Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/lMGdYgzwgaT_E7URumGsKGYpRm8.roa
File: lMGdYgzwgaT_E7URumGsKGYpRm8.roa (raw, json)
Hash identifier: kL2rl4lRguL/8Xce/Og8ZuX7b8NIeWwAkD9AdWaLC6M=
Subject key identifier: 94:C1:9D:62:0C:F0:81:A4:FF:13:B5:11:BA:61:AC:28:66:29:46:6F
Certificate issuer: /CN=02da4cd044c6e9873ac8fd9cfd30f1ecb3d80bca
Certificate serial: 018CC79401B8AF49FFE891A3B1AF70DDD05C
Authority key identifier: 02:DA:4C:D0:44:C6:E9:87:3A:C8:FD:9C:FD:30:F1:EC:B3:D8:0B:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/lMGdYgzwgaT_E7URumGsKGYpRm8.roa
Signing time: Tue 02 Jan 2024 00:30:14 +0000
ROA not before: Tue 02 Jan 2024 00:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59891
IP address blocks: 2001:67c:17a4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:01:b8:af:49:ff:e8:91:a3:b1:af:70:dd:d0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02da4cd044c6e9873ac8fd9cfd30f1ecb3d80bca
Validity
Not Before: Jan 2 00:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94c19d620cf081a4ff13b511ba61ac286629466f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9c:af:5d:d4:2b:0b:70:0f:2b:9c:d6:cc:00:
0b:ea:0a:b4:18:8a:d5:e3:11:ef:a8:6a:bf:f5:83:
53:fc:17:54:0b:2c:98:80:5a:87:45:16:bc:ed:aa:
9d:8a:fb:32:d6:99:a9:2f:d7:15:52:64:92:09:db:
8b:65:b3:6c:c7:09:fb:8b:07:d3:71:da:c8:04:2d:
8e:b3:ab:22:79:9d:12:67:ae:f0:af:da:a6:d4:dd:
48:7d:f3:5f:21:3d:4c:ae:16:12:e6:bf:56:0e:e5:
cd:46:d6:c5:25:ed:28:dc:b2:74:07:dc:1a:f3:59:
4d:c0:fe:83:ab:59:45:79:27:fa:a4:b2:6a:ec:06:
a0:4a:9c:5d:ab:b2:24:bf:2f:cc:34:5d:36:ef:c6:
e6:20:39:b8:9f:f1:6b:87:64:6c:17:3d:a8:9d:28:
16:22:75:a5:25:16:de:63:23:c8:4b:34:fd:d0:92:
58:31:19:3a:1c:f0:00:ad:b8:e1:78:ac:d7:8c:a7:
7b:c5:d8:dc:c5:e5:f6:af:80:36:06:8a:a5:f9:0a:
75:06:2f:18:90:7b:26:a5:1e:6c:63:c8:b3:fa:f3:
7d:65:b1:18:a0:99:66:33:e3:ef:a4:4e:fa:7b:8c:
a9:bc:b2:c8:62:ea:6a:ad:26:2c:be:bc:bc:89:a7:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C1:9D:62:0C:F0:81:A4:FF:13:B5:11:BA:61:AC:28:66:29:46:6F
X509v3 Authority Key Identifier:
keyid:02:DA:4C:D0:44:C6:E9:87:3A:C8:FD:9C:FD:30:F1:EC:B3:D8:0B:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/lMGdYgzwgaT_E7URumGsKGYpRm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/29373e-c309-4c32-a606-d692c3729c48/1/AtpM0ETG6Yc6yP2c_TDx7LPYC8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:17a4::/48
Signature Algorithm: sha256WithRSAEncryption
85:f3:c9:ce:39:ac:ea:3e:88:20:e0:bb:da:3b:a2:78:13:2f:
06:fd:cc:d7:c8:8b:58:9d:ba:94:19:b8:5a:e8:b7:3b:b7:26:
f9:1a:d8:34:c8:97:b8:fd:68:0f:9e:b8:9d:9a:a6:04:e5:94:
97:82:98:e4:a0:64:b9:d7:de:ec:d8:c7:31:d9:e1:bf:7c:9c:
03:bb:ac:76:71:8f:b0:08:f4:78:10:4a:83:8d:af:2c:2f:de:
a1:54:1f:da:e5:54:66:82:7e:eb:53:0d:80:33:a8:99:1a:60:
fe:03:c4:3b:75:c5:af:1c:e6:ee:ba:b3:3d:3f:39:a7:3b:5e:
eb:0d:e0:75:0e:c0:c8:70:90:78:0d:6c:89:a9:ab:b4:47:6d:
0c:56:b4:63:29:4d:db:e7:aa:84:73:9d:c6:74:fb:84:cb:b4:
36:45:30:54:4d:28:8c:f0:d5:ad:e2:05:49:c4:ee:d6:3b:af:
ac:a4:0f:22:4a:3b:bc:81:48:3c:8a:11:53:07:5a:2a:2c:8c:
b8:5c:2d:e5:3c:5c:f2:f8:20:62:5c:ff:2c:0f:5a:f7:2a:ee:
c1:90:8e:d8:83:0d:60:5a:06:5f:96:ba:f9:08:b4:39:d0:f7:
73:a4:c2:8b:ea:d1:9d:dc:d2:aa:36:04:5c:6f:1f:90:fe:7a:
a4:dc:33:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHlAG4r0n/6JGjsa9w3dBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZGE0Y2QwNDRjNmU5ODczYWM4ZmQ5Y2ZkMzBmMWVjYjNk
ODBiY2EwHhcNMjQwMTAyMDAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGMxOWQ2MjBjZjA4MWE0ZmYxM2I1MTFiYTYxYWMyODY2Mjk0NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZyvXdQrC3APK5zWzAAL6gq0GIrV
4xHvqGq/9YNT/BdUCyyYgFqHRRa87aqdivsy1pmpL9cVUmSSCduLZbNsxwn7iwfT
cdrIBC2Os6sieZ0SZ67wr9qm1N1IffNfIT1MrhYS5r9WDuXNRtbFJe0o3LJ0B9wa
81lNwP6Dq1lFeSf6pLJq7AagSpxdq7Ikvy/MNF0278bmIDm4n/Frh2RsFz2onSgW
InWlJRbeYyPISzT90JJYMRk6HPAArbjheKzXjKd7xdjcxeX2r4A2Boql+Qp1Bi8Y
kHsmpR5sY8iz+vN9ZbEYoJlmM+PvpE76e4ypvLLIYupqrSYsvry8iaeHPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJTBnWIM8IGk/xO1EbphrChmKUZvMB8GA1UdIwQY
MBaAFALaTNBExumHOsj9nP0w8eyz2AvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXRwTTBFVEc2WWM2eVAyY19URHg3TFBZQzhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yOTM3M2UtYzMwOS00YzMyLWE2MDYt
ZDY5MmMzNzI5YzQ4LzEvbE1HZFlnendnYVRfRTdVUnVtR3NLR1lwUm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yOTM3M2UtYzMwOS00YzMyLWE2MDYtZDY5MmMzNzI5YzQ4
LzEvQXRwTTBFVEc2WWM2eVAyY19URHg3TFBZQzhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBek
MA0GCSqGSIb3DQEBCwUAA4IBAQCF88nOOazqPogg4LvaO6J4Ey8G/czXyItYnbqU
Gbha6Lc7tyb5Gtg0yJe4/WgPnridmqYE5ZSXgpjkoGS5197s2Mcx2eG/fJwDu6x2
cY+wCPR4EEqDja8sL96hVB/a5VRmgn7rUw2AM6iZGmD+A8Q7dcWvHObuurM9Pzmn
O17rDeB1DsDIcJB4DWyJqau0R20MVrRjKU3b56qEc53GdPuEy7Q2RTBUTSiM8NWt
4gVJxO7WO6+spA8iSju8gUg8ihFTB1oqLIy4XC3lPFzy+CBiXP8sD1r3Ku7BkI7Y
gw1gWgZflrr5CLQ50PdzpMKL6tGd3NKqNgRcbx+Q/nqk3DMc
-----END CERTIFICATE-----
Generated at Sat May 18 00:33:16 2024 by rpki-client on console-ams.rpki-client.org