Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/MKXE3l_kRrUK-SEa0SjlnZgrzOY.roa
File: MKXE3l_kRrUK-SEa0SjlnZgrzOY.roa (raw, json)
Hash identifier: qB75ATBjq0bvGr3VuX9ZJkiNF1i/cky+GUiK1V7um9s=
Subject key identifier: 30:A5:C4:DE:5F:E4:46:B5:0A:F9:21:1A:D1:28:E5:9D:98:2B:CC:E6
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 01941FFA7D526F519BDAF409286F0F5D22B6
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/MKXE3l_kRrUK-SEa0SjlnZgrzOY.roa
Signing time: Wed 01 Jan 2025 03:48:17 +0000
ROA not before: Wed 01 Jan 2025 03:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5606
IP address blocks: 2a00:ece1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 03:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7d:52:6f:51:9b:da:f4:09:28:6f:0f:5d:22:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 03:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30a5c4de5fe446b50af9211ad128e59d982bcce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:85:af:55:4f:b9:f8:c0:47:ed:ef:39:81:
76:12:35:e7:1d:96:bd:13:77:7a:ef:dd:50:5b:8c:
fb:d1:2a:f6:f0:00:17:36:28:78:9a:5e:30:65:1f:
e1:b8:16:e6:e7:0d:c9:88:50:da:ff:f6:52:2d:48:
49:5a:6a:ff:41:23:c3:76:55:dc:e7:9b:26:d1:ad:
93:e3:05:9b:54:f2:93:4c:0e:e4:a4:5c:fe:0e:85:
b8:58:a5:09:e7:94:d1:99:86:41:e0:8c:c4:bb:90:
31:ce:c7:cc:12:e8:8f:1b:37:bd:90:95:a5:a2:28:
5e:83:ae:c4:e2:e3:5e:6a:13:b8:8d:10:95:58:e4:
84:e3:db:3f:c0:3b:0e:fa:86:d7:95:f8:5e:25:56:
6b:ed:d5:22:7f:d2:12:e9:2e:cf:5f:b1:aa:fd:fc:
22:bc:64:8c:93:27:8d:63:98:71:62:17:1b:63:0d:
b2:49:08:b9:da:ae:00:d1:16:c9:bd:00:1e:37:8a:
9c:5e:91:6b:df:5d:58:33:47:dd:fa:2a:42:a9:d1:
a2:a0:c5:46:6c:29:f8:8c:7f:c8:eb:89:25:16:d7:
98:0a:27:ac:a3:8d:59:ec:2c:b3:1c:52:b1:71:c1:
99:36:0b:12:67:95:30:21:ba:1c:3b:cc:a6:dc:fb:
b0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A5:C4:DE:5F:E4:46:B5:0A:F9:21:1A:D1:28:E5:9D:98:2B:CC:E6
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/MKXE3l_kRrUK-SEa0SjlnZgrzOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ece1::/48
Signature Algorithm: sha256WithRSAEncryption
47:07:d6:29:dd:09:c1:e4:05:5a:64:f1:53:91:ca:cc:2e:d6:
8a:65:2d:0a:c7:aa:19:44:41:3c:04:c5:f5:c0:21:2e:f7:ac:
f8:2d:c0:4b:d2:e9:7f:6d:1f:b9:8d:77:d5:dc:95:76:e2:33:
53:32:20:25:4e:2b:f0:d2:48:b4:20:59:c7:19:a1:a8:33:92:
45:7b:c4:f1:59:37:b4:d3:99:51:50:77:51:91:8e:02:62:ed:
cb:40:6d:37:ee:e4:e6:14:42:db:d2:7b:54:15:b7:da:9c:17:
ca:3b:e8:b2:ad:32:34:c2:e9:16:43:59:f4:e2:ee:c3:29:8c:
a8:5f:ad:42:e9:7a:1c:90:5e:b7:8a:24:e8:4a:8e:5d:12:69:
a3:ca:32:4b:0a:a4:fa:26:f6:18:51:7e:9b:e2:c6:a6:64:af:
75:86:02:3d:68:91:1b:cd:e7:3f:fd:03:71:eb:a3:c3:31:20:
95:c8:6a:6c:02:53:45:fc:e6:ee:95:00:a1:80:ed:69:28:46:
a7:72:00:63:ac:aa:5e:8e:e1:4f:e7:00:b5:f0:88:5f:45:3e:
d6:61:d0:03:68:3f:27:85:eb:9c:7e:5c:24:fb:1b:b1:b5:67:
96:ce:b6:51:b8:a6:75:8d:0f:92:50:d3:c2:ee:f4:dc:19:c3:
c9:0a:a9:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+n1Sb1Gb2vQJKG8PXSK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjUwMTAxMDM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE1YzRkZTVmZTQ0NmI1MGFmOTIxMWFkMTI4ZTU5ZDk4MmJjY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGSFr1VPufjAR+3vOYF2EjXnHZa9
E3d6791QW4z70Sr28AAXNih4ml4wZR/huBbm5w3JiFDa//ZSLUhJWmr/QSPDdlXc
55sm0a2T4wWbVPKTTA7kpFz+DoW4WKUJ55TRmYZB4IzEu5AxzsfMEuiPGze9kJWl
oiheg67E4uNeahO4jRCVWOSE49s/wDsO+obXlfheJVZr7dUif9IS6S7PX7Gq/fwi
vGSMkyeNY5hxYhcbYw2ySQi52q4A0RbJvQAeN4qcXpFr311YM0fd+ipCqdGioMVG
bCn4jH/I64klFteYCieso41Z7CyzHFKxccGZNgsSZ5UwIbocO8ym3PuwwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDClxN5f5Ea1CvkhGtEo5Z2YK8zmMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvTUtYRTNsX2tSclVLLVNFYTBTamxuWmdyek9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDs4QAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHB9Yp3QnB5AVaZPFTkcrMLtaKZS0Kx6oZREE8
BMX1wCEu96z4LcBL0ul/bR+5jXfV3JV24jNTMiAlTivw0ki0IFnHGaGoM5JFe8Tx
WTe005lRUHdRkY4CYu3LQG037uTmFELb0ntUFbfanBfKO+iyrTI0wukWQ1n04u7D
KYyoX61C6XockF63iiToSo5dEmmjyjJLCqT6JvYYUX6b4samZK91hgI9aJEbzec/
/QNx66PDMSCVyGpsAlNF/ObulQChgO1pKEancgBjrKpejuFP5wC18IhfRT7WYdAD
aD8nheucflwk+xuxtWeWzrZRuKZ1jQ+SUNPC7vTcGcPJCqkC
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:37:18 2025 by rpki-client