Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/q8pW9fE0BJkjjjesFUH330E3DtA.roa
File: q8pW9fE0BJkjjjesFUH330E3DtA.roa (raw, json)
Hash identifier: +ZfM2AgB8tHKfXOXilDRngBbAVFJbIdEd1HTM192bm4=
Subject key identifier: AB:CA:56:F5:F1:34:04:99:23:8E:37:AC:15:41:F7:DF:41:37:0E:D0
Certificate issuer: /CN=20b0da202d2c34a473a6d76af093e8de0311b95b
Certificate serial: 018CCA2BC28E390C243CAF8E43B09AACE29B
Authority key identifier: 20:B0:DA:20:2D:2C:34:A4:73:A6:D7:6A:F0:93:E8:DE:03:11:B9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILDaIC0sNKRzptdq8JPo3gMRuVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/q8pW9fE0BJkjjjesFUH330E3DtA.roa
Signing time: Tue 02 Jan 2024 12:35:14 +0000
ROA not before: Tue 02 Jan 2024 12:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14717
IP address blocks: 5.133.72.0/22 maxlen: 24
94.125.192.0/21 maxlen: 24
91.199.136.0/24 maxlen: 24
2a02:2ba8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/ILDaIC0sNKRzptdq8JPo3gMRuVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/ILDaIC0sNKRzptdq8JPo3gMRuVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ILDaIC0sNKRzptdq8JPo3gMRuVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 10:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c2:8e:39:0c:24:3c:af:8e:43:b0:9a:ac:e2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b0da202d2c34a473a6d76af093e8de0311b95b
Validity
Not Before: Jan 2 12:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abca56f5f1340499238e37ac1541f7df41370ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e5:95:c2:aa:1a:b6:36:c6:01:c2:88:d0:a9:
09:d2:74:c1:97:3b:db:b7:c3:ee:d2:69:d1:00:97:
43:10:27:91:46:ca:2d:5c:49:6a:60:91:8d:32:59:
ee:9e:3b:ea:9a:ee:62:03:1f:bc:cc:3c:ea:a2:51:
fb:6d:3b:98:e8:72:e8:70:a0:fe:ee:ac:96:7a:81:
a0:4e:28:33:01:7a:34:c2:42:03:d1:78:af:61:8a:
ec:46:ad:f2:96:3c:a7:14:72:b2:13:5e:54:e2:77:
02:13:72:3a:0f:76:c1:fa:05:15:d3:06:59:c2:a1:
4d:7b:f3:9c:b8:fb:a1:e9:db:9c:8d:65:b5:8d:bc:
2c:71:a1:40:7b:ea:c5:ec:9a:12:69:d0:5d:75:73:
71:6d:bc:7f:4d:c0:07:21:42:9d:2f:b4:11:ec:e7:
88:2f:20:da:f8:6e:52:f5:d3:cf:61:3e:6e:6e:ac:
9a:38:77:3e:d5:3b:d8:8c:b7:8d:fa:fb:2f:c8:f1:
fe:d3:91:bf:09:d9:ab:73:b5:58:ba:d5:f8:84:9a:
9b:b1:e1:42:80:27:84:d6:3e:47:b7:74:4a:27:91:
ac:23:32:e5:d7:31:4c:a2:f4:bb:aa:03:ed:ca:22:
db:be:68:e8:6a:bd:b8:02:63:d0:82:c6:38:15:ca:
89:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CA:56:F5:F1:34:04:99:23:8E:37:AC:15:41:F7:DF:41:37:0E:D0
X509v3 Authority Key Identifier:
keyid:20:B0:DA:20:2D:2C:34:A4:73:A6:D7:6A:F0:93:E8:DE:03:11:B9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILDaIC0sNKRzptdq8JPo3gMRuVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/q8pW9fE0BJkjjjesFUH330E3DtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dea978-5dae-4c8d-9b2c-d8eff5d6a63b/1/ILDaIC0sNKRzptdq8JPo3gMRuVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.72.0/22
91.199.136.0/24
94.125.192.0/21
IPv6:
2a02:2ba8::/32
Signature Algorithm: sha256WithRSAEncryption
76:03:d5:71:82:40:61:79:a6:f7:6e:ba:2a:0f:12:ec:2a:e8:
98:95:ca:de:fc:c8:bf:4d:55:df:f0:89:93:d4:eb:f0:c2:6d:
28:1b:cc:c5:0a:41:af:9a:d8:5f:4c:96:a4:ce:44:85:5b:d9:
f2:f8:22:51:88:79:af:bf:ad:95:07:70:bb:34:4c:10:92:03:
ba:b5:5a:87:ee:e5:95:c8:fb:97:09:f5:19:96:35:11:41:ec:
10:1c:bd:c7:e2:a0:9d:c7:cd:0f:48:0f:46:d4:83:f9:ca:b9:
74:46:cd:7d:69:45:62:19:b3:7b:16:60:aa:16:90:27:ce:de:
7b:ab:d6:a5:3e:a1:9d:26:09:0a:6c:7d:61:dd:ab:e9:17:83:
88:07:f3:29:23:74:5d:6e:46:05:af:d7:bb:c1:8c:67:97:9b:
42:dc:96:64:05:db:a4:c9:0f:75:3d:20:dd:e9:d0:ef:12:40:
dc:16:53:d3:05:4b:6d:82:e6:f3:aa:a2:ee:fe:37:87:f4:85:
7f:fa:1d:69:b9:2e:14:e7:19:84:77:3e:24:d2:6e:7e:24:d4:
f2:94:0e:a1:5c:f5:dc:9d:6e:b9:0d:4b:a3:ff:a7:d1:14:19:
6f:f2:98:e8:f4:49:c9:ef:20:36:74:3b:d0:89:29:17:ab:c6:
ad:41:54:24
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKK8KOOQwkPK+OQ7CarOKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjBkYTIwMmQyYzM0YTQ3M2E2ZDc2YWYwOTNlOGRlMDMx
MWI5NWIwHhcNMjQwMTAyMTIzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmNhNTZmNWYxMzQwNDk5MjM4ZTM3YWMxNTQxZjdkZjQxMzcwZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+WVwqoatjbGAcKI0KkJ0nTBlzvb
t8Pu0mnRAJdDECeRRsotXElqYJGNMlnunjvqmu5iAx+8zDzqolH7bTuY6HLocKD+
7qyWeoGgTigzAXo0wkID0XivYYrsRq3yljynFHKyE15U4ncCE3I6D3bB+gUV0wZZ
wqFNe/OcuPuh6ducjWW1jbwscaFAe+rF7JoSadBddXNxbbx/TcAHIUKdL7QR7OeI
LyDa+G5S9dPPYT5ubqyaOHc+1TvYjLeN+vsvyPH+05G/Cdmrc7VYutX4hJqbseFC
gCeE1j5Ht3RKJ5GsIzLl1zFMovS7qgPtyiLbvmjoar24AmPQgsY4FcqJ3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKvKVvXxNASZI443rBVB999BNw7QMB8GA1UdIwQY
MBaAFCCw2iAtLDSkc6bXavCT6N4DEblbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxEYUlDMHNOS1J6cHRkcThKUG8zZ01SdVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZWE5NzgtNWRhZS00YzhkLTliMmMt
ZDhlZmY1ZDZhNjNiLzEvcThwVzlmRTBCSmtqamplc0ZVSDMzMEUzRHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZWE5NzgtNWRhZS00YzhkLTliMmMtZDhlZmY1ZDZhNjNi
LzEvSUxEYUlDMHNOS1J6cHRkcThKUG8zZ01SdVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBYVIAwQA
W8eIAwQDXn3AMA0EAgACMAcDBQAqAiuoMA0GCSqGSIb3DQEBCwUAA4IBAQB2A9Vx
gkBheab3broqDxLsKuiYlcre/Mi/TVXf8ImT1Ovwwm0oG8zFCkGvmthfTJakzkSF
W9ny+CJRiHmvv62VB3C7NEwQkgO6tVqH7uWVyPuXCfUZljURQewQHL3H4qCdx80P
SA9G1IP5yrl0Rs19aUViGbN7FmCqFpAnzt57q9alPqGdJgkKbH1h3avpF4OIB/Mp
I3RdbkYFr9e7wYxnl5tC3JZkBdukyQ91PSDd6dDvEkDcFlPTBUttgubzqqLu/jeH
9IV/+h1puS4U5xmEdz4k0m5+JNTylA6hXPXcnW65DUuj/6fRFBlv8pjo9EnJ7yA2
dDvQiSkXq8atQVQk
-----END CERTIFICATE-----
Generated at Sun Jun 2 16:00:55 2024 by rpki-client on console-ams.rpki-client.org