
c4:ae:69:f8:90:c5:83:d6:58:c2:8f:a4:40:5c:df:
3f:c3:18:e3:44:b1:9e:24:d6:b3:16:67:28:d6:05:
9b:fc:12:50:c1:f2:4c:ff:39:47:0d:48:20:c1:61:
24:93:6b:72:ec:e0:b0:05:a2:dc:b8:21:6c:43:0c:
a9:34:5e:0f:54:56:ad:fb:3f:8b:93:a8:59:15:9d:
84:51:5c:86:f7:a0:be:19:1a:14:fe:fc:82:c4:16:
64:7f:d0:0a:d8:94:c3:2e:c0:30:9c:fd:02:99:42:
b3:d4:37:dc:0c:33:38:2c:60:19:68:d8:1e:e8:02:
ab:05:9a:44:82:89:a6:67:3c:7f:d9:2a:34:c1:b2:
6e:e2:43:ff:b3:45:82:55:5f:1f:a7:fd:42:f0:1e:
a2:ea:d3:d7:f3:1d:b0:6e:12:ed:d3:5d:b4:09:c3:
58:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:42:25:4B:B2:30:88:B6:45:64:08:C3:6D:41:16:F7:05:71:25:64
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/MEIlS7IwiLZFZAjDbUEW9wVxJWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:3000::/36
2a12:8c00::/35
Signature Algorithm: sha256WithRSAEncryption
bb:11:ec:8a:f3:f7:03:b0:0a:dd:c7:46:9c:dd:c3:c4:94:f9:
5c:c3:ca:3e:8e:fa:f0:36:d8:47:0e:fa:33:fe:27:df:a8:ad:
00:3a:46:e7:65:53:2c:45:03:c4:82:e2:a5:20:30:1c:2b:25:
4d:d1:c8:62:de:b6:b8:55:3a:b6:ce:6b:6f:e3:91:b9:1e:06:
6c:10:94:bc:5e:87:f0:dc:bf:14:c7:bb:4e:ce:fc:d3:5f:40:
ac:22:11:a9:17:d7:af:ed:3c:ff:cf:97:5b:45:66:da:bc:af:
55:9c:d8:41:63:e5:96:1d:cf:bf:f1:fd:40:14:b6:94:44:79:
09:d9:e2:09:bd:bd:30:be:fc:0e:eb:f1:25:fb:9f:c7:be:ba:
f1:04:5d:5f:90:a0:73:5b:1b:5e:f4:c3:2a:71:98:83:fa:25:
c3:61:d8:ef:35:02:9e:14:04:bf:b4:31:8f:39:9a:b6:6c:09:
ed:45:64:4f:c1:4a:db:0c:35:dc:ab:83:73:d8:0c:bd:15:ec:
91:d7:30:cb:6a:df:92:76:70:4f:3a:a2:ab:c9:05:fa:25:c3:
b9:73:54:6a:45:0a:a0:9a:bb:97:3a:55:4f:5f:7e:a7:40:c1:
b1:b8:8b:b4:2a:80:b6:61:05:66:1c:d3:d0:2e:52:6f:9e:8b:
2e:60:3f:dc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY4mBkpBcEvAxugeKO+qZlXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMzEwMDE0MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQyMjU0YmIyMzA4OGI2NDU2NDA4YzM2ZDQxMTZmNzA1NzEyNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG080SAIcmLcRKixf1wkmj4wCcrJ
Kmov6DqlIBP6CQoAuaQActAv6P3Yxou9X5xXkD7Uc1i3WcTFzLZi8Rae35SYtHyw
mPgbB5ndMoH42nM1b6UUIGTyARzErmn4kMWD1ljCj6RAXN8/wxjjRLGeJNazFmco
1gWb/BJQwfJM/zlHDUggwWEkk2ty7OCwBaLcuCFsQwypNF4PVFat+z+Lk6hZFZ2E
UVyG96C+GRoU/vyCxBZkf9AK2JTDLsAwnP0CmUKz1DfcDDM4LGAZaNge6AKrBZpE
gommZzx/2So0wbJu4kP/s0WCVV8fp/1C8B6i6tPX8x2wbhLt0120CcNYOQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDBCJUuyMIi2RWQIw21BFvcFcSVkMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvTUVJbFM3SXdpTFpGWkFqRGJVRVc5d1Z4SldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKg7aQDAD
BgUqEowAADANBgkqhkiG9w0BAQsFAAOCAQEAuxHsivP3A7AK3cdGnN3DxJT5XMPK
Po768DbYRw76M/4n36itADpG52VTLEUDxILipSAwHCslTdHIYt62uFU6ts5rb+OR
uR4GbBCUvF6H8Ny/FMe7Ts78019ArCIRqRfXr+08/8+XW0Vm2ryvVZzYQWPllh3P
v/H9QBS2lER5CdniCb29ML78DuvxJfufx7668QRdX5Cgc1sbXvTDKnGYg/olw2HY
7zUCnhQEv7QxjzmatmwJ7UVkT8FK2ww13KuDc9gMvRXskdcwy2rfknZwTzqiq8kF
+iXDuXNUakUKoJq7lzpVT19+p0DBsbiLtCqAtmEFZhzT0C5Sb56LLmA/3A==
-----END CERTIFICATE-----
Generated at Tue May 28 10:01:48 2024 by rpki-client on console-ams.rpki-client.org