Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qo9uTF1iYwCh6TN1EjG8xKkbMj8.roa
File: qo9uTF1iYwCh6TN1EjG8xKkbMj8.roa (raw, json)
Hash identifier: MJd5viFtE1L+0LyWfWoCr2UGJz1mXWUdy/s+Pg8Yey0=
Subject key identifier: AA:8F:6E:4C:5D:62:63:00:A1:E9:33:75:12:31:BC:C4:A9:1B:32:3F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019300E44B1685EB43249B5F64C17FF2258B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qo9uTF1iYwCh6TN1EjG8xKkbMj8.roa
Signing time: Wed 06 Nov 2024 09:53:01 +0000
ROA not before: Wed 06 Nov 2024 09:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.29.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:e4:4b:16:85:eb:43:24:9b:5f:64:c1:7f:f2:25:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 6 09:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa8f6e4c5d626300a1e933751231bcc4a91b323f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:e8:52:46:e5:1f:2e:e5:1a:97:f1:e1:5f:
82:2f:34:a5:c5:46:92:31:43:79:9e:bd:47:87:90:
fa:42:b1:39:a3:a6:7f:7e:d4:0b:03:eb:54:94:e7:
70:69:5b:f0:c4:68:d4:34:52:2e:68:53:ab:7a:67:
39:19:39:cc:cf:47:56:b7:3f:1e:47:81:55:63:dd:
56:05:f1:92:38:6d:31:6b:75:f5:d1:66:9a:3a:51:
d4:ee:91:8e:37:0d:92:d7:a8:84:33:f9:61:1d:49:
1a:6d:6c:ff:58:d4:01:0e:b1:cb:7b:c0:77:9d:a1:
9d:6d:f2:a2:45:60:18:32:fc:1a:d4:cb:54:3a:d6:
b5:9e:d2:5c:87:48:e2:c5:6a:e1:64:a1:94:a6:66:
17:ed:93:fe:fc:b7:3a:ba:c8:19:72:e4:d2:a5:17:
ba:7d:2a:b5:eb:bd:e0:60:53:69:d1:7b:c1:94:cb:
a0:1a:60:60:dc:71:1d:1d:79:73:41:ac:c5:38:7d:
da:51:f5:10:c1:0e:1e:60:74:19:bd:70:e7:2b:0e:
14:1a:74:8f:06:cb:3a:3f:15:84:1b:08:a1:68:63:
e2:e5:82:a6:be:75:6e:85:e1:11:d3:3d:57:00:a2:
e2:c6:fc:94:82:b3:7f:6f:2f:61:8e:88:26:aa:35:
0c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8F:6E:4C:5D:62:63:00:A1:E9:33:75:12:31:BC:C4:A9:1B:32:3F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qo9uTF1iYwCh6TN1EjG8xKkbMj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.88.0/23
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.169.0/24
194.87.185.0/24
195.133.6.0/24
195.133.29.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:4c:f5:70:e7:29:a8:a0:75:4a:2f:e2:d2:8b:9c:d4:89:78:
f9:cc:9f:8a:d7:46:0a:7d:af:93:35:63:07:dd:a0:d2:fc:01:
3c:9b:d4:a1:b3:57:9d:f6:87:57:84:04:03:cf:ff:33:88:5f:
f8:cf:2e:58:33:a7:e9:f2:f6:e3:73:e3:11:a5:f1:1f:ad:dd:
55:91:73:b2:35:a6:54:76:7f:cc:39:94:fd:be:61:98:23:7e:
66:f3:2c:4e:71:a8:e7:51:56:a0:5a:1d:05:f5:38:d9:4c:6f:
c5:d7:39:63:4d:af:20:9d:1f:05:5d:4b:56:31:36:58:0b:59:
22:eb:08:15:4b:9b:02:7b:47:e3:05:d8:ef:79:f8:41:a9:31:
f5:3f:e3:7e:9e:c0:d2:0e:16:d7:91:83:23:5d:cb:69:32:bd:
a0:69:be:49:4d:8b:06:a1:44:80:af:8a:af:57:85:42:5a:f6:
36:53:ac:7e:bc:a2:9a:f9:b1:53:85:42:87:d7:85:d3:f0:06:
5e:fd:d1:84:50:4e:02:c3:81:fb:14:1f:5c:b5:4a:72:92:0a:
a7:75:a6:dd:8f:63:bf:ab:fb:cc:bf:26:12:bb:a1:2c:3d:ad:
42:e2:dc:3c:fb:fc:03:3c:ae:f5:42:74:98:6e:5e:96:33:00:
d1:da:21:bf
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZMA5EsWhetDJJtfZMF/8iWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA2MDk1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThmNmU0YzVkNjI2MzAwYTFlOTMzNzUxMjMxYmNjNGE5MWIzMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTToUkblHy7lGpfx4V+CLzSlxUaS
MUN5nr1Hh5D6QrE5o6Z/ftQLA+tUlOdwaVvwxGjUNFIuaFOremc5GTnMz0dWtz8e
R4FVY91WBfGSOG0xa3X10WaaOlHU7pGONw2S16iEM/lhHUkabWz/WNQBDrHLe8B3
naGdbfKiRWAYMvwa1MtUOta1ntJch0jixWrhZKGUpmYX7ZP+/Lc6usgZcuTSpRe6
fSq1673gYFNp0XvBlMugGmBg3HEdHXlzQazFOH3aUfUQwQ4eYHQZvXDnKw4UGnSP
Bss6PxWEGwihaGPi5YKmvnVuheER0z1XAKLixvyUgrN/by9hjogmqjUM2QIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKqPbkxdYmMAoekzdRIxvMSpGzI/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcW85dVRGMWlZd0NoNlROMUVqRzh4S2tiTWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAwHy/
AwQAwXwFAwQAwlcMAwQAwlcWAwQAwlcgAwQAwlcoAwQBwldYAwQAwld8AwQAwleI
AwQAwleOAwQAwleWAwQAwlepAwQAwle5AwQAw4UGAwQAw4UdAwQBw4UqAwQAw4VI
AwQAw4VVAwQAw4XAAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQA+TPVw5ymooHVK
L+LSi5zUiXj5zJ+K10YKfa+TNWMH3aDS/AE8m9Shs1ed9odXhAQDz/8ziF/4zy5Y
M6fp8vbjc+MRpfEfrd1VkXOyNaZUdn/MOZT9vmGYI35m8yxOcajnUVagWh0F9TjZ
TG/F1zljTa8gnR8FXUtWMTZYC1ki6wgVS5sCe0fjBdjvefhBqTH1P+N+nsDSDhbX
kYMjXctpMr2gab5JTYsGoUSAr4qvV4VCWvY2U6x+vKKa+bFThUKH14XT8AZe/dGE
UE4Cw4H7FB9ctUpykgqndabdj2O/q/vMvyYSu6EsPa1C4tw8+/wDPK71QnSYbl6W
MwDR2iG/
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:52 2024 by rpki-client on console-ams.rpki-client.org