Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/qAvVMsRQkZFBfvnWhMrflMWmGQo.roa
File: qAvVMsRQkZFBfvnWhMrflMWmGQo.roa (raw, json)
Hash identifier: AU416K9q8ri0uwtBA0G3uCKQdUSM33O2xQRHH5YRC4w=
Subject key identifier: A8:0B:D5:32:C4:50:91:91:41:7E:F9:D6:84:CA:DF:94:C5:A6:19:0A
Certificate issuer: /CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Certificate serial: 01902666433368B9E91D9FC3F071BAAEDA3B
Authority key identifier: 4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/qAvVMsRQkZFBfvnWhMrflMWmGQo.roa
Signing time: Mon 17 Jun 2024 13:32:34 +0000
ROA not before: Mon 17 Jun 2024 13:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50676
IP address blocks: 192.162.40.0/22 maxlen: 24
192.162.40.0/24 maxlen: 24
192.162.41.0/24 maxlen: 24
192.162.42.0/24 maxlen: 24
192.162.43.0/24 maxlen: 24
195.191.82.0/23 maxlen: 24
195.191.82.0/24 maxlen: 24
195.191.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:66:43:33:68:b9:e9:1d:9f:c3:f0:71:ba:ae:da:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Validity
Not Before: Jun 17 13:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a80bd532c4509191417ef9d684cadf94c5a6190a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a6:c7:f0:da:71:8b:c5:18:6f:f5:2d:0b:a3:
9e:73:a1:35:15:9c:99:4e:5f:bf:f1:4e:7d:cf:8a:
9a:30:00:f4:51:52:e4:9b:69:ca:71:60:af:a9:46:
0f:7f:2d:10:3e:bd:85:02:f4:10:f7:19:41:f7:87:
10:00:ca:94:cc:96:29:56:ae:cd:9f:e9:77:bd:06:
0f:9d:a7:82:ee:3a:1d:b2:d2:64:f9:94:d1:9d:6d:
78:fe:f9:1c:49:46:9e:f1:7e:0b:11:4d:11:33:6a:
87:45:4c:84:ec:4d:2f:1f:42:46:7a:65:d4:3f:f3:
6d:d1:a1:4a:21:21:68:22:fe:6a:2b:33:4c:18:95:
a8:a4:5d:a8:b5:f1:56:74:54:1c:9f:a8:ae:e0:9e:
6e:97:a6:b9:33:53:08:13:76:b0:62:bc:c4:a8:5a:
0a:70:b9:dd:f9:fc:b4:56:42:6a:67:77:bc:9e:43:
f6:35:d1:e4:70:09:3b:a7:8a:a1:be:0f:14:b5:79:
77:19:d5:0e:4c:82:1e:6a:cd:2c:a0:8f:3b:66:0f:
dd:0c:0a:c0:66:5a:55:f1:4a:18:d1:fa:e6:c4:ee:
9f:87:dc:b0:15:c0:18:ac:da:5c:5a:00:fd:6d:09:
10:c9:6b:13:b6:4c:67:20:6d:58:b5:b9:a5:af:67:
e5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0B:D5:32:C4:50:91:91:41:7E:F9:D6:84:CA:DF:94:C5:A6:19:0A
X509v3 Authority Key Identifier:
keyid:4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/qAvVMsRQkZFBfvnWhMrflMWmGQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.40.0/22
195.191.82.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:59:ed:95:47:65:dd:be:d4:75:f1:22:bb:4e:92:d8:82:7a:
53:94:20:72:92:a8:c4:05:af:1c:17:4a:2e:c4:1f:2d:9e:08:
69:bc:06:8b:d0:7b:c0:d8:09:9c:af:66:3d:68:fe:b5:20:7c:
04:03:13:b5:39:56:e1:b5:5b:b5:1c:87:41:42:91:91:8a:1c:
5d:80:de:a9:4e:83:3a:c5:04:36:3f:1d:a3:81:c7:bd:15:c4:
3f:cf:2f:45:bc:64:e0:17:fe:7e:a7:6b:16:df:52:11:20:56:
d0:69:0f:a9:de:a2:1d:41:3d:35:8d:de:9e:e5:2d:a0:04:f6:
75:5c:29:3f:1e:47:7b:dd:f1:3a:a4:e2:3b:ac:df:69:4d:fc:
7f:55:80:3b:bd:70:3b:de:ea:a7:43:13:71:74:ed:df:93:c2:
01:c1:bb:f5:23:b6:71:c3:de:14:75:5d:66:3b:db:c9:49:8f:
87:77:f9:48:22:eb:a9:a9:12:2b:ba:14:f0:66:cb:31:a4:06:
a8:05:26:16:6e:3c:b1:59:ae:64:b6:43:d2:c2:00:10:c0:b8:
c1:65:1f:dc:45:c8:7d:32:b0:9d:13:f6:11:fe:f1:00:32:9c:
21:55:86:24:8e:3a:20:45:a3:22:11:0f:a5:9e:15:2f:63:34:
d9:37:72:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAmZkMzaLnpHZ/D8HG6rto7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmQyMGYyZGU0ZDU3ZTFiYzY0NWNiNjI4N2ZmODEwZDBm
NWE0YmYwHhcNMjQwNjE3MTMzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBiZDUzMmM0NTA5MTkxNDE3ZWY5ZDY4NGNhZGY5NGM1YTYxOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjabH8Npxi8UYb/UtC6Oec6E1FZyZ
Tl+/8U59z4qaMAD0UVLkm2nKcWCvqUYPfy0QPr2FAvQQ9xlB94cQAMqUzJYpVq7N
n+l3vQYPnaeC7jodstJk+ZTRnW14/vkcSUae8X4LEU0RM2qHRUyE7E0vH0JGemXU
P/Nt0aFKISFoIv5qKzNMGJWopF2otfFWdFQcn6iu4J5ul6a5M1MIE3awYrzEqFoK
cLnd+fy0VkJqZ3e8nkP2NdHkcAk7p4qhvg8UtXl3GdUOTIIeas0soI87Zg/dDArA
ZlpV8UoY0frmxO6fh9ywFcAYrNpcWgD9bQkQyWsTtkxnIG1Ytbmlr2flkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKgL1TLEUJGRQX751oTK35TFphkKMB8GA1UdIwQY
MBaAFE4tIPLeTVfhvGRctih/+BDQ9aS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUt
NzhkNGE2NGQyMmQ5LzEvcUF2Vk1zUlFrWkZCZnZuV2hNcmZsTVdtR1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUtNzhkNGE2NGQyMmQ5
LzEvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwKIoAwQB
w79SMA0GCSqGSIb3DQEBCwUAA4IBAQC/We2VR2XdvtR18SK7TpLYgnpTlCBykqjE
Ba8cF0ouxB8tnghpvAaL0HvA2Amcr2Y9aP61IHwEAxO1OVbhtVu1HIdBQpGRihxd
gN6pToM6xQQ2Px2jgce9FcQ/zy9FvGTgF/5+p2sW31IRIFbQaQ+p3qIdQT01jd6e
5S2gBPZ1XCk/Hkd73fE6pOI7rN9pTfx/VYA7vXA73uqnQxNxdO3fk8IBwbv1I7Zx
w94UdV1mO9vJSY+Hd/lIIuupqRIruhTwZssxpAaoBSYWbjyxWa5ktkPSwgAQwLjB
ZR/cRch9MrCdE/YR/vEAMpwhVYYkjjogRaMiEQ+lnhUvYzTZN3JF
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:28:29 2024 by rpki-client on console-ams.rpki-client.org