Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/mEADsVA0L8ogtAkSFb2ZWvF2r70.roa
File: mEADsVA0L8ogtAkSFb2ZWvF2r70.roa (raw, json)
Hash identifier: uudyOtOyeO+MSt0YIbaZeA3wNxXVMGeoq4KqW95p0cw=
Subject key identifier: 98:40:03:B1:50:34:2F:CA:20:B4:09:12:15:BD:99:5A:F1:76:AF:BD
Certificate issuer: /CN=6fa104f6a8978bb16cd05314f98a786e0d0d9564
Certificate serial: 019108E4E82BF0BF9119DE6D7C420C5CE372
Authority key identifier: 6F:A1:04:F6:A8:97:8B:B1:6C:D0:53:14:F9:8A:78:6E:0D:0D:95:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/mEADsVA0L8ogtAkSFb2ZWvF2r70.roa
Signing time: Wed 31 Jul 2024 13:05:04 +0000
ROA not before: Wed 31 Jul 2024 13:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41327
IP address blocks: 171.22.208.0/22 maxlen: 24
2a09:3e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:e4:e8:2b:f0:bf:91:19:de:6d:7c:42:0c:5c:e3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa104f6a8978bb16cd05314f98a786e0d0d9564
Validity
Not Before: Jul 31 13:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=984003b150342fca20b4091215bd995af176afbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4a:dc:c3:51:6b:9d:62:7c:d7:b3:a7:1b:1b:
6c:3a:87:32:a8:93:b9:92:71:c1:db:da:99:5f:3d:
d3:10:ef:ee:b2:16:0d:49:b2:a7:1e:a9:d1:91:54:
21:7c:78:92:4c:51:4e:c8:0d:ee:c0:79:02:ac:db:
dc:30:02:98:7e:54:75:35:97:ee:07:4f:a7:b0:20:
24:d0:21:fd:03:2e:3e:03:64:df:b3:17:5c:ad:cd:
66:28:d6:4f:4d:60:81:32:86:da:cf:4d:43:36:82:
20:17:bb:0a:2f:6c:f3:53:61:29:f5:13:21:1c:b9:
a4:10:c8:45:a0:db:fb:ac:5e:d3:bf:b4:12:6a:bf:
e4:91:b5:76:56:ef:0c:c5:46:da:75:b8:e0:f2:9e:
22:c3:05:31:a5:7b:ac:d8:5e:c9:bf:55:98:c8:1c:
57:50:81:89:ae:24:02:41:82:cc:5c:a8:da:ff:82:
d9:0f:33:f3:0b:5b:2a:a0:0d:f3:bc:a9:82:cf:a2:
26:c8:42:8b:97:77:15:3d:52:49:57:56:b9:55:5d:
f9:a3:47:f0:7b:ea:25:79:30:bb:72:eb:32:7c:96:
d6:7a:57:98:be:37:66:bd:25:58:f0:5b:53:94:8d:
2c:e2:e3:a2:99:99:fd:9d:c1:4e:9d:0d:52:7e:e4:
26:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:40:03:B1:50:34:2F:CA:20:B4:09:12:15:BD:99:5A:F1:76:AF:BD
X509v3 Authority Key Identifier:
keyid:6F:A1:04:F6:A8:97:8B:B1:6C:D0:53:14:F9:8A:78:6E:0D:0D:95:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/mEADsVA0L8ogtAkSFb2ZWvF2r70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/9dd5e3-576f-44a1-a5cc-6509cb5f27f8/1/b6EE9qiXi7Fs0FMU-Yp4bg0NlWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.208.0/22
IPv6:
2a09:3e40::/29
Signature Algorithm: sha256WithRSAEncryption
09:5a:e5:0a:4b:40:f1:5d:55:af:ba:8b:27:68:5c:3e:13:58:
d4:09:f0:23:a5:4b:af:22:47:b3:ef:ee:1f:11:f4:51:bb:d2:
f0:38:31:4e:fd:22:77:9b:07:3d:eb:a9:2b:18:1a:d5:aa:01:
df:53:b0:b8:d5:fb:04:09:95:e6:de:78:de:11:5e:fe:5a:0f:
cc:e4:f0:d1:80:48:b4:1c:dc:a2:f1:54:28:59:c6:86:66:28:
71:fb:f9:0f:50:4b:f8:f3:17:80:1d:dc:16:36:7b:1c:d3:99:
e8:fe:a5:f5:d3:c9:22:07:3a:75:7c:8b:50:f2:6a:83:a0:83:
02:f8:f3:28:59:1e:21:9b:3d:da:cf:7a:54:5c:00:64:d4:0d:
16:db:84:69:f3:27:01:74:dc:a1:58:fb:40:cf:1e:9b:95:cc:
0e:d3:29:03:4e:cd:cf:6e:4f:0c:a2:ef:8c:b5:52:15:c0:c8:
6b:3e:4a:f4:de:9e:6d:6c:a2:6b:aa:50:04:8c:2f:8a:66:48:
23:35:e9:46:ad:02:b5:40:fb:eb:58:b0:90:47:3f:2d:fe:fc:
69:3b:5c:d3:24:a9:9c:c9:29:0d:39:d7:2e:76:2d:09:b1:a2:
bd:99:01:c5:95:36:f5:47:f5:a1:6f:3f:49:e1:b8:dd:f4:b7:
e0:8a:0a:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZEI5Ogr8L+RGd5tfEIMXONyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTEwNGY2YTg5NzhiYjE2Y2QwNTMxNGY5OGE3ODZlMGQw
ZDk1NjQwHhcNMjQwNzMxMTMwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQwMDNiMTUwMzQyZmNhMjBiNDA5MTIxNWJkOTk1YWYxNzZhZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0rcw1FrnWJ817OnGxtsOocyqJO5
knHB29qZXz3TEO/ushYNSbKnHqnRkVQhfHiSTFFOyA3uwHkCrNvcMAKYflR1NZfu
B0+nsCAk0CH9Ay4+A2Tfsxdcrc1mKNZPTWCBMobaz01DNoIgF7sKL2zzU2Ep9RMh
HLmkEMhFoNv7rF7Tv7QSar/kkbV2Vu8MxUbadbjg8p4iwwUxpXus2F7Jv1WYyBxX
UIGJriQCQYLMXKja/4LZDzPzC1sqoA3zvKmCz6ImyEKLl3cVPVJJV1a5VV35o0fw
e+oleTC7cusyfJbWeleYvjdmvSVY8FtTlI0s4uOimZn9ncFOnQ1SfuQmXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJhAA7FQNC/KILQJEhW9mVrxdq+9MB8GA1UdIwQY
MBaAFG+hBPaol4uxbNBTFPmKeG4NDZVkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZFRTlxaVhpN0ZzMEZNVS1ZcDRiZzBObFdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy85ZGQ1ZTMtNTc2Zi00NGExLWE1Y2Mt
NjUwOWNiNWYyN2Y4LzEvbUVBRHNWQTBMOG9ndEFrU0ZiMlpXdkYycjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy85ZGQ1ZTMtNTc2Zi00NGExLWE1Y2MtNjUwOWNiNWYyN2Y4
LzEvYjZFRTlxaVhpN0ZzMEZNVS1ZcDRiZzBObFdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCqxbQMA0E
AgACMAcDBQMqCT5AMA0GCSqGSIb3DQEBCwUAA4IBAQAJWuUKS0DxXVWvuosnaFw+
E1jUCfAjpUuvIkez7+4fEfRRu9LwODFO/SJ3mwc966krGBrVqgHfU7C41fsECZXm
3njeEV7+Wg/M5PDRgEi0HNyi8VQoWcaGZihx+/kPUEv48xeAHdwWNnsc05no/qX1
08kiBzp1fItQ8mqDoIMC+PMoWR4hmz3az3pUXABk1A0W24Rp8ycBdNyhWPtAzx6b
lcwO0ykDTs3Pbk8Mou+MtVIVwMhrPkr03p5tbKJrqlAEjC+KZkgjNelGrQK1QPvr
WLCQRz8t/vxpO1zTJKmcySkNOdcudi0JsaK9mQHFlTb1R/Whbz9J4bjd9LfgigpR
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:12:45 2024 by rpki-client on console-ams.rpki-client.org