Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jqWEw7RqN63kY2PS67ZAy3RvYi0.roa
File: jqWEw7RqN63kY2PS67ZAy3RvYi0.roa (raw, json)
Hash identifier: C/dxvlfYlNokL91eQd4Y0W4B+ZTn2qx/mYuOjk/5fe4=
Subject key identifier: 8E:A5:84:C3:B4:6A:37:AD:E4:63:63:D2:EB:B6:40:CB:74:6F:62:2D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4257483CEA5095804FB4CFBEBB3D2CA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jqWEw7RqN63kY2PS67ZAy3RvYi0.roa
Signing time: Mon 01 Jan 2024 08:30:38 +0000
ROA not before: Mon 01 Jan 2024 08:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212653
IP address blocks: 193.34.79.0/24 maxlen: 24
83.143.117.0/24 maxlen: 24
185.185.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:74:83:ce:a5:09:58:04:fb:4c:fb:eb:b3:d2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ea584c3b46a37ade46363d2ebb640cb746f622d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:3f:eb:99:70:c8:f6:08:40:f3:3f:a2:95:
2d:ca:f7:f5:a2:ad:a5:ae:53:1b:7c:77:32:a6:18:
65:11:30:88:88:b9:60:a9:8a:f8:6c:17:85:bd:43:
04:c5:42:51:a5:f0:83:9a:83:59:bd:5e:4d:9f:0a:
1f:cd:93:10:74:9c:fb:41:5e:46:62:51:c9:a3:e4:
0e:a9:87:9a:d6:73:85:9d:21:9b:b1:ae:a9:ed:50:
26:3d:4d:b2:86:e8:88:2e:44:fb:eb:e6:93:31:7e:
ae:32:e9:32:ed:0e:ff:08:17:3f:1a:81:4a:47:36:
1c:ba:56:2c:47:2b:b7:be:20:f4:06:eb:46:06:83:
cb:50:a3:c7:f9:7d:9b:de:89:3d:f1:c4:a6:9f:b0:
88:00:af:fd:23:99:32:a9:22:0a:93:81:a8:0f:ad:
d6:04:d6:c9:d5:04:e2:51:4b:bc:83:f1:ec:b6:2c:
9e:d6:d0:ee:aa:e1:16:a6:6d:49:2c:92:19:3c:bc:
53:2a:fa:5c:65:2e:e3:cf:2f:c8:f8:fe:78:33:0a:
5d:f3:5e:f6:4a:9b:a9:cc:20:7c:86:63:71:fe:1a:
52:f9:cc:ae:1e:9a:c5:a8:af:3f:20:f7:d8:cc:15:
3d:f4:c1:a1:66:28:f6:1c:ec:9d:35:82:f3:2a:bf:
06:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A5:84:C3:B4:6A:37:AD:E4:63:63:D2:EB:B6:40:CB:74:6F:62:2D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jqWEw7RqN63kY2PS67ZAy3RvYi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.117.0/24
185.185.43.0/24
193.34.79.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:fd:bb:38:15:45:b3:9f:34:1b:db:d7:57:f5:7b:aa:f3:aa:
59:33:d4:ca:f5:7b:32:b3:1b:c5:5e:47:04:11:02:dc:34:f4:
62:59:1c:24:eb:67:f2:ad:0d:30:30:94:15:e8:25:bc:d2:bf:
8a:3c:db:b9:e1:50:78:c0:24:5f:7f:95:42:38:33:e1:f8:1c:
a4:38:26:b3:84:2c:53:a1:0d:cd:2c:43:63:b3:de:85:0a:1f:
34:b2:79:b9:6d:5c:e2:81:f6:ef:a2:23:5a:d0:b8:e4:93:91:
24:b5:c8:63:3b:0c:ea:f8:93:b9:1e:31:c7:dc:4d:6e:a1:cd:
a8:c2:4d:f2:c1:2d:d4:ab:81:50:61:fa:f9:df:02:35:bd:7a:
80:7a:08:75:2b:71:70:c1:b7:8f:6b:14:7b:a9:4f:94:29:ab:
54:49:d3:d6:36:e8:01:23:44:ed:60:b5:00:a3:e2:0d:f3:87:
85:26:13:d8:6a:d4:b9:af:36:2e:69:6b:e2:11:58:32:91:23:
bb:b7:1a:3b:57:85:bf:cd:11:02:f5:32:2f:61:d2:b3:2f:f8:
89:25:2e:4b:c7:2b:57:43:5c:b4:33:42:23:1a:93:47:e1:8d:
a1:11:83:b7:28:40:49:18:f2:d2:6a:91:4a:13:54:68:61:8b:
3e:1c:cd:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJXSDzqUJWAT7TPvrs9LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE1ODRjM2I0NmEzN2FkZTQ2MzYzZDJlYmI2NDBjYjc0NmY2MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozI/65lwyPYIQPM/opUtyvf1oq2l
rlMbfHcyphhlETCIiLlgqYr4bBeFvUMExUJRpfCDmoNZvV5NnwofzZMQdJz7QV5G
YlHJo+QOqYea1nOFnSGbsa6p7VAmPU2yhuiILkT76+aTMX6uMuky7Q7/CBc/GoFK
RzYculYsRyu3viD0ButGBoPLUKPH+X2b3ok98cSmn7CIAK/9I5kyqSIKk4GoD63W
BNbJ1QTiUUu8g/Hstiye1tDuquEWpm1JLJIZPLxTKvpcZS7jzy/I+P54Mwpd8172
SpupzCB8hmNx/hpS+cyuHprFqK8/IPfYzBU99MGhZij2HOydNYLzKr8G9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI6lhMO0ajet5GNj0uu2QMt0b2ItMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvanFXRXc3UnFONjNrWTJQUzY3WkF5M1J2WWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU491AwQA
ubkrAwQAwSJPMA0GCSqGSIb3DQEBCwUAA4IBAQCr/bs4FUWznzQb29dX9Xuq86pZ
M9TK9XsysxvFXkcEEQLcNPRiWRwk62fyrQ0wMJQV6CW80r+KPNu54VB4wCRff5VC
ODPh+BykOCazhCxToQ3NLENjs96FCh80snm5bVzigfbvoiNa0Ljkk5EktchjOwzq
+JO5HjHH3E1uoc2owk3ywS3Uq4FQYfr53wI1vXqAegh1K3FwwbePaxR7qU+UKatU
SdPWNugBI0TtYLUAo+IN84eFJhPYatS5rzYuaWviEVgykSO7txo7V4W/zREC9TIv
YdKzL/iJJS5LxytXQ1y0M0IjGpNH4Y2hEYO3KEBJGPLSapFKE1RoYYs+HM0W
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:58 2024 by rpki-client on console-ams.rpki-client.org