Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/MbgmZzEl1FWHSF3vtiKJLM2KttQ.roa
File: MbgmZzEl1FWHSF3vtiKJLM2KttQ.roa (raw, json)
Hash identifier: x63pD6T2bRYs65oWl2BkRt6uUIYIAdVrHhPtKPVn6Dc=
Subject key identifier: 31:B8:26:67:31:25:D4:55:87:48:5D:EF:B6:22:89:2C:CD:8A:B6:D4
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 018CC492ED02B243AEFAB0995CE4B119A6CD
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/MbgmZzEl1FWHSF3vtiKJLM2KttQ.roa
Signing time: Mon 01 Jan 2024 10:30:12 +0000
ROA not before: Mon 01 Jan 2024 10:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395747
IP address blocks: 2a09:bac0:108::/48 maxlen: 48
2a09:bac0:133::/48 maxlen: 48
2a09:bac0:131::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:ed:02:b2:43:ae:fa:b0:99:5c:e4:b1:19:a6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Jan 1 10:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31b826673125d45587485defb622892ccd8ab6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:24:dc:d5:22:1e:de:f3:e9:d9:60:27:5b:bb:
88:4b:ad:8c:28:f7:6e:88:2c:f5:da:3a:03:48:1d:
1e:1a:4c:c2:db:fd:f3:b2:47:10:66:8b:e9:cb:23:
3f:9c:7b:87:7e:5b:d8:da:b5:15:aa:79:30:64:30:
1b:5f:bf:1e:cb:bf:32:1c:2c:0e:c1:47:3a:1e:0e:
a7:0c:64:eb:c0:ef:20:24:f4:3b:7b:e9:30:d9:33:
b3:57:64:3e:9c:30:77:5a:45:16:d0:7e:d1:4a:2f:
89:33:82:e3:14:19:9e:28:68:41:f1:cb:1d:31:60:
91:2d:01:1d:0f:50:f3:33:f0:cf:47:37:d1:b1:c4:
51:23:9d:c8:2e:f9:95:04:3a:01:e5:7e:6e:42:29:
75:a4:b5:d6:f9:37:ec:2e:90:15:d6:dc:a6:bd:ea:
30:6d:ec:c7:7d:6b:4f:aa:37:d3:82:b0:8d:6c:5d:
33:ab:81:8f:0f:41:f9:b4:99:d3:5b:18:e1:b7:85:
4a:55:49:a3:cc:c3:b5:cc:3c:bb:73:f1:2f:4d:95:
ce:d7:37:bb:0a:d2:87:18:60:92:9a:07:fb:1f:16:
0d:ed:fc:93:5f:cc:07:b2:bf:ae:24:58:ae:8c:7b:
54:a7:74:fa:47:58:93:95:07:e0:82:dc:ed:0b:12:
b5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B8:26:67:31:25:D4:55:87:48:5D:EF:B6:22:89:2C:CD:8A:B6:D4
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/MbgmZzEl1FWHSF3vtiKJLM2KttQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:108::/48
2a09:bac0:131::/48
2a09:bac0:133::/48
Signature Algorithm: sha256WithRSAEncryption
1d:b6:fe:2d:00:fd:7f:ed:a9:64:38:d7:80:46:5e:7a:e8:a7:
2a:0d:5f:a9:7a:53:c7:0b:54:41:53:fc:ec:16:19:82:ff:ce:
d0:26:48:68:10:bd:ee:46:57:08:b8:1f:1b:3d:b6:81:6a:b2:
a5:bc:cc:83:d9:03:17:63:81:20:9e:db:d4:37:e2:9f:5d:6f:
1a:71:53:e5:5c:5c:09:c3:e2:ea:b2:15:d1:6c:94:90:3d:c9:
52:b6:c3:4b:4e:93:db:84:ff:7b:8a:41:75:fd:d9:5a:51:c5:
43:34:bf:fb:3b:fe:cc:bd:ff:3f:e8:01:4d:d8:ba:99:78:e6:
42:79:e7:d2:ad:a3:86:3e:9e:ca:f8:02:0e:32:97:be:c2:5b:
43:42:c3:c0:86:15:87:51:db:3e:1b:d6:da:6f:a8:02:84:9a:
49:61:fa:e0:21:fe:10:d1:d2:71:b4:57:f8:54:5c:91:56:93:
88:af:af:0a:21:a3:0a:61:24:0a:1e:ad:3d:20:8e:00:58:e0:
aa:dd:84:95:b3:12:dd:60:e9:bc:9d:f0:1f:d2:13:e6:75:30:
48:59:75:f2:11:02:64:9a:c5:ec:1c:a5:db:90:99:05:68:ad:
5f:44:e3:4e:db:83:50:6f:0f:58:1d:3f:b0:20:8e:bb:88:b0:
35:74:49:59
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEku0CskOu+rCZXOSxGabNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjQwMTAxMTAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI4MjY2NzMxMjVkNDU1ODc0ODVkZWZiNjIyODkyY2NkOGFiNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCTc1SIe3vPp2WAnW7uIS62MKPdu
iCz12joDSB0eGkzC2/3zskcQZovpyyM/nHuHflvY2rUVqnkwZDAbX78ey78yHCwO
wUc6Hg6nDGTrwO8gJPQ7e+kw2TOzV2Q+nDB3WkUW0H7RSi+JM4LjFBmeKGhB8csd
MWCRLQEdD1DzM/DPRzfRscRRI53ILvmVBDoB5X5uQil1pLXW+TfsLpAV1tymveow
bezHfWtPqjfTgrCNbF0zq4GPD0H5tJnTWxjht4VKVUmjzMO1zDy7c/EvTZXO1ze7
CtKHGGCSmgf7HxYN7fyTX8wHsr+uJFiujHtUp3T6R1iTlQfggtztCxK1eQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDG4JmcxJdRVh0hd77YiiSzNirbUMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvTWJnbVp6RWwxRldIU0YzdnRpS0pMTTJLdHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgm6wAEI
AwcAKgm6wAExAwcAKgm6wAEzMA0GCSqGSIb3DQEBCwUAA4IBAQAdtv4tAP1/7alk
ONeARl566KcqDV+pelPHC1RBU/zsFhmC/87QJkhoEL3uRlcIuB8bPbaBarKlvMyD
2QMXY4EgntvUN+KfXW8acVPlXFwJw+LqshXRbJSQPclStsNLTpPbhP97ikF1/dla
UcVDNL/7O/7Mvf8/6AFN2LqZeOZCeefSraOGPp7K+AIOMpe+wltDQsPAhhWHUds+
G9bab6gChJpJYfrgIf4Q0dJxtFf4VFyRVpOIr68KIaMKYSQKHq09II4AWOCq3YSV
sxLdYOm8nfAf0hPmdTBIWXXyEQJkmsXsHKXbkJkFaK1fRONO24NQbw9YHT+wII67
iLA1dElZ
-----END CERTIFICATE-----
Generated at Tue Apr 30 22:08:19 2024 by rpki-client on console-fra.rpki-client.org