Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/MQTLc9Yld7HDiDqSCW99EsbLj3M.roa
File: MQTLc9Yld7HDiDqSCW99EsbLj3M.roa (raw, json)
Hash identifier: w9xxEeRXX73/A3qMddJz4zLSoZXM6hzKSTGTeE+Zqiw=
Subject key identifier: 31:04:CB:73:D6:25:77:B1:C3:88:3A:92:09:6F:7D:12:C6:CB:8F:73
Certificate issuer: /CN=b81bb21b5c1889030d365a549f21d5b426f9dda8
Certificate serial: 018CC8010B5952F337C9AA72D5D801A0A2FD
Authority key identifier: B8:1B:B2:1B:5C:18:89:03:0D:36:5A:54:9F:21:D5:B4:26:F9:DD:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/MQTLc9Yld7HDiDqSCW99EsbLj3M.roa
Signing time: Tue 02 Jan 2024 02:29:20 +0000
ROA not before: Tue 02 Jan 2024 02:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35062
IP address blocks: 2001:678:4a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0b:59:52:f3:37:c9:aa:72:d5:d8:01:a0:a2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81bb21b5c1889030d365a549f21d5b426f9dda8
Validity
Not Before: Jan 2 02:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3104cb73d62577b1c3883a92096f7d12c6cb8f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:bb:66:04:13:70:81:dc:e0:fc:f4:d6:4e:
46:a5:70:eb:3f:75:e1:a6:8e:92:97:01:ba:25:6e:
07:1d:0f:0b:4d:38:9d:a9:be:c7:61:d1:8b:b5:f7:
40:f8:e9:34:41:e5:53:67:b7:d8:97:e8:03:31:dc:
eb:30:24:fb:9d:7f:62:bc:b4:35:5c:7c:51:58:37:
ba:21:e3:79:82:76:d4:36:83:ef:9c:30:50:39:40:
60:87:c0:8a:1f:85:75:bd:9b:fe:fc:7c:9c:f8:bd:
f8:2a:f5:a3:62:55:4e:57:a1:12:3f:c6:76:e9:bf:
43:18:d6:32:8c:a9:f5:2f:aa:b0:3c:d5:f1:07:33:
f0:de:a1:01:1e:c1:92:a8:35:86:31:24:d7:47:1f:
20:53:7d:a7:12:b8:f2:90:66:b2:04:98:a5:94:1f:
93:21:de:d9:db:38:f0:4d:b1:24:72:1e:6c:6e:c4:
e5:7d:10:83:24:11:9d:4f:c0:ec:34:0b:d8:ee:f8:
21:3f:fe:7a:38:4e:96:ee:ff:42:c0:6a:3a:54:4d:
88:e4:3b:96:ee:23:6e:8e:e5:b8:ec:ba:1d:d3:79:
db:f0:58:a6:43:3e:13:c3:34:05:30:d8:d4:2f:86:
b4:bf:dd:92:c6:90:49:e8:f3:68:6d:0e:9a:8d:87:
4b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:04:CB:73:D6:25:77:B1:C3:88:3A:92:09:6F:7D:12:C6:CB:8F:73
X509v3 Authority Key Identifier:
keyid:B8:1B:B2:1B:5C:18:89:03:0D:36:5A:54:9F:21:D5:B4:26:F9:DD:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBuyG1wYiQMNNlpUnyHVtCb53ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/MQTLc9Yld7HDiDqSCW99EsbLj3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/0a96c9-18ea-4753-a2c5-ac9acd352842/1/uBuyG1wYiQMNNlpUnyHVtCb53ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4a8::/48
Signature Algorithm: sha256WithRSAEncryption
7b:12:bc:5a:2c:93:42:4a:d0:01:09:6f:e5:31:57:fa:42:43:
a0:c2:7f:c3:4e:d5:70:3a:14:e4:bb:f3:22:e6:0d:40:3d:90:
87:31:17:9a:f3:b0:50:7f:18:6d:2c:38:ba:f9:39:0d:a1:d0:
a1:0c:9a:c6:09:3c:6e:29:82:bc:6c:f9:43:ba:db:f4:dc:ae:
8c:de:1a:6d:fa:c6:53:39:f3:94:aa:86:90:c4:73:04:5a:d6:
1f:1f:ce:5a:10:4a:3b:00:bd:ca:99:00:fd:5b:f5:d1:1a:6e:
dd:46:64:d6:b9:e0:f3:9c:99:56:7e:20:21:2f:36:4e:39:b6:
b8:5c:9b:95:26:88:7c:7e:d5:14:04:70:4f:b3:37:bd:5b:a3:
e8:e7:08:52:0b:dc:7e:5e:d4:4d:f0:0c:f0:53:15:dc:b9:c7:
99:8b:56:b7:e4:85:f3:e6:0e:48:0a:4e:bd:1f:57:b4:bc:62:
d1:b6:26:aa:60:75:85:15:ca:81:d9:1d:10:18:34:a1:87:33:
82:0d:78:92:34:96:6b:93:d7:80:3a:ee:7a:14:12:40:da:71:
60:88:e7:d8:fa:b6:5a:3d:aa:34:b5:a6:b0:35:6a:39:53:ee:
50:43:e1:6e:45:44:ac:d3:b6:0f:88:95:66:5d:41:00:56:80:
32:8a:95:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAQtZUvM3yapy1dgBoKL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWJiMjFiNWMxODg5MDMwZDM2NWE1NDlmMjFkNWI0MjZm
OWRkYTgwHhcNMjQwMTAyMDIyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA0Y2I3M2Q2MjU3N2IxYzM4ODNhOTIwOTZmN2QxMmM2Y2I4ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXm7ZgQTcIHc4Pz01k5GpXDrP3Xh
po6SlwG6JW4HHQ8LTTidqb7HYdGLtfdA+Ok0QeVTZ7fYl+gDMdzrMCT7nX9ivLQ1
XHxRWDe6IeN5gnbUNoPvnDBQOUBgh8CKH4V1vZv+/Hyc+L34KvWjYlVOV6ESP8Z2
6b9DGNYyjKn1L6qwPNXxBzPw3qEBHsGSqDWGMSTXRx8gU32nErjykGayBJillB+T
Id7Z2zjwTbEkch5sbsTlfRCDJBGdT8DsNAvY7vghP/56OE6W7v9CwGo6VE2I5DuW
7iNujuW47Lod03nb8FimQz4TwzQFMNjUL4a0v92SxpBJ6PNobQ6ajYdL0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDEEy3PWJXexw4g6kglvfRLGy49zMB8GA1UdIwQY
MBaAFLgbshtcGIkDDTZaVJ8h1bQm+d2oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJ1eUcxd1lpUU1OTmxwVW55SFZ0Q2I1M2FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8wYTk2YzktMThlYS00NzUzLWEyYzUt
YWM5YWNkMzUyODQyLzEvTVFUTGM5WWxkN0hEaURxU0NXOTlFc2JMajNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8wYTk2YzktMThlYS00NzUzLWEyYzUtYWM5YWNkMzUyODQy
LzEvdUJ1eUcxd1lpUU1OTmxwVW55SFZ0Q2I1M2FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASo
MA0GCSqGSIb3DQEBCwUAA4IBAQB7ErxaLJNCStABCW/lMVf6QkOgwn/DTtVwOhTk
u/Mi5g1APZCHMRea87BQfxhtLDi6+TkNodChDJrGCTxuKYK8bPlDutv03K6M3hpt
+sZTOfOUqoaQxHMEWtYfH85aEEo7AL3KmQD9W/XRGm7dRmTWueDznJlWfiAhLzZO
Oba4XJuVJoh8ftUUBHBPsze9W6Po5whSC9x+XtRN8AzwUxXcuceZi1a35IXz5g5I
Ck69H1e0vGLRtiaqYHWFFcqB2R0QGDShhzOCDXiSNJZrk9eAOu56FBJA2nFgiOfY
+rZaPao0taawNWo5U+5QQ+FuRUSs07YPiJVmXUEAVoAyipUG
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:16 2024 by rpki-client on console-ams.rpki-client.org