Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/MXOdUCvuEFwbSMJQSk-lj8STNRE.roa
File: MXOdUCvuEFwbSMJQSk-lj8STNRE.roa (raw, json)
Hash identifier: lXJiZ3GXchvXtSuYcs9f6PKRrt4YOHod1oxYbRGsZj8=
Subject key identifier: 31:73:9D:50:2B:EE:10:5C:1B:48:C2:50:4A:4F:A5:8F:C4:93:35:11
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018CC42464D5159B2E995D0072A4524C6FBE
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/MXOdUCvuEFwbSMJQSk-lj8STNRE.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200827
IP address blocks: 2a0f:7802:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:64:d5:15:9b:2e:99:5d:00:72:a4:52:4c:6f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31739d502bee105c1b48c2504a4fa58fc4933511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:93:6b:0d:90:50:c6:90:d4:e1:cd:ab:07:
ec:5a:10:0b:89:0a:c8:5c:9b:3b:db:f5:41:2e:c6:
2e:5f:8a:45:d0:7a:1e:f0:01:42:c0:a6:e3:e0:3a:
66:a0:fb:eb:98:5e:c2:4a:d0:e2:b1:8b:81:86:9a:
2e:e9:86:ef:75:69:7a:58:f8:7c:f4:71:8d:90:df:
34:43:c6:ae:11:b7:c7:80:fa:2a:a7:c8:70:92:b4:
26:48:4d:40:a6:07:78:7a:fc:cc:c6:97:d7:77:7c:
3b:d6:36:0b:22:18:7d:ba:ef:96:73:1c:4a:24:30:
de:d0:5a:99:39:08:e8:e6:1c:cc:61:8f:0c:7e:09:
67:54:4a:5b:ab:43:90:6f:53:f7:bd:5e:c9:56:39:
96:62:91:63:a7:8d:17:a4:3a:ca:4f:1d:63:82:46:
38:b4:20:bd:69:90:f1:4d:50:07:b8:68:85:aa:27:
69:28:9f:3e:62:10:6c:25:93:41:85:84:33:db:87:
3c:f5:d5:6d:48:1e:11:ea:a5:36:4c:b2:a5:ed:4a:
8c:41:04:53:18:f2:15:1c:95:86:fc:6e:7a:ba:63:
c3:0d:95:ab:5d:8e:5d:2e:36:8c:9f:cf:38:84:02:
b6:74:31:dc:fc:2c:92:7c:13:32:1b:e7:a7:83:c1:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:73:9D:50:2B:EE:10:5C:1B:48:C2:50:4A:4F:A5:8F:C4:93:35:11
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/MXOdUCvuEFwbSMJQSk-lj8STNRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:f000::/36
Signature Algorithm: sha256WithRSAEncryption
b4:e4:9a:7a:58:ac:93:4d:34:19:9e:d5:5b:b0:5e:b9:24:40:
f0:be:52:1d:b6:94:a4:7e:41:45:99:7a:53:8a:f7:f4:65:32:
11:3c:24:1f:5e:ca:bb:a1:12:72:be:21:6d:fd:e3:c4:e9:24:
42:e0:34:3d:63:d2:f1:ed:a9:48:b4:67:08:63:57:21:4b:bb:
1c:c8:06:7c:2f:ed:24:2c:59:d0:0f:17:f4:32:55:97:1d:89:
50:d1:82:db:18:18:1e:7e:f4:5d:83:d6:fd:2b:19:81:67:58:
33:e3:18:45:bc:f1:1a:56:a5:f2:c9:b0:c1:50:e0:aa:c6:bf:
61:14:8d:dd:ec:2d:1c:98:d6:0d:e4:05:ed:a5:4a:8e:92:f0:
e9:7f:41:75:a5:c2:cb:9d:09:0c:00:8a:79:10:b4:67:81:de:
ef:ad:1c:32:f1:3b:b5:db:5a:8f:ab:62:69:16:0e:51:b9:87:
a0:b2:bf:df:bb:86:f0:1a:7b:ee:19:6d:e5:df:e1:f0:c2:b6:
db:9f:7e:4a:54:c1:78:1a:d1:99:68:e3:a5:80:2f:9e:c0:0b:
de:ea:9e:3a:9a:69:87:8c:0c:fa:56:36:61:5a:b3:1d:39:c6:
12:5e:2c:20:4a:03:cd:34:ac:59:7d:6c:f6:b9:0a:b3:87:1e:
ca:a2:1c:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEJGTVFZsumV0AcqRSTG++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTczOWQ1MDJiZWUxMDVjMWI0OGMyNTA0YTRmYTU4ZmM0OTMzNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooqTaw2QUMaQ1OHNqwfsWhALiQrI
XJs72/VBLsYuX4pF0Hoe8AFCwKbj4DpmoPvrmF7CStDisYuBhpou6YbvdWl6WPh8
9HGNkN80Q8auEbfHgPoqp8hwkrQmSE1Apgd4evzMxpfXd3w71jYLIhh9uu+WcxxK
JDDe0FqZOQjo5hzMYY8MfglnVEpbq0OQb1P3vV7JVjmWYpFjp40XpDrKTx1jgkY4
tCC9aZDxTVAHuGiFqidpKJ8+YhBsJZNBhYQz24c89dVtSB4R6qU2TLKl7UqMQQRT
GPIVHJWG/G56umPDDZWrXY5dLjaMn884hAK2dDHc/CySfBMyG+eng8E6CwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDFznVAr7hBcG0jCUEpPpY/EkzURMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvTVhPZFVDdnVFRndiU01KUVNrLWxqOFNUTlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg94AvAw
DQYJKoZIhvcNAQELBQADggEBALTkmnpYrJNNNBme1VuwXrkkQPC+Uh22lKR+QUWZ
elOK9/RlMhE8JB9eyruhEnK+IW3948TpJELgND1j0vHtqUi0ZwhjVyFLuxzIBnwv
7SQsWdAPF/QyVZcdiVDRgtsYGB5+9F2D1v0rGYFnWDPjGEW88RpWpfLJsMFQ4KrG
v2EUjd3sLRyY1g3kBe2lSo6S8Ol/QXWlwsudCQwAinkQtGeB3u+tHDLxO7XbWo+r
YmkWDlG5h6Cyv9+7hvAae+4ZbeXf4fDCttuffkpUwXga0Zlo46WAL57AC97qnjqa
aYeMDPpWNmFasx05xhJeLCBKA800rFl9bPa5CrOHHsqiHOA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:31:18 2024 by rpki-client on console-fra.rpki-client.org