Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/MKC-PwTuuMLdugPlxIzteNmxkWU.roa
File: MKC-PwTuuMLdugPlxIzteNmxkWU.roa (raw, json)
Hash identifier: dpWBPHw1roNJPMJ4aeYo7B4udRj0hryl/1X0HcD6f3k=
Subject key identifier: 30:A0:BE:3F:04:EE:B8:C2:DD:BA:03:E5:C4:8C:ED:78:D9:B1:91:65
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 018CC492E318CD37F91200F69DDC7F085EC3
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/MKC-PwTuuMLdugPlxIzteNmxkWU.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1759
IP address blocks: 2001:2000:6000::/40 maxlen: 40
2001:2062::/32 maxlen: 32
2001:2003::/32 maxlen: 32
2001:2061::/32 maxlen: 32
2001:2001:6000::/40 maxlen: 40
2001:2060::/27 maxlen: 27
2001:2060::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 04:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e3:18:cd:37:f9:12:00:f6:9d:dc:7f:08:5e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30a0be3f04eeb8c2ddba03e5c48ced78d9b19165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bd:f5:91:16:4d:d1:9b:f0:15:92:f2:5c:54:
33:47:76:b1:00:cf:f7:b0:e3:14:72:c6:6a:f8:ba:
d8:0e:33:75:cb:c8:09:19:b5:0d:0a:94:cf:0b:9d:
1e:7f:2f:0d:20:2f:76:89:2c:da:38:0f:c2:84:33:
f8:32:9b:9e:14:a0:54:11:5d:be:38:d3:04:d6:a0:
08:ab:bc:98:96:b8:bc:fe:b0:da:aa:1d:47:86:3c:
c4:30:ce:fb:20:65:1f:06:64:16:ae:7c:92:e6:23:
52:fc:50:47:e9:f6:ae:47:a6:ab:58:e5:db:3b:cb:
92:80:80:a5:5c:e9:d8:87:6a:ed:98:20:f5:c6:04:
5b:50:4b:bd:03:dc:fa:9a:f1:bc:5a:30:25:00:e5:
52:19:93:db:ed:e3:83:94:4a:9b:98:f2:97:dd:c4:
cd:c7:42:54:17:3f:ed:5d:e4:d0:88:52:19:96:7e:
31:68:1f:8a:6a:36:f0:02:b6:9f:96:32:90:62:5f:
86:54:23:9c:14:71:46:7e:8e:d4:d7:20:a0:6a:90:
2b:d7:36:74:ce:17:92:c9:df:27:48:89:e9:8a:4a:
4d:b3:ee:2d:55:0e:23:73:2c:89:48:20:82:6f:f6:
fb:8b:d3:be:e8:08:19:58:0b:e8:65:81:23:9c:76:
46:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A0:BE:3F:04:EE:B8:C2:DD:BA:03:E5:C4:8C:ED:78:D9:B1:91:65
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/MKC-PwTuuMLdugPlxIzteNmxkWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:6000::/40
2001:2001:6000::/40
2001:2003::/32
2001:2060::/27
Signature Algorithm: sha256WithRSAEncryption
10:55:bf:78:99:f0:9c:14:d5:dd:ec:59:f5:11:0e:bb:86:c4:
6f:b7:b4:53:a2:88:22:b2:73:38:5f:fe:f3:ff:8c:4f:4a:cf:
20:eb:02:90:fc:65:3f:53:7e:24:56:c6:ee:32:a2:93:36:27:
e7:df:ac:68:03:b0:87:a8:6d:84:48:88:c3:9d:8e:be:0e:3f:
60:a1:42:72:e1:d7:00:80:40:dc:5d:07:94:69:70:61:cf:7f:
79:4a:62:25:e7:29:ff:dd:e0:65:f4:17:bf:4e:0c:b5:81:ba:
f9:c5:95:a7:76:b5:c7:17:d5:20:6a:51:33:f5:fd:d3:3b:89:
48:0f:cc:6d:d1:be:3b:ad:43:1e:c1:c7:92:45:9b:d2:82:fd:
ec:1c:85:71:1e:35:20:24:b6:f7:ee:20:3e:f7:5f:fa:46:a9:
d1:bf:59:de:a1:6f:8b:10:c9:66:3c:20:12:de:63:89:78:c7:
a0:d7:7c:e0:60:f8:ae:34:6b:d4:81:fb:c3:bf:97:1f:32:25:
90:a9:82:85:bc:77:bd:ab:e1:23:2e:8e:79:26:1a:a1:00:a6:
ab:02:5c:81:b6:63:d9:4b:d8:72:d8:4d:4e:ee:7f:04:aa:4e:
ef:d4:11:5a:09:f4:2d:77:6c:ba:f3:90:b6:79:08:2c:9d:b1:
fb:df:c4:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEkuMYzTf5EgD2ndx/CF7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGEwYmUzZjA0ZWViOGMyZGRiYTAzZTVjNDhjZWQ3OGQ5YjE5MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh731kRZN0ZvwFZLyXFQzR3axAM/3
sOMUcsZq+LrYDjN1y8gJGbUNCpTPC50efy8NIC92iSzaOA/ChDP4MpueFKBUEV2+
ONME1qAIq7yYlri8/rDaqh1HhjzEMM77IGUfBmQWrnyS5iNS/FBH6fauR6arWOXb
O8uSgIClXOnYh2rtmCD1xgRbUEu9A9z6mvG8WjAlAOVSGZPb7eODlEqbmPKX3cTN
x0JUFz/tXeTQiFIZln4xaB+KajbwArafljKQYl+GVCOcFHFGfo7U1yCgapAr1zZ0
zheSyd8nSInpikpNs+4tVQ4jcyyJSCCCb/b7i9O+6AgZWAvoZYEjnHZGtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDCgvj8E7rjC3boD5cSM7XjZsZFlMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvTUtDLVB3VHV1TUxkdWdQbHhJenRlTm14a1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwYAIAEgAGAD
BgAgASABYAMFACABIAMDBQUgASBgMA0GCSqGSIb3DQEBCwUAA4IBAQAQVb94mfCc
FNXd7Fn1EQ67hsRvt7RToogisnM4X/7z/4xPSs8g6wKQ/GU/U34kVsbuMqKTNifn
36xoA7CHqG2ESIjDnY6+Dj9goUJy4dcAgEDcXQeUaXBhz395SmIl5yn/3eBl9Be/
Tgy1gbr5xZWndrXHF9UgalEz9f3TO4lID8xt0b47rUMewceSRZvSgv3sHIVxHjUg
JLb37iA+91/6RqnRv1neoW+LEMlmPCAS3mOJeMeg13zgYPiuNGvUgfvDv5cfMiWQ
qYKFvHe9q+EjLo55JhqhAKarAlyBtmPZS9hy2E1O7n8Eqk7v1BFaCfQtd2y685C2
eQgsnbH738SP
-----END CERTIFICATE-----
Generated at Fri May 31 14:00:01 2024 by rpki-client on console-fra.rpki-client.org