Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/mpBlYx9ElBJbDAb9JuJ0w0KFbNg.roa
File: mpBlYx9ElBJbDAb9JuJ0w0KFbNg.roa (raw, json)
Hash identifier: h3cyDYHhxIS2iJVnV/DGZx5iP7DcU+Hov/FmbtZ0qaw=
Subject key identifier: 9A:90:65:63:1F:44:94:12:5B:0C:06:FD:26:E2:74:C3:42:85:6C:D8
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018CC56E027D8AACC01C368AD538FC0F9A69
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/mpBlYx9ElBJbDAb9JuJ0w0KFbNg.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205884
IP address blocks: 2a09:59c0::/29 maxlen: 29
2a0e:2800::/29 maxlen: 29
2a0e:b00::/29 maxlen: 29
2a09:57c0::/29 maxlen: 29
2a09:5bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:02:7d:8a:ac:c0:1c:36:8a:d5:38:fc:0f:9a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a9065631f4494125b0c06fd26e274c342856cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:c8:01:d4:f2:a1:ff:50:66:b3:e9:80:3b:
91:a5:f8:d5:ca:d6:7a:98:a4:97:bc:1f:5e:97:61:
5c:db:23:3f:84:03:d5:e1:dd:dc:31:f1:4b:83:62:
db:03:7a:04:f4:9f:07:90:0a:d4:7a:59:ca:a7:e2:
1c:4a:16:10:91:71:69:c0:5a:b8:88:21:fe:bb:de:
7b:c7:1f:f7:98:10:c4:ac:f6:76:29:d5:f6:a4:4a:
d1:7f:59:e9:bc:2b:22:54:71:2f:24:80:25:6e:90:
6f:45:a5:bc:51:d1:1a:ff:18:5e:d0:7e:b2:9d:3c:
fc:e2:29:72:39:52:b5:44:36:41:8e:83:ea:2e:bc:
59:04:ba:25:fb:4e:53:df:f7:b6:39:c0:fc:4e:ce:
1a:b2:19:3a:04:09:4e:f6:dd:cc:4b:9b:21:6b:e4:
f1:26:62:a4:d5:fa:62:a0:ce:a6:1a:c9:99:59:1a:
f2:d5:e0:02:af:93:91:0e:dc:98:75:96:18:3e:70:
e7:d5:cc:32:af:89:fe:6a:2b:ce:73:3e:75:11:0f:
25:9d:da:4c:15:3b:91:54:e7:eb:0d:39:10:27:16:
af:87:12:62:7c:25:e3:2c:d1:f1:2b:18:da:04:57:
22:34:3d:fa:24:c6:be:0f:33:c0:73:4a:ec:7a:97:
94:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:90:65:63:1F:44:94:12:5B:0C:06:FD:26:E2:74:C3:42:85:6C:D8
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/mpBlYx9ElBJbDAb9JuJ0w0KFbNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:57c0::/29
2a09:59c0::/29
2a09:5bc0::/29
2a0e:b00::/29
2a0e:2800::/29
Signature Algorithm: sha256WithRSAEncryption
69:7d:8b:0d:78:11:b7:6f:e2:9e:e9:e2:96:62:0f:41:0f:ae:
22:97:c3:4f:50:4b:6f:05:5e:6a:89:9c:00:1e:da:4a:93:cf:
03:31:67:01:fb:4b:04:f3:aa:13:89:bd:ae:85:05:50:d0:ce:
ca:b8:0d:48:3e:7a:5a:6e:61:00:ae:d2:34:6b:de:1c:8f:4f:
53:d1:a6:08:a9:95:15:b7:cd:68:6b:b5:79:a5:eb:85:27:97:
c5:9c:9d:39:65:18:e4:b2:77:2a:dd:47:e7:fe:c9:b9:e8:fd:
cc:45:e1:93:eb:79:ee:c5:b3:16:8f:43:c7:31:5b:1b:fa:17:
5a:b8:f2:35:39:da:f1:53:38:f8:61:d2:25:f3:cb:39:32:12:
95:de:5d:87:65:42:7c:6e:7b:d6:5f:52:30:0a:1f:ce:54:03:
af:66:f3:5c:b2:b7:ac:42:92:e8:0b:1e:fb:fb:fa:41:c0:7a:
5f:58:d7:43:0f:49:fb:52:33:fb:da:05:ff:d3:8b:f0:5c:8b:
ec:1e:f5:9e:ff:83:4d:75:9c:38:96:b1:0c:af:8e:1a:0e:ea:
11:30:e8:dd:55:49:85:1f:f4:e8:d5:48:cd:6b:4d:69:9d:bb:
ea:43:6b:af:cb:7e:88:e6:d3:0b:e2:e0:ce:22:91:74:ab:96:
19:d6:ba:cc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbgJ9iqzAHDaK1Tj8D5ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkwNjU2MzFmNDQ5NDEyNWIwYzA2ZmQyNmUyNzRjMzQyODU2Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZjIAdTyof9QZrPpgDuRpfjVytZ6
mKSXvB9el2Fc2yM/hAPV4d3cMfFLg2LbA3oE9J8HkArUelnKp+IcShYQkXFpwFq4
iCH+u957xx/3mBDErPZ2KdX2pErRf1npvCsiVHEvJIAlbpBvRaW8UdEa/xhe0H6y
nTz84ilyOVK1RDZBjoPqLrxZBLol+05T3/e2OcD8Ts4ashk6BAlO9t3MS5sha+Tx
JmKk1fpioM6mGsmZWRry1eACr5ORDtyYdZYYPnDn1cwyr4n+aivOcz51EQ8lndpM
FTuRVOfrDTkQJxavhxJifCXjLNHxKxjaBFciND36JMa+DzPAc0rsepeUlQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJqQZWMfRJQSWwwG/SbidMNChWzYMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvbXBCbFl4OUVsQkpiREFiOUp1SjB3MEtGYk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKglXwAMF
AyoJWcADBQMqCVvAAwUDKg4LAAMFAyoOKAAwDQYJKoZIhvcNAQELBQADggEBAGl9
iw14Ebdv4p7p4pZiD0EPriKXw09QS28FXmqJnAAe2kqTzwMxZwH7SwTzqhOJva6F
BVDQzsq4DUg+elpuYQCu0jRr3hyPT1PRpgiplRW3zWhrtXml64Unl8WcnTllGOSy
dyrdR+f+ybno/cxF4ZPree7FsxaPQ8cxWxv6F1q48jU52vFTOPhh0iXzyzkyEpXe
XYdlQnxue9ZfUjAKH85UA69m81yyt6xCkugLHvv7+kHAel9Y10MPSftSM/vaBf/T
i/Bci+we9Z7/g011nDiWsQyvjhoO6hEw6N1VSYUf9OjVSM1rTWmdu+pDa6/Lfojm
0wvi4M4ikXSrlhnWusw=
-----END CERTIFICATE-----
Generated at Mon May 20 18:25:09 2024 by rpki-client on console-ams.rpki-client.org