Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ipqMRPCBETMmANfiXwMZ84CigdI.roa
File: ipqMRPCBETMmANfiXwMZ84CigdI.roa (raw, json)
Hash identifier: TaN7tO+fAg6yPY05sgBd8l99IjJg+HXuZoOiDnnlXPk=
Subject key identifier: 8A:9A:8C:44:F0:81:11:33:26:00:D7:E2:5F:03:19:F3:80:A2:81:D2
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018CC649F4519DD459CE7E2C8C41ABB36015
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ipqMRPCBETMmANfiXwMZ84CigdI.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47694
IP address blocks: 176.124.0.0/19 maxlen: 24
178.217.160.0/21 maxlen: 24
91.211.16.0/22 maxlen: 24
91.211.19.0/24 maxlen: 24
81.163.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f4:51:9d:d4:59:ce:7e:2c:8c:41:ab:b3:60:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a9a8c44f08111332600d7e25f0319f380a281d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:46:f5:2e:ed:d0:17:0e:d8:58:4d:92:e9:03:
b8:c6:3b:8a:a0:7c:7c:2b:ad:c2:7c:81:5f:c1:0f:
8f:eb:6c:44:48:ce:1d:c4:df:1e:c4:d7:89:34:56:
c6:ae:3d:81:3f:90:d8:f4:7e:ca:6b:e3:f6:e4:5c:
43:da:ac:2a:11:99:c9:d8:ae:e3:86:3f:2c:65:75:
ac:7e:05:f7:84:14:74:bd:80:3b:fc:5a:88:3e:82:
95:c0:cb:76:f8:ea:47:0c:e2:55:8b:80:5c:1d:6b:
85:d7:38:e5:9f:f3:c9:68:c5:eb:a1:e2:b4:2d:e4:
58:da:db:52:19:34:b3:a0:90:67:bc:77:18:59:a1:
bc:33:cf:0d:10:93:fd:68:53:7b:47:88:e7:7b:bd:
50:c7:d5:5e:69:e2:d1:ce:6b:68:72:48:35:e7:20:
9f:97:f8:c9:e1:f1:0e:e1:d5:b5:0b:af:91:44:5f:
e3:65:3f:d0:e7:08:d4:e5:55:8d:37:bd:6d:98:71:
19:79:5b:5e:2a:0a:82:9b:5c:76:62:b9:ba:d9:9e:
10:c0:87:b5:c3:4c:02:f0:96:25:af:1b:c8:d9:f2:
cd:71:32:a3:60:aa:a7:f9:56:2e:cd:18:1a:ed:8a:
d7:1a:0a:5f:4d:ea:c7:26:0b:0c:1a:3f:23:eb:6a:
e7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9A:8C:44:F0:81:11:33:26:00:D7:E2:5F:03:19:F3:80:A2:81:D2
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/ipqMRPCBETMmANfiXwMZ84CigdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.128.0/19
91.211.16.0/22
176.124.0.0/19
178.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
41:e6:c9:5b:d3:e2:a9:f9:ff:5d:80:f0:1a:eb:f4:12:2b:a8:
a0:7d:65:39:41:28:d7:3e:ab:e6:08:a1:77:bd:77:c8:ab:85:
5b:63:b0:4b:e9:7e:a1:f7:e4:90:84:08:45:12:f4:1b:81:2a:
16:9f:74:ca:27:39:d6:08:f1:bb:18:6f:12:48:6c:5d:1f:3c:
82:d0:70:08:ca:43:33:23:07:ef:27:41:79:3e:ce:6c:55:cf:
fc:15:4d:df:ce:9d:ca:9e:c7:c6:6c:f4:bd:99:c8:a5:98:a2:
19:2f:8b:89:9d:84:4b:f0:0d:8a:4d:99:12:fb:32:00:d9:0f:
d3:f8:e1:fe:ed:9e:66:a6:a3:52:a8:63:35:3e:e3:c9:27:4e:
6a:d6:35:47:51:32:dc:d3:4b:3b:46:38:e9:c7:37:2e:c3:40:
19:78:c7:44:fa:5a:e4:e9:d5:9f:ec:37:25:a1:c5:31:e0:2f:
cf:b4:d8:98:00:f3:d4:cf:46:b6:8f:75:7d:7f:2b:38:bf:ed:
5d:e5:4e:ee:5b:05:8d:e5:1d:1e:9d:15:8d:9a:26:94:c3:f5:
11:5f:4a:fd:89:b0:f6:b4:51:6e:2e:e9:62:a3:37:01:5a:67:
af:eb:d2:ac:d8:0b:7e:fe:1b:2b:f2:6e:74:82:bc:61:d1:ac:
fb:aa:39:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSfRRndRZzn4sjEGrs2AVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTlhOGM0NGYwODExMTMzMjYwMGQ3ZTI1ZjAzMTlmMzgwYTI4MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0b1Lu3QFw7YWE2S6QO4xjuKoHx8
K63CfIFfwQ+P62xESM4dxN8exNeJNFbGrj2BP5DY9H7Ka+P25FxD2qwqEZnJ2K7j
hj8sZXWsfgX3hBR0vYA7/FqIPoKVwMt2+OpHDOJVi4BcHWuF1zjln/PJaMXroeK0
LeRY2ttSGTSzoJBnvHcYWaG8M88NEJP9aFN7R4jne71Qx9VeaeLRzmtockg15yCf
l/jJ4fEO4dW1C6+RRF/jZT/Q5wjU5VWNN71tmHEZeVteKgqCm1x2Yrm62Z4QwIe1
w0wC8JYlrxvI2fLNcTKjYKqn+VYuzRga7YrXGgpfTerHJgsMGj8j62rnNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIqajETwgREzJgDX4l8DGfOAooHSMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvaXBxTVJQQ0JFVE1tQU5maVh3TVo4NENpZ2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUaOAAwQC
W9MQAwQFsHwAAwQDstmgMA0GCSqGSIb3DQEBCwUAA4IBAQBB5slb0+Kp+f9dgPAa
6/QSK6igfWU5QSjXPqvmCKF3vXfIq4VbY7BL6X6h9+SQhAhFEvQbgSoWn3TKJznW
CPG7GG8SSGxdHzyC0HAIykMzIwfvJ0F5Ps5sVc/8FU3fzp3KnsfGbPS9mcilmKIZ
L4uJnYRL8A2KTZkS+zIA2Q/T+OH+7Z5mpqNSqGM1PuPJJ05q1jVHUTLc00s7Rjjp
xzcuw0AZeMdE+lrk6dWf7DclocUx4C/PtNiYAPPUz0a2j3V9fys4v+1d5U7uWwWN
5R0enRWNmiaUw/URX0r9ibD2tFFuLuliozcBWmev69Ks2At+/hsr8m50grxh0az7
qjmE
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:36:41 2024 by rpki-client on console-ams.rpki-client.org