Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/MIDQg5rsEcBmBaYZJ6X2Ok7LUPY.roa
File: MIDQg5rsEcBmBaYZJ6X2Ok7LUPY.roa (raw, json)
Hash identifier: pVaJy76L7pCGzLDYL4GOpoGL6M5KTLSknLX4z7u7EZQ=
Subject key identifier: 30:80:D0:83:9A:EC:11:C0:66:05:A6:19:27:A5:F6:3A:4E:CB:50:F6
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 018CC8714A0DB5D9D9C2625FC30B6BDC793B
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/MIDQg5rsEcBmBaYZJ6X2Ok7LUPY.roa
Signing time: Tue 02 Jan 2024 04:31:56 +0000
ROA not before: Tue 02 Jan 2024 04:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48233
IP address blocks: 2a06:9686::/39 maxlen: 39
2a06:9686:200::/39 maxlen: 39
2a06:9686:400::/39 maxlen: 39
2a06:9686:600::/39 maxlen: 39
2a06:9686:800::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4a:0d:b5:d9:d9:c2:62:5f:c3:0b:6b:dc:79:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 2 04:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3080d0839aec11c06605a61927a5f63a4ecb50f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:28:de:b9:7f:30:c7:11:37:de:33:ed:d5:f3:
d5:26:41:4c:17:82:81:62:c0:60:49:07:c0:57:d7:
0c:33:79:a9:78:f7:7d:70:7c:ac:cd:85:29:77:9e:
f5:ec:d9:f7:b8:98:7c:23:bf:ea:08:77:da:24:61:
33:74:16:ff:63:f4:a5:b2:61:fb:04:7e:ea:2a:8c:
11:a7:98:b3:e3:f6:d5:e9:c6:5b:e7:3d:b3:cb:b0:
95:53:ad:86:81:48:82:04:21:8d:8e:0d:46:5f:b8:
1c:a1:7c:4f:f1:80:f8:b4:f5:ce:a9:84:ea:66:52:
16:23:6f:f3:17:3c:b9:f3:23:03:80:4a:60:33:26:
bb:07:c3:f4:4e:eb:3c:5c:3c:38:21:4a:ba:c3:3b:
ee:f6:fe:74:c3:b5:eb:48:eb:31:50:23:fd:8a:d3:
1d:43:ed:62:eb:f9:27:e2:6e:e4:32:0b:8c:d5:2c:
23:6e:65:b3:67:33:43:6a:57:68:7d:e4:98:09:a9:
70:6e:84:4b:bd:85:14:14:97:90:d1:95:b1:6b:f7:
a4:15:eb:f2:8c:a9:6e:9a:37:62:81:8c:03:ca:42:
e0:a1:7d:77:3a:e7:e3:4b:73:d1:63:95:72:e1:0a:
6a:78:a9:b4:b4:a7:70:3d:1c:8f:1f:5e:68:15:77:
c0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:80:D0:83:9A:EC:11:C0:66:05:A6:19:27:A5:F6:3A:4E:CB:50:F6
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/MIDQg5rsEcBmBaYZJ6X2Ok7LUPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686::-2a06:9686:9ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:24:09:ff:37:77:0a:85:70:d3:0d:ca:46:7b:ae:3d:2c:ce:
b2:36:cf:3f:e8:a3:33:65:d6:0e:4a:34:83:47:42:64:a8:5b:
5e:dc:2c:74:47:bc:60:b5:3d:eb:2d:9d:39:7b:8f:1f:bd:c6:
ce:23:33:da:b6:3d:28:3b:c6:50:26:cb:4a:bb:23:94:fe:ed:
e3:a5:97:a5:07:91:7c:fb:92:2e:1b:60:88:78:c0:c4:95:2b:
20:5f:5a:4f:07:16:82:98:c8:3e:fa:28:e3:90:4d:d0:ef:e0:
00:81:52:c4:1d:8e:45:8c:7e:9c:1c:a8:92:db:c4:ce:63:73:
ef:32:51:b8:b8:70:da:0a:2e:4f:e2:2f:00:55:6a:a7:a2:26:
d1:d0:11:c4:4c:7c:44:46:2e:66:2f:48:5c:c8:97:2e:08:95:
ce:b5:e5:b5:3c:a3:e2:99:2a:94:f7:66:92:55:d7:b0:4b:96:
eb:2a:82:1a:d0:65:b5:4c:3b:b0:00:67:50:6c:1a:ec:75:8f:
9f:d2:49:aa:b9:8d:8b:f0:58:0b:ed:50:2d:da:7e:0b:79:d4:
cc:8e:a1:65:29:ae:92:07:99:2a:70:5f:78:fd:f3:8b:00:f0:
77:c9:4c:78:88:f4:de:75:a6:d9:ee:7d:05:77:3f:df:77:5f:
b1:91:95:7e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzIcUoNtdnZwmJfwwtr3Hk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwMTAyMDQzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgwZDA4MzlhZWMxMWMwNjYwNWE2MTkyN2E1ZjYzYTRlY2I1MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyjeuX8wxxE33jPt1fPVJkFMF4KB
YsBgSQfAV9cMM3mpePd9cHyszYUpd5717Nn3uJh8I7/qCHfaJGEzdBb/Y/SlsmH7
BH7qKowRp5iz4/bV6cZb5z2zy7CVU62GgUiCBCGNjg1GX7gcoXxP8YD4tPXOqYTq
ZlIWI2/zFzy58yMDgEpgMya7B8P0Tus8XDw4IUq6wzvu9v50w7XrSOsxUCP9itMd
Q+1i6/kn4m7kMguM1SwjbmWzZzNDaldofeSYCalwboRLvYUUFJeQ0ZWxa/ekFevy
jKlumjdigYwDykLgoX13OufjS3PRY5Vy4QpqeKm0tKdwPRyPH15oFXfA3wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDCA0IOa7BHAZgWmGSel9jpOy1D2MB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvTUlEUWc1cnNFY0JtQmFZWko2WDJPazdMVVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQEqBpaG
AwYBKgaWhggwDQYJKoZIhvcNAQELBQADggEBABkkCf83dwqFcNMNykZ7rj0szrI2
zz/oozNl1g5KNINHQmSoW17cLHRHvGC1PestnTl7jx+9xs4jM9q2PSg7xlAmy0q7
I5T+7eOll6UHkXz7ki4bYIh4wMSVKyBfWk8HFoKYyD76KOOQTdDv4ACBUsQdjkWM
fpwcqJLbxM5jc+8yUbi4cNoKLk/iLwBVaqeiJtHQEcRMfERGLmYvSFzIly4Ilc61
5bU8o+KZKpT3ZpJV17BLlusqghrQZbVMO7AAZ1BsGux1j5/SSaq5jYvwWAvtUC3a
fgt51MyOoWUprpIHmSpwX3j984sA8HfJTHiI9N51ptnufQV3P993X7GRlX4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:46:00 2024 by rpki-client on console-fra.rpki-client.org