Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/rNuqeW2fWS1-upGWcoJ6PqdJgtw.roa
File: rNuqeW2fWS1-upGWcoJ6PqdJgtw.roa (raw, json)
Hash identifier: JqZbDS3TghfJh/N+/XvAWqkGcdNWWGuV8sfdpQyhUCg=
Subject key identifier: AC:DB:AA:79:6D:9F:59:2D:7E:BA:91:96:72:82:7A:3E:A7:49:82:DC
Certificate issuer: /CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Certificate serial: 01915120A50D64585BC646C70F13B75E4CD5
Authority key identifier: 94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/rNuqeW2fWS1-upGWcoJ6PqdJgtw.roa
Signing time: Wed 14 Aug 2024 13:42:59 +0000
ROA not before: Wed 14 Aug 2024 13:42:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59721
IP address blocks: 94.126.112.0/24 maxlen: 24
94.126.113.0/24 maxlen: 24
195.80.158.0/24 maxlen: 24
2a13:1c0::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:51:20:a5:0d:64:58:5b:c6:46:c7:0f:13:b7:5e:4c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Validity
Not Before: Aug 14 13:42:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acdbaa796d9f592d7eba919672827a3ea74982dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:40:fc:5e:7a:d5:8d:9d:29:da:8c:e5:f7:cc:
03:07:64:1b:a9:5b:f8:f7:6c:f8:90:a3:30:d6:95:
a9:ab:0d:b4:46:51:3c:a1:18:c0:8e:18:27:37:94:
f1:e4:d6:c5:9e:fc:ec:66:9c:aa:17:5d:65:b8:82:
92:54:d1:78:06:51:bd:05:28:02:bc:41:a4:f1:0a:
03:9f:70:8c:22:84:03:6a:2c:ca:7a:09:2b:39:69:
95:b4:ab:0c:cf:9a:bc:b2:3c:8d:58:4c:0f:04:ac:
f2:2d:12:90:82:f5:58:99:b8:47:a7:9d:3b:ea:96:
78:bf:ff:ec:8c:ea:f4:71:eb:90:da:e4:64:ff:3f:
41:1d:5f:99:31:67:8f:7a:f9:9d:9b:0a:ef:90:88:
8d:05:f2:7c:db:75:3f:cb:de:e8:5e:3c:84:58:ac:
6b:19:33:d9:4a:fc:5b:fd:2b:4c:8c:42:f0:b1:74:
00:12:f1:b5:a8:88:0d:9f:a9:b8:31:4b:30:e3:50:
53:94:ff:dc:c9:a0:a7:98:9b:4c:d4:cc:5d:32:1b:
76:e2:ee:f4:a4:e0:d1:3a:e4:02:97:d8:e2:b9:9a:
ef:4e:20:d3:34:4d:36:9c:a3:50:87:c8:58:07:d4:
af:44:cc:8b:43:49:b3:a2:21:e3:bd:b4:7e:45:40:
80:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DB:AA:79:6D:9F:59:2D:7E:BA:91:96:72:82:7A:3E:A7:49:82:DC
X509v3 Authority Key Identifier:
keyid:94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/rNuqeW2fWS1-upGWcoJ6PqdJgtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.112.0/23
195.80.158.0/24
IPv6:
2a13:1c0::/64
Signature Algorithm: sha256WithRSAEncryption
4d:52:a6:dc:c3:a7:7b:d8:af:9e:3e:06:dc:7b:50:c7:82:39:
b2:65:a9:67:39:92:c9:56:e5:d1:69:30:9f:73:ee:54:11:b7:
5b:be:a6:b6:d6:22:30:6d:b5:c3:fa:2e:dd:ba:1e:00:b5:91:
49:4b:7c:02:68:6b:a0:5d:9c:e2:0b:c8:be:1f:f3:c6:43:76:
04:7d:78:95:5d:e3:55:da:ca:a5:b5:0b:e4:63:34:67:fe:d7:
7f:97:e1:51:9f:87:6c:2f:12:62:43:70:1c:16:7b:90:7f:5e:
a6:56:7d:b1:ef:36:f7:ff:6e:08:de:ec:2a:29:45:d3:4a:1b:
94:e6:3c:ed:63:83:8b:45:fa:4f:98:eb:fa:3f:01:af:cc:18:
8a:b2:d0:4b:27:5b:b8:e8:cd:6b:a0:42:f5:c7:b3:7a:d6:ae:
aa:da:6d:7f:37:b4:9c:5d:e8:8b:85:7f:67:12:0f:a4:fc:7d:
6d:e1:89:61:df:b2:98:05:d3:b2:06:72:5f:1b:89:03:37:ca:
c8:8a:96:eb:8e:62:63:56:36:76:0f:0f:d0:87:b6:1e:0d:b5:
0d:aa:17:02:a4:3e:ec:b9:8e:4e:45:dd:ee:4a:b5:ad:3e:89:
6f:00:56:bc:fa:e8:28:78:13:ab:97:f9:43:ba:0b:13:f7:5e:
b7:f4:15:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZFRIKUNZFhbxkbHDxO3XkzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjUxOWM0ZWNmMTVmNWZjMWUwNmVhYTZlMDNmOWNiMDM5
NTZjYWEwHhcNMjQwODE0MTM0MjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2RiYWE3OTZkOWY1OTJkN2ViYTkxOTY3MjgyN2EzZWE3NDk4MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkD8XnrVjZ0p2ozl98wDB2QbqVv4
92z4kKMw1pWpqw20RlE8oRjAjhgnN5Tx5NbFnvzsZpyqF11luIKSVNF4BlG9BSgC
vEGk8QoDn3CMIoQDaizKegkrOWmVtKsMz5q8sjyNWEwPBKzyLRKQgvVYmbhHp507
6pZ4v//sjOr0ceuQ2uRk/z9BHV+ZMWePevmdmwrvkIiNBfJ823U/y97oXjyEWKxr
GTPZSvxb/StMjELwsXQAEvG1qIgNn6m4MUsw41BTlP/cyaCnmJtM1MxdMht24u70
pODROuQCl9jiuZrvTiDTNE02nKNQh8hYB9SvRMyLQ0mzoiHjvbR+RUCA8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzbqnltn1ktfrqRlnKCej6nSYLcMB8GA1UdIwQY
MBaAFJT1GcTs8V9fweBuqm4D+csDlWyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMt
NTE2ZWFjNDY5MDUzLzEvck51cWVXMmZXUzEtdXBHV2NvSjZQcWRKZ3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMtNTE2ZWFjNDY5MDUz
LzEvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzASBAIAATAMAwQBXn5wAwQA
w1CeMBEEAgACMAsDCQAqEwHAAAAAADANBgkqhkiG9w0BAQsFAAOCAQEATVKm3MOn
e9ivnj4G3HtQx4I5smWpZzmSyVbl0Wkwn3PuVBG3W76mttYiMG21w/ou3boeALWR
SUt8AmhroF2c4gvIvh/zxkN2BH14lV3jVdrKpbUL5GM0Z/7Xf5fhUZ+HbC8SYkNw
HBZ7kH9eplZ9se829/9uCN7sKilF00oblOY87WODi0X6T5jr+j8Br8wYirLQSydb
uOjNa6BC9cezetauqtptfze0nF3oi4V/ZxIPpPx9beGJYd+ymAXTsgZyXxuJAzfK
yIqW645iY1Y2dg8P0Ie2Hg21DaoXAqQ+7LmOTkXd7kq1rT6JbwBWvProKHgTq5f5
Q7oLE/det/QVVw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:50:55 2024 by rpki-client on console-fra.rpki-client.org