Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/x1qFw2mIQsJ2uxDQi045EqIM_mA.roa
File: x1qFw2mIQsJ2uxDQi045EqIM_mA.roa (raw, json)
Hash identifier: Dbg0iLwjHd70gD9jEliPOWxAlBJTW8pRC/rwsMUp/ac=
Subject key identifier: C7:5A:85:C3:69:88:42:C2:76:BB:10:D0:8B:4E:39:12:A2:0C:FE:60
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 018CC94DB683EEF7756163BDAF2A5A7F3877
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/x1qFw2mIQsJ2uxDQi045EqIM_mA.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24725
IP address blocks: 109.70.105.0/24 maxlen: 24
109.70.104.0/24 maxlen: 24
109.70.107.0/24 maxlen: 24
109.70.106.0/24 maxlen: 24
2001:4130:107::/48 maxlen: 48
2001:4130:50f2::/48 maxlen: 48
2001:4130::/32 maxlen: 48
2001:4130::/34 maxlen: 48
2001:4130::/48 maxlen: 48
2001:4130:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b6:83:ee:f7:75:61:63:bd:af:2a:5a:7f:38:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c75a85c3698842c276bb10d08b4e3912a20cfe60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:46:1f:5e:b0:e0:82:e7:40:02:12:f7:66:b4:
6b:b0:97:4a:be:e9:e3:72:2a:99:ce:0c:4d:c2:e6:
57:f6:58:d8:30:a8:6c:73:5c:17:d8:f2:f4:31:c5:
51:bd:e6:c5:0f:c6:4d:eb:55:12:88:91:ca:e3:51:
71:4f:8a:61:e4:01:84:ae:3d:71:d1:62:b4:76:24:
18:00:ce:64:8a:d7:c9:d0:3b:01:98:83:0c:3d:f3:
c2:dc:54:cb:bd:f1:30:69:7f:ed:0a:f3:94:0c:5d:
b1:e6:eb:a4:b6:90:29:e5:f5:cc:41:f3:3b:d3:ce:
a1:7a:30:03:05:99:f7:e3:df:22:cf:3a:f9:b9:68:
5e:70:56:b7:90:ca:4a:e3:7e:db:72:b0:5c:1f:77:
1b:0b:32:29:34:c0:a3:b7:7e:55:df:2e:84:ec:57:
36:46:f4:4a:5d:1f:01:54:6b:a0:0c:bb:ea:28:5f:
25:0c:37:f3:f5:88:30:05:11:bd:ab:a1:8a:d1:61:
70:a0:64:cc:f8:8d:c1:2d:0d:b2:5a:43:db:07:73:
ea:99:a6:aa:96:0c:68:42:e0:48:6a:de:e5:2f:a9:
8d:39:e8:bc:81:61:6b:b1:f0:f5:dc:bc:ab:8a:1c:
a6:82:ff:94:9f:2c:19:41:7b:44:ea:de:0f:90:6c:
14:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5A:85:C3:69:88:42:C2:76:BB:10:D0:8B:4E:39:12:A2:0C:FE:60
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/x1qFw2mIQsJ2uxDQi045EqIM_mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0/22
IPv6:
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
61:4d:18:e3:5c:74:38:20:95:1b:91:16:48:21:cc:d1:ac:51:
42:03:56:1e:b6:e7:e3:77:0f:4e:e7:c3:6b:16:18:d8:ba:cf:
06:ae:03:c9:42:34:9b:17:da:b6:ec:e8:72:6e:c7:a2:a8:01:
f1:c5:b8:09:6a:0e:d5:08:df:9a:98:ef:6f:b8:99:15:17:07:
8b:5e:69:70:b7:6d:76:e4:f7:ec:4f:92:9b:44:5e:ce:4a:bf:
1a:8b:af:24:e1:a7:e1:ea:c1:ee:f1:c1:27:da:ea:0f:9a:48:
3b:2b:aa:6f:c6:eb:c0:0d:6e:4c:5a:18:e5:d7:5c:36:5e:2c:
90:81:75:eb:e9:b4:27:d9:a2:e5:e6:e3:22:35:62:49:3c:34:
f0:8f:5d:a3:1e:97:86:bd:28:12:62:ab:dc:16:fa:78:72:9a:
ab:33:8e:2e:77:bc:2a:c2:b1:eb:2a:3d:8b:62:6e:89:2f:4d:
95:c1:29:3e:51:27:78:b5:aa:04:d2:cc:d3:e0:8f:d9:cc:1f:
f0:7d:ac:4f:10:5d:21:aa:b7:d5:02:1b:53:bb:f0:16:2d:da:
b5:83:7d:d9:d4:63:51:ec:27:2a:34:9a:8c:bc:39:24:f4:9d:
c8:6f:6b:05:d8:09:e5:d4:43:41:e7:37:85:07:16:a3:dc:3a:
ea:1b:af:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTbaD7vd1YWO9rypafzh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZiMmI4YWZhNjAzNmQyYzhlODMxNzczNmZhYWE3MmQ4
MGM0ZjIwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVhODVjMzY5ODg0MmMyNzZiYjEwZDA4YjRlMzkxMmEyMGNmZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEYfXrDggudAAhL3ZrRrsJdKvunj
ciqZzgxNwuZX9ljYMKhsc1wX2PL0McVRvebFD8ZN61USiJHK41FxT4ph5AGErj1x
0WK0diQYAM5kitfJ0DsBmIMMPfPC3FTLvfEwaX/tCvOUDF2x5uuktpAp5fXMQfM7
086hejADBZn3498izzr5uWhecFa3kMpK437bcrBcH3cbCzIpNMCjt35V3y6E7Fc2
RvRKXR8BVGugDLvqKF8lDDfz9YgwBRG9q6GK0WFwoGTM+I3BLQ2yWkPbB3Pqmaaq
lgxoQuBIat7lL6mNOei8gWFrsfD13Lyrihymgv+UnywZQXtE6t4PkGwUawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMdahcNpiELCdrsQ0ItOORKiDP5gMB8GA1UdIwQY
MBaAFCI2srivpgNtLI6DF3NvqqctgMTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMt
OGI1ZWY0MWQ4YzI1LzEveDFxRncybUlRc0oydXhEUWkwNDVFcUlNX21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82Zjg5NWItNzk3Ny00NDVkLWI3MmMtOGI1ZWY0MWQ4YzI1
LzEvSWpheXVLLW1BMjBzam9NWGMyLXFweTJBeFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCbUZoMA0E
AgACMAcDBQAgAUEwMA0GCSqGSIb3DQEBCwUAA4IBAQBhTRjjXHQ4IJUbkRZIIczR
rFFCA1Yetufjdw9O58NrFhjYus8GrgPJQjSbF9q27OhybseiqAHxxbgJag7VCN+a
mO9vuJkVFweLXmlwt2125PfsT5KbRF7OSr8ai68k4afh6sHu8cEn2uoPmkg7K6pv
xuvADW5MWhjl11w2XiyQgXXr6bQn2aLl5uMiNWJJPDTwj12jHpeGvSgSYqvcFvp4
cpqrM44ud7wqwrHrKj2LYm6JL02VwSk+USd4taoE0szT4I/ZzB/wfaxPEF0hqrfV
AhtTu/AWLdq1g33Z1GNR7CcqNJqMvDkk9J3Ib2sF2Anl1ENB5zeFBxaj3DrqG6/a
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:28 2024 by rpki-client on console-ams.rpki-client.org