Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/mtx7_9f-T0te0vcah8uqdxk417M.roa
File: mtx7_9f-T0te0vcah8uqdxk417M.roa (raw, json)
Hash identifier: +eemy+sEdbGNbeEWdFc0FjZY9RO4OE5VqB/d91yBhUc=
Subject key identifier: 9A:DC:7B:FF:D7:FE:4F:4B:5E:D2:F7:1A:87:CB:AA:77:19:38:D7:B3
Certificate issuer: /CN=bbd2dc1d2c8fbdc08516ab0bb2088c37eb002863
Certificate serial: 019243D868C8B9EABB2DE62231F2D879EEB4
Authority key identifier: BB:D2:DC:1D:2C:8F:BD:C0:85:16:AB:0B:B2:08:8C:37:EB:00:28:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9LcHSyPvcCFFqsLsgiMN-sAKGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/mtx7_9f-T0te0vcah8uqdxk417M.roa
Signing time: Mon 30 Sep 2024 16:51:48 +0000
ROA not before: Mon 30 Sep 2024 16:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7046
IP address blocks: 2a13:84c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/u9LcHSyPvcCFFqsLsgiMN-sAKGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/u9LcHSyPvcCFFqsLsgiMN-sAKGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u9LcHSyPvcCFFqsLsgiMN-sAKGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:d8:68:c8:b9:ea:bb:2d:e6:22:31:f2:d8:79:ee:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd2dc1d2c8fbdc08516ab0bb2088c37eb002863
Validity
Not Before: Sep 30 16:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9adc7bffd7fe4f4b5ed2f71a87cbaa771938d7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:76:e3:e0:1a:a1:1c:ad:6c:b8:e7:ca:d1:83:
05:b8:d6:9e:cc:39:34:84:eb:91:6e:a8:b3:de:e3:
fd:03:f9:b7:da:d6:61:fe:5e:48:78:fb:b9:ea:ff:
26:9a:a3:e7:05:a0:27:30:df:68:2d:09:b8:78:0f:
84:d6:8f:e3:4e:52:c6:13:c5:b4:d6:4f:ee:b2:c0:
dc:ad:e2:08:55:ac:74:00:d0:66:d0:08:9e:fd:68:
a2:1e:17:a5:71:9c:2a:42:1e:b6:2e:c4:ea:06:0e:
8b:4f:25:09:a8:11:b2:eb:af:bc:25:81:f2:0d:f9:
21:c0:ff:bf:0a:de:d7:51:41:06:3d:ee:d5:9d:1e:
6b:9b:57:27:83:bd:6a:24:bd:c1:90:7b:7c:59:5b:
36:6c:b7:d3:79:7e:13:4f:9a:83:73:cc:f2:41:b4:
df:39:aa:6d:1f:49:d6:0b:fe:f5:6a:37:d9:61:88:
93:0a:9d:ab:f2:87:1f:20:b5:77:7b:59:1e:53:de:
26:e4:5f:d6:64:f5:93:7d:3d:0a:bb:d9:26:7d:d0:
72:69:57:8d:81:f4:c0:0c:1d:71:b5:74:4b:d1:a0:
1d:e0:77:13:55:5b:ef:28:f0:be:e1:d8:70:40:9c:
81:5e:a6:8b:8c:e3:0e:ee:aa:eb:d1:59:67:02:fc:
d6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DC:7B:FF:D7:FE:4F:4B:5E:D2:F7:1A:87:CB:AA:77:19:38:D7:B3
X509v3 Authority Key Identifier:
keyid:BB:D2:DC:1D:2C:8F:BD:C0:85:16:AB:0B:B2:08:8C:37:EB:00:28:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9LcHSyPvcCFFqsLsgiMN-sAKGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/mtx7_9f-T0te0vcah8uqdxk417M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/828f99-83b5-40ad-a5a7-06437ec466b8/1/u9LcHSyPvcCFFqsLsgiMN-sAKGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:84c0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:cf:1a:5e:e3:bf:29:90:ae:4d:4a:5c:41:5c:5a:fa:1e:6d:
91:41:6a:49:28:f1:8b:3e:a5:1f:9d:d8:3e:ce:c2:c9:f6:33:
ba:43:06:1a:64:22:ca:73:ae:8a:33:3b:9e:f2:25:f7:b4:60:
43:89:e7:8c:bc:e6:dd:af:0e:f4:4f:37:28:af:cb:94:63:09:
ff:38:2e:40:9d:d3:d8:ff:dc:0d:0f:f0:e1:3d:40:2c:d8:1b:
bf:9e:5a:70:f1:20:ee:d3:96:72:4a:28:32:0f:5c:af:a8:ad:
28:3a:5c:12:5c:1e:22:af:e0:09:ec:16:8d:5a:49:f9:cc:e0:
34:ac:1c:2e:e6:9c:11:d4:fd:6b:f3:3b:32:1c:3c:5d:ea:78:
12:0c:c1:d1:75:48:f6:2c:3c:ea:2b:cd:ee:78:63:62:cd:98:
73:20:d5:33:aa:12:e4:e2:7d:cc:bf:27:6e:e4:c6:54:16:1a:
67:0c:84:61:1b:3c:5d:8f:ec:9f:46:ba:46:7b:f8:1a:0a:31:
8a:a6:06:cd:5b:0b:58:13:34:8b:8a:87:a8:ac:a0:31:bc:51:
bb:43:fb:b5:78:9e:4d:82:a3:9c:6b:94:30:ef:04:bf:62:20:
40:86:93:02:fc:32:3d:75:b2:eb:d6:46:7c:0e:17:43:dc:f7:
5c:9f:62:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJD2GjIueq7LeYiMfLYee60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDJkYzFkMmM4ZmJkYzA4NTE2YWIwYmIyMDg4YzM3ZWIw
MDI4NjMwHhcNMjQwOTMwMTY1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRjN2JmZmQ3ZmU0ZjRiNWVkMmY3MWE4N2NiYWE3NzE5MzhkN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynbj4BqhHK1suOfK0YMFuNaezDk0
hOuRbqiz3uP9A/m32tZh/l5IePu56v8mmqPnBaAnMN9oLQm4eA+E1o/jTlLGE8W0
1k/ussDcreIIVax0ANBm0Aie/WiiHhelcZwqQh62LsTqBg6LTyUJqBGy66+8JYHy
DfkhwP+/Ct7XUUEGPe7VnR5rm1cng71qJL3BkHt8WVs2bLfTeX4TT5qDc8zyQbTf
OaptH0nWC/71ajfZYYiTCp2r8ocfILV3e1keU94m5F/WZPWTfT0Ku9kmfdByaVeN
gfTADB1xtXRL0aAd4HcTVVvvKPC+4dhwQJyBXqaLjOMO7qrr0VlnAvzWiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrce//X/k9LXtL3GofLqncZONezMB8GA1UdIwQY
MBaAFLvS3B0sj73AhRarC7IIjDfrAChjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlMY0hTeVB2Y0NGRnFzTHNnaU1OLXNBS0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MjhmOTktODNiNS00MGFkLWE1YTct
MDY0MzdlYzQ2NmI4LzEvbXR4N185Zi1UMHRlMHZjYWg4dXFkeGs0MTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84MjhmOTktODNiNS00MGFkLWE1YTctMDY0MzdlYzQ2NmI4
LzEvdTlMY0hTeVB2Y0NGRnFzTHNnaU1OLXNBS0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOEwDAN
BgkqhkiG9w0BAQsFAAOCAQEALs8aXuO/KZCuTUpcQVxa+h5tkUFqSSjxiz6lH53Y
Ps7CyfYzukMGGmQiynOuijM7nvIl97RgQ4nnjLzm3a8O9E83KK/LlGMJ/zguQJ3T
2P/cDQ/w4T1ALNgbv55acPEg7tOWckooMg9cr6itKDpcElweIq/gCewWjVpJ+czg
NKwcLuacEdT9a/M7Mhw8Xep4EgzB0XVI9iw86ivN7nhjYs2YcyDVM6oS5OJ9zL8n
buTGVBYaZwyEYRs8XY/sn0a6Rnv4GgoxiqYGzVsLWBM0i4qHqKygMbxRu0P7tXie
TYKjnGuUMO8Ev2IgQIaTAvwyPXWy69ZGfA4XQ9z3XJ9icA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:48 2024 by rpki-client on console-fra.rpki-client.org