Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/MNDKTCk9kXqzm5MQB3EjgyJoXm0.roa
File: MNDKTCk9kXqzm5MQB3EjgyJoXm0.roa (raw, json)
Hash identifier: q0GOOJFyrf2Layk3vcAzbJ4NKH8qFRqADMYTdWkPzpU=
Subject key identifier: 30:D0:CA:4C:29:3D:91:7A:B3:9B:93:10:07:71:23:83:22:68:5E:6D
Certificate issuer: /CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Certificate serial: 018CCA2A12E2E3B454CC0EE047FBF5AF666E
Authority key identifier: 9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/MNDKTCk9kXqzm5MQB3EjgyJoXm0.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206141
IP address blocks: 87.237.160.0/22 maxlen: 22
2a06:13c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:12:e2:e3:b4:54:cc:0e:e0:47:fb:f5:af:66:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d0ca4c293d917ab39b93100771238322685e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0b:26:34:09:29:05:77:c5:9a:52:a3:17:39:
53:77:a1:c4:7d:ca:af:48:80:a2:9a:40:c2:a9:7e:
1d:04:08:d6:b2:10:9b:d3:65:0c:fe:9a:da:86:82:
d1:50:9e:3b:1b:b2:f3:6e:8d:2a:04:ea:a1:98:a4:
f6:02:f6:c4:21:1f:53:33:f7:06:de:2c:73:03:ec:
3e:23:d8:0f:80:8d:6b:3b:8f:fd:0e:37:a5:de:4d:
d4:60:42:f6:d3:59:19:92:71:a2:87:f7:f8:48:39:
4c:7b:5d:5d:d5:4a:45:35:a4:0b:1a:ca:6e:f7:3a:
3b:27:62:b5:92:34:36:f8:28:fa:31:1d:b3:e8:66:
2d:56:0a:ee:78:f4:76:d5:e1:19:5e:ee:d3:d0:02:
a3:26:f2:19:87:f8:4e:09:99:c2:4a:0c:7c:cb:8c:
aa:72:b7:9a:db:8e:eb:b8:0a:73:26:0f:bc:26:1a:
42:21:ae:bb:16:0f:c4:8d:71:c2:5c:ce:87:a0:d7:
64:58:bb:04:86:78:10:6a:e5:03:e2:60:da:73:fb:
87:50:0d:c3:07:48:d3:14:e3:22:6f:e2:69:ca:21:
fd:e3:97:40:86:2b:0d:49:8e:55:3f:41:1a:db:52:
cd:69:12:ca:61:aa:b2:9e:e1:b0:a3:f5:0a:35:40:
71:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D0:CA:4C:29:3D:91:7A:B3:9B:93:10:07:71:23:83:22:68:5E:6D
X509v3 Authority Key Identifier:
keyid:9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/MNDKTCk9kXqzm5MQB3EjgyJoXm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.160.0/22
IPv6:
2a06:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:1e:0c:82:b5:f0:d2:07:28:4e:5a:c4:9b:b7:ab:02:b7:1f:
23:22:5d:71:33:51:7f:7e:6c:ce:5c:51:62:d2:2b:84:96:24:
5b:ee:97:15:c2:86:93:a2:1f:ce:3b:0d:9d:5f:7b:d2:c8:4a:
7c:a2:df:6a:fa:e4:b3:88:61:c0:35:9c:56:f7:47:6c:01:48:
39:74:ce:bf:b2:10:84:de:a3:25:bf:95:e1:9e:a1:eb:5e:0a:
72:82:d3:ca:ae:b7:af:43:37:ad:35:b6:10:37:9b:2a:f6:4b:
55:11:b6:16:a7:4b:d3:65:6e:22:14:0f:8a:7b:5f:2d:ea:34:
73:8b:17:46:49:11:bb:55:5c:37:42:ea:c0:b8:2f:92:e5:3e:
09:b9:57:f6:c4:ac:ff:5c:b3:a8:c2:48:c7:e8:3a:7a:61:1c:
7f:b5:45:74:59:76:86:8a:94:50:dd:5e:54:0f:bb:5b:e2:5a:
6a:91:93:11:45:fc:42:29:ba:c7:72:45:1f:9d:34:d8:eb:4e:
58:c8:5f:42:2d:32:9a:27:fd:ef:2c:04:2d:d9:7f:03:f4:99:
f6:4b:98:fa:3d:3e:02:30:bb:ea:03:51:ab:89:03:20:46:9b:
ca:77:cd:78:a1:62:15:75:f0:e4:05:c3:ca:01:2e:49:96:a9:
a8:1f:53:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKhLi47RUzA7gR/v1r2ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2Y1ZWRjNGU2YWVkYzhkZjQyNDVhNjJmYTM3ZmEyMmE2
MjBlYWEwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQwY2E0YzI5M2Q5MTdhYjM5YjkzMTAwNzcxMjM4MzIyNjg1ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgsmNAkpBXfFmlKjFzlTd6HEfcqv
SICimkDCqX4dBAjWshCb02UM/prahoLRUJ47G7Lzbo0qBOqhmKT2AvbEIR9TM/cG
3ixzA+w+I9gPgI1rO4/9Djel3k3UYEL201kZknGih/f4SDlMe11d1UpFNaQLGspu
9zo7J2K1kjQ2+Cj6MR2z6GYtVgruePR21eEZXu7T0AKjJvIZh/hOCZnCSgx8y4yq
crea247ruApzJg+8JhpCIa67Fg/EjXHCXM6HoNdkWLsEhngQauUD4mDac/uHUA3D
B0jTFOMib+JpyiH945dAhisNSY5VP0Ea21LNaRLKYaqynuGwo/UKNUBx6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDDQykwpPZF6s5uTEAdxI4MiaF5tMB8GA1UdIwQY
MBaAFJ3PXtxOau3I30JFpi+jf6IqYg6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMt
MGVkZGViNDhlM2FlLzEvTU5ES1RDazlrWHF6bTVNUUIzRWpneUpvWG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMtMGVkZGViNDhlM2Fl
LzEvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCV+2gMA0E
AgACMAcDBQMqBhPAMA0GCSqGSIb3DQEBCwUAA4IBAQBWHgyCtfDSByhOWsSbt6sC
tx8jIl1xM1F/fmzOXFFi0iuEliRb7pcVwoaToh/OOw2dX3vSyEp8ot9q+uSziGHA
NZxW90dsAUg5dM6/shCE3qMlv5XhnqHrXgpygtPKrrevQzetNbYQN5sq9ktVEbYW
p0vTZW4iFA+Ke18t6jRzixdGSRG7VVw3QurAuC+S5T4JuVf2xKz/XLOowkjH6Dp6
YRx/tUV0WXaGipRQ3V5UD7tb4lpqkZMRRfxCKbrHckUfnTTY605YyF9CLTKaJ/3v
LAQt2X8D9Jn2S5j6PT4CMLvqA1GriQMgRpvKd814oWIVdfDkBcPKAS5JlqmoH1Nq
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:41:29 2024 by rpki-client on console-ams.rpki-client.org