Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/9BqSIquEwoNaumgwEvYlm3iw-vc.roa
File: 9BqSIquEwoNaumgwEvYlm3iw-vc.roa (raw, json)
Hash identifier: Y894CGrwZc1CTviUNFmlIjdLgiGIS3soYbHkj2rVJNY=
Subject key identifier: F4:1A:92:22:AB:84:C2:83:5A:BA:68:30:12:F6:25:9B:78:B0:FA:F7
Certificate issuer: /CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Certificate serial: 018CC501524DDC75DE781CB349753DD68F80
Authority key identifier: D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/9BqSIquEwoNaumgwEvYlm3iw-vc.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29605
IP address blocks: 193.110.140.0/24 maxlen: 24
178.255.128.0/21 maxlen: 24
185.87.88.0/22 maxlen: 24
2a01:6940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 21:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:52:4d:dc:75:de:78:1c:b3:49:75:3d:d6:8f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f41a9222ab84c2835aba683012f6259b78b0faf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b1:8d:2b:b0:7f:d5:48:f4:f7:f1:8d:45:9c:
a3:b9:e3:c0:c3:eb:00:26:24:31:67:39:1d:bb:e4:
26:b2:46:cb:93:e5:94:ab:a1:3c:13:32:7a:26:7a:
30:ec:d8:37:f1:76:aa:34:00:15:9d:af:d8:34:fe:
a2:de:81:3d:b4:32:71:d9:1c:d6:9d:3c:5b:23:5d:
bb:d6:38:e3:d7:d6:d2:4c:ad:b7:42:cb:96:d1:59:
bc:5f:ad:c8:f7:6b:6b:d7:01:88:14:c4:b8:7e:9b:
64:ad:9f:1d:f2:37:31:2b:fc:1e:28:3b:b2:aa:12:
90:49:91:56:5f:dc:fb:a9:00:54:59:27:00:0a:65:
ac:72:99:8b:e0:3f:da:8d:dd:74:c1:0d:33:e4:eb:
9b:56:e2:7b:e6:fe:ab:00:83:36:cc:c8:2b:9a:77:
26:46:5c:74:8e:5b:c2:08:03:e7:5b:da:7e:a0:97:
f4:92:6b:c7:9e:11:d0:88:1b:68:a1:90:13:14:ca:
3b:95:32:0b:5c:46:70:13:ca:33:af:f8:09:6d:ca:
c0:ac:2b:b0:0a:bc:6f:65:03:aa:a9:75:96:16:85:
e4:02:2f:55:f6:98:c1:ba:e6:3e:40:f8:58:9d:5a:
3f:dc:fb:b6:ed:5a:98:4d:56:de:4c:81:5f:0e:76:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1A:92:22:AB:84:C2:83:5A:BA:68:30:12:F6:25:9B:78:B0:FA:F7
X509v3 Authority Key Identifier:
keyid:D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/9BqSIquEwoNaumgwEvYlm3iw-vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.128.0/21
185.87.88.0/22
193.110.140.0/24
IPv6:
2a01:6940::/32
Signature Algorithm: sha256WithRSAEncryption
73:08:72:90:e7:27:2a:8e:a4:34:5b:93:86:c6:af:e4:d3:d7:
d3:1a:a1:6a:14:c6:ea:12:d9:e8:b1:58:b9:41:73:0c:0a:d5:
a4:65:8c:a3:97:8b:e5:b3:08:da:2c:79:65:d0:8e:14:08:e5:
ae:3a:f1:64:d7:c7:92:29:29:bd:30:bf:4d:a2:df:27:64:2c:
e9:2c:67:87:fb:ee:96:60:e5:c4:a7:58:94:53:db:db:3a:3b:
c6:3c:c1:ed:a9:47:1a:15:b7:df:71:da:53:d0:d2:f7:69:9b:
3c:02:49:8b:dd:f4:2c:2f:46:fd:3b:88:52:91:47:9e:b5:93:
65:5b:7e:d2:92:cd:b4:74:c6:4a:51:6b:b9:17:f7:f4:44:4e:
72:3f:b4:5e:e0:df:7e:a9:41:14:0f:62:93:7d:af:a8:e2:f3:
86:99:80:19:12:61:db:08:14:8b:4b:e5:69:9b:54:d8:e9:02:
b9:c9:03:3a:84:3a:4b:fe:49:99:cd:94:a1:f7:af:11:f1:f5:
4d:be:35:82:f4:ec:f1:87:40:18:a2:10:73:00:22:72:19:5c:
8a:5f:4d:86:b5:cc:4a:15:1c:b2:c3:2c:43:a5:b0:f0:3c:6d:
b7:73:94:4e:ce:1d:78:d4:f5:29:4d:cd:67:35:85:70:10:7c:
af:45:cb:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAVJN3HXeeByzSXU91o+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2M5MjQ3NGZlZDM4M2M5NWZhMmNjZDgzZDYxNGY1N2U1
NjNkODIwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDFhOTIyMmFiODRjMjgzNWFiYTY4MzAxMmY2MjU5Yjc4YjBmYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbGNK7B/1Uj09/GNRZyjuePAw+sA
JiQxZzkdu+QmskbLk+WUq6E8EzJ6Jnow7Ng38XaqNAAVna/YNP6i3oE9tDJx2RzW
nTxbI1271jjj19bSTK23QsuW0Vm8X63I92tr1wGIFMS4fptkrZ8d8jcxK/weKDuy
qhKQSZFWX9z7qQBUWScACmWscpmL4D/ajd10wQ0z5OubVuJ75v6rAIM2zMgrmncm
Rlx0jlvCCAPnW9p+oJf0kmvHnhHQiBtooZATFMo7lTILXEZwE8ozr/gJbcrArCuw
CrxvZQOqqXWWFoXkAi9V9pjBuuY+QPhYnVo/3Pu27VqYTVbeTIFfDnbABwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPQakiKrhMKDWrpoMBL2JZt4sPr3MB8GA1UdIwQY
MBaAFNQ8kkdP7Tg8lfoszYPWFPV+Vj2CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMt
NmIwNmMxNzZiZDVhLzEvOUJxU0lxdUV3b05hdW1nd0V2WWxtM2l3LXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMtNmIwNmMxNzZiZDVh
LzEvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsv+AAwQC
uVdYAwQAwW6MMA0EAgACMAcDBQAqAWlAMA0GCSqGSIb3DQEBCwUAA4IBAQBzCHKQ
5ycqjqQ0W5OGxq/k09fTGqFqFMbqEtnosVi5QXMMCtWkZYyjl4vlswjaLHll0I4U
COWuOvFk18eSKSm9ML9Not8nZCzpLGeH++6WYOXEp1iUU9vbOjvGPMHtqUcaFbff
cdpT0NL3aZs8AkmL3fQsL0b9O4hSkUeetZNlW37Sks20dMZKUWu5F/f0RE5yP7Re
4N9+qUEUD2KTfa+o4vOGmYAZEmHbCBSLS+Vpm1TY6QK5yQM6hDpL/kmZzZSh968R
8fVNvjWC9Ozxh0AYohBzACJyGVyKX02GtcxKFRyywyxDpbDwPG23c5ROzh141PUp
Tc1nNYVwEHyvRcsM
-----END CERTIFICATE-----
Generated at Wed May 22 02:41:29 2024 by rpki-client on console-fra.rpki-client.org