Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/MBuTw9J_-402biiSHTV6gC8_OtA.roa
File: MBuTw9J_-402biiSHTV6gC8_OtA.roa (raw, json)
Hash identifier: cMOIv8ASUEI16aFkpbT9gHTNSIvEGKxUjtTjl3AM6ZA=
Subject key identifier: 30:1B:93:C3:D2:7F:FB:8D:36:6E:28:92:1D:35:7A:80:2F:3F:3A:D0
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 018CC6B7A5DE8FE36C63066B4E9270921F95
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/MBuTw9J_-402biiSHTV6gC8_OtA.roa
Signing time: Mon 01 Jan 2024 20:29:33 +0000
ROA not before: Mon 01 Jan 2024 20:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132316
IP address blocks: 31.25.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a5:de:8f:e3:6c:63:06:6b:4e:92:70:92:1f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 20:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=301b93c3d27ffb8d366e28921d357a802f3f3ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:0e:a1:42:f7:6e:1c:66:a7:f3:b3:98:fd:
b1:48:82:ce:24:58:fe:5c:90:7d:b2:23:ff:01:88:
bb:5a:d5:24:25:c3:a0:8f:91:3e:55:5f:37:27:a7:
9e:c9:d4:da:bf:ab:1c:67:4c:c4:eb:91:4f:de:47:
7b:48:fc:69:db:ed:02:5a:02:10:3f:ec:1a:1b:c7:
75:aa:92:ef:89:22:bc:8f:e3:43:56:28:f9:a9:41:
19:23:71:0c:dc:43:be:23:e8:e8:d7:b1:c5:91:d4:
d1:8b:1b:da:39:3f:2e:f1:5b:e7:fa:b6:75:ee:01:
3b:48:fb:0a:c9:ae:54:70:58:aa:96:cd:a4:7d:11:
68:40:22:ca:a7:ac:97:35:7c:ad:fc:2c:b3:be:ed:
62:2b:91:f6:d3:d8:38:c0:5e:df:88:95:78:61:5a:
02:36:cd:12:e6:09:14:ee:b9:24:1c:b8:76:78:c4:
1c:58:93:44:f2:59:37:b5:33:fb:39:7c:51:5a:a4:
e2:36:55:a1:9d:c4:f9:f3:e8:dc:e9:09:d6:41:b6:
55:4a:53:a1:d5:be:e9:5e:01:11:9c:99:da:09:d5:
65:21:e4:76:4b:25:94:f8:46:d2:70:f3:24:ef:84:
f0:01:32:57:12:25:c6:e8:66:4b:71:37:12:25:39:
53:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1B:93:C3:D2:7F:FB:8D:36:6E:28:92:1D:35:7A:80:2F:3F:3A:D0
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/MBuTw9J_-402biiSHTV6gC8_OtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c4:a3:da:55:c9:38:4f:41:85:a0:06:11:c5:08:7d:ac:ec:
75:69:d0:06:be:c3:b1:14:02:da:02:22:f5:38:5d:fc:81:ba:
a8:f5:1d:ea:4e:91:e2:1d:b5:95:b5:a9:9c:e3:6d:04:70:c8:
93:d0:93:58:19:fc:cc:25:f4:0a:ed:e8:de:77:cc:04:4b:a4:
e6:2b:c3:5b:97:2e:e9:a1:b0:ff:2e:b7:c4:79:d0:25:45:01:
a4:0a:14:3c:20:6d:5e:bc:0a:2e:9a:b9:b5:62:a0:09:f9:a1:
83:95:9e:f8:78:40:49:85:d9:f8:af:bf:2c:68:18:d5:90:4e:
38:f7:f6:fd:6c:e3:fd:cd:4b:2a:48:4a:1d:57:ee:4a:0d:03:
18:62:73:3c:60:ac:96:dd:fc:1d:e6:c7:b6:a8:97:76:fa:99:
9b:af:aa:a0:61:e7:d3:01:63:a1:36:93:2b:10:6f:95:f7:46:
f2:04:b5:15:98:6b:e4:cb:35:4c:bc:5b:86:05:fc:6f:c5:d9:
1c:43:08:16:6e:ea:3e:8c:83:f7:1f:a7:2d:2c:c1:10:d1:b9:
4f:89:7c:80:6a:08:04:ec:5b:bb:09:d2:c9:34:66:2c:d7:00:
6a:0d:51:e8:b0:61:31:3c:58:b0:bf:05:15:0e:65:2a:7d:fc:
fe:cc:ad:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt6Xej+NsYwZrTpJwkh+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjQwMTAxMjAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFiOTNjM2QyN2ZmYjhkMzY2ZTI4OTIxZDM1N2E4MDJmM2YzYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiEOoUL3bhxmp/OzmP2xSILOJFj+
XJB9siP/AYi7WtUkJcOgj5E+VV83J6eeydTav6scZ0zE65FP3kd7SPxp2+0CWgIQ
P+waG8d1qpLviSK8j+NDVij5qUEZI3EM3EO+I+jo17HFkdTRixvaOT8u8Vvn+rZ1
7gE7SPsKya5UcFiqls2kfRFoQCLKp6yXNXyt/Cyzvu1iK5H209g4wF7fiJV4YVoC
Ns0S5gkU7rkkHLh2eMQcWJNE8lk3tTP7OXxRWqTiNlWhncT58+jc6QnWQbZVSlOh
1b7pXgERnJnaCdVlIeR2SyWU+EbScPMk74TwATJXEiXG6GZLcTcSJTlT8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAbk8PSf/uNNm4okh01eoAvPzrQMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvTUJ1VHc5Sl8tNDAyYmlpU0hUVjZnQzhfT3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxkLMA0G
CSqGSIb3DQEBCwUAA4IBAQAExKPaVck4T0GFoAYRxQh9rOx1adAGvsOxFALaAiL1
OF38gbqo9R3qTpHiHbWVtamc420EcMiT0JNYGfzMJfQK7ejed8wES6TmK8Nbly7p
obD/LrfEedAlRQGkChQ8IG1evAoumrm1YqAJ+aGDlZ74eEBJhdn4r78saBjVkE44
9/b9bOP9zUsqSEodV+5KDQMYYnM8YKyW3fwd5se2qJd2+pmbr6qgYefTAWOhNpMr
EG+V90byBLUVmGvkyzVMvFuGBfxvxdkcQwgWbuo+jIP3H6ctLMEQ0blPiXyAaggE
7Fu7CdLJNGYs1wBqDVHosGExPFiwvwUVDmUqffz+zK0e
-----END CERTIFICATE-----
Generated at Sat May 4 09:58:23 2024 by rpki-client on console-ams.rpki-client.org