Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/qZh0qFYPGM6xVfxUgBB94rOHUu0.roa
File: qZh0qFYPGM6xVfxUgBB94rOHUu0.roa (raw, json)
Hash identifier: 2NK37GwUAhaGRgsN8F79gdMMXFiRnWx3/+Y1HMD9p6w=
Subject key identifier: A9:98:74:A8:56:0F:18:CE:B1:55:FC:54:80:10:7D:E2:B3:87:52:ED
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 018CC26D2ACB964E5A1FE261792B0F4AEBBE
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/qZh0qFYPGM6xVfxUgBB94rOHUu0.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29491
IP address blocks: 195.191.214.0/23 maxlen: 23
91.193.164.0/22 maxlen: 22
94.45.128.0/19 maxlen: 24
194.187.108.0/22 maxlen: 22
194.187.110.0/24 maxlen: 24
195.137.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2a:cb:96:4e:5a:1f:e2:61:79:2b:0f:4a:eb:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a99874a8560f18ceb155fc5480107de2b38752ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9c:62:61:cb:95:ae:3b:fb:a1:28:72:70:3e:
81:47:0f:1e:d5:86:ae:fb:6e:b9:3e:17:8d:35:08:
18:e5:d6:52:7d:3b:2f:d9:7b:a9:2c:cb:97:66:d9:
1c:f5:a2:b0:3b:33:e9:82:9c:24:0f:b1:87:b3:cf:
eb:ab:f5:28:f7:3f:77:fe:97:da:2d:7a:d2:35:25:
a0:6d:87:6a:15:9f:bc:bf:09:5d:1f:17:5a:4d:b5:
e8:e2:d9:35:e1:6f:db:a0:27:6b:5a:60:93:c2:64:
54:3c:71:b9:ba:4e:11:7e:0a:66:22:7f:2a:80:08:
aa:01:64:da:d5:4c:22:3a:eb:dc:1b:c0:11:6b:0c:
15:b2:ee:5e:8a:48:ea:52:94:24:b2:39:ef:f8:df:
b3:0b:c9:f5:44:e6:e8:67:d7:81:90:45:1f:8f:2d:
a2:fc:90:9d:87:b5:de:7c:0d:81:af:ee:29:58:fa:
5e:fa:a8:cc:1e:ec:40:1a:da:8a:b4:23:32:5f:77:
55:72:33:f5:a5:21:f9:ff:5c:f6:05:58:fb:0d:86:
b3:aa:88:90:88:f7:63:8f:8d:dd:35:8b:18:43:b9:
f3:41:41:04:d6:24:63:cc:08:d4:a2:6f:4a:a9:ea:
3e:6c:5e:47:d8:46:f6:76:61:3f:7b:54:fb:82:27:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:98:74:A8:56:0F:18:CE:B1:55:FC:54:80:10:7D:E2:B3:87:52:ED
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/qZh0qFYPGM6xVfxUgBB94rOHUu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.164.0/22
94.45.128.0/19
194.187.108.0/22
195.137.202.0/23
195.191.214.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:c6:e1:59:ef:e4:a3:91:59:66:96:c2:d5:a5:81:5f:de:7f:
f4:99:4a:1d:d2:bb:21:25:8b:4c:e5:f6:c5:f1:a5:d0:d5:7f:
78:8e:83:c8:22:8b:ec:b5:bf:f8:2b:aa:fe:2a:40:1f:a6:5a:
5d:fd:fe:c6:fd:a2:ec:01:64:1a:f1:a6:b2:e2:57:b4:88:99:
01:65:bb:d3:e9:d0:ad:f3:98:99:b9:24:79:6b:ed:5a:78:99:
30:36:2c:a5:2d:90:11:8d:ca:15:8a:d4:cd:4f:bd:cf:02:56:
71:ac:69:0d:4b:01:33:df:49:f2:96:34:09:6c:3a:7b:fe:8e:
33:36:77:2d:5b:51:51:37:e0:10:c0:62:90:f8:55:34:57:fd:
52:15:b6:2f:96:6e:3d:97:38:ae:11:fe:c7:9a:99:33:18:62:
5e:f6:ac:e5:d2:54:55:60:e5:4d:a7:e3:73:86:56:a7:3b:b7:
99:e7:29:d7:28:28:96:38:9f:eb:cc:d9:41:52:19:e3:52:10:
89:af:cd:00:46:53:0e:42:b7:13:6e:b1:83:54:2e:b7:07:d8:
0d:63:e0:ec:c0:71:dc:f7:29:99:ca:49:70:dc:05:30:e8:ed:
f1:4c:f6:99:4d:9b:b1:90:3d:89:2e:02:b1:d8:b8:c4:a8:26:
36:30:ad:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbSrLlk5aH+JheSsPSuu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk4NzRhODU2MGYxOGNlYjE1NWZjNTQ4MDEwN2RlMmIzODc1MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJxiYcuVrjv7oShycD6BRw8e1Yau
+265PheNNQgY5dZSfTsv2XupLMuXZtkc9aKwOzPpgpwkD7GHs8/rq/Uo9z93/pfa
LXrSNSWgbYdqFZ+8vwldHxdaTbXo4tk14W/boCdrWmCTwmRUPHG5uk4RfgpmIn8q
gAiqAWTa1UwiOuvcG8ARawwVsu5eikjqUpQksjnv+N+zC8n1ROboZ9eBkEUfjy2i
/JCdh7XefA2Br+4pWPpe+qjMHuxAGtqKtCMyX3dVcjP1pSH5/1z2BVj7DYazqoiQ
iPdjj43dNYsYQ7nzQUEE1iRjzAjUom9Kqeo+bF5H2Eb2dmE/e1T7gich/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKmYdKhWDxjOsVX8VIAQfeKzh1LtMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvcVpoMHFGWVBHTTZ4VmZ4VWdCQjk0ck9IVXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8GkAwQF
Xi2AAwQCwrtsAwQBw4nKAwQBw7/WMA0GCSqGSIb3DQEBCwUAA4IBAQC5xuFZ7+Sj
kVlmlsLVpYFf3n/0mUod0rshJYtM5fbF8aXQ1X94joPIIovstb/4K6r+KkAfplpd
/f7G/aLsAWQa8aay4le0iJkBZbvT6dCt85iZuSR5a+1aeJkwNiylLZARjcoVitTN
T73PAlZxrGkNSwEz30nyljQJbDp7/o4zNnctW1FRN+AQwGKQ+FU0V/1SFbYvlm49
lziuEf7HmpkzGGJe9qzl0lRVYOVNp+NzhlanO7eZ5ynXKCiWOJ/rzNlBUhnjUhCJ
r80ARlMOQrcTbrGDVC63B9gNY+DswHHc9ymZyklw3AUw6O3xTPaZTZuxkD2JLgKx
2LjEqCY2MK1I
-----END CERTIFICATE-----
Generated at Sun May 19 14:00:07 2024 by rpki-client on console-fra.rpki-client.org