Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/k1_qr_M5qoi2cYn67yTFXLBVIrY.roa
File: k1_qr_M5qoi2cYn67yTFXLBVIrY.roa (raw, json)
Hash identifier: 5quDZDMCQxcFlTdVdXP/GCEATD8C1IswKC1NM0pROOY=
Subject key identifier: 93:5F:EA:AF:F3:39:AA:88:B6:71:89:FA:EF:24:C5:5C:B0:55:22:B6
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 018CC2DB23A04A81FEB27EF4843C28A0C225
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/k1_qr_M5qoi2cYn67yTFXLBVIrY.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43994
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:a0:4a:81:fe:b2:7e:f4:84:3c:28:a0:c2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=935feaaff339aa88b67189faef24c55cb05522b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:e9:2c:ee:c4:60:8d:70:64:25:d6:7f:e2:
b4:79:ec:09:38:71:14:7a:78:05:7c:75:9d:b0:33:
29:3c:2c:06:44:fa:e5:eb:84:18:c3:1d:b2:b0:56:
b1:84:0b:a2:cc:2c:73:07:88:8f:fe:a6:d6:1e:73:
f4:ec:a3:ba:0e:ab:c5:80:04:e3:eb:2b:e8:db:7b:
e9:70:63:be:ab:09:d2:52:ef:c6:61:24:53:a7:61:
20:4f:af:4d:a1:4a:17:6c:c9:f4:c2:56:30:ec:e7:
ec:d4:61:4d:8d:5f:94:5e:f5:8f:59:62:5b:7c:ab:
e6:c0:a3:ac:1e:06:15:fd:79:23:9d:8a:84:fb:29:
09:96:7a:10:50:c8:85:7d:87:7f:41:62:cb:b9:d5:
3a:68:ba:67:44:e7:be:0e:51:95:d2:70:e1:86:1e:
bc:1a:1b:c0:00:f4:88:c9:57:58:67:87:1d:2e:72:
bd:6f:10:d1:7f:32:7e:e1:cc:c4:30:e6:cf:09:76:
69:6b:1f:29:a2:1d:d9:cc:4d:8a:01:4a:e6:a2:85:
fa:40:e2:8e:2f:90:83:b2:58:da:54:43:2d:84:ab:
2f:9b:4a:e8:ed:77:94:f6:9c:4d:e7:e0:fe:d7:7d:
ca:d0:f9:c6:75:d9:23:c3:40:c9:12:3a:0b:ea:7a:
58:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5F:EA:AF:F3:39:AA:88:B6:71:89:FA:EF:24:C5:5C:B0:55:22:B6
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/k1_qr_M5qoi2cYn67yTFXLBVIrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:cf:ed:d2:38:28:09:db:de:15:ac:3c:72:01:87:93:6a:bc:
e1:b3:57:35:97:31:e3:ea:b3:20:fa:80:b2:b8:06:35:2f:9f:
10:83:81:dc:63:f3:e9:2a:1d:d7:e6:d6:6e:62:13:9f:0e:c0:
7f:9a:cf:62:46:71:c6:44:05:fe:88:5c:cd:02:ef:5c:38:ff:
5e:99:3c:c5:a4:37:27:d8:47:e4:7e:3b:d3:1a:3e:83:3f:3d:
ae:07:09:31:08:ac:a4:71:2f:46:e4:7a:1d:53:19:36:99:a1:
72:43:96:b1:63:d4:fa:fd:62:46:29:6d:73:66:2e:04:47:5f:
86:d6:2e:a3:af:c9:b2:b3:41:ef:a5:db:d1:2e:93:90:1e:5c:
be:87:e5:36:ae:86:1d:d6:7f:b7:3b:82:e9:98:0e:e9:96:47:
1c:b2:97:95:61:04:11:40:0f:50:89:56:56:34:8e:c5:00:9b:
21:bf:37:5b:e1:66:09:33:01:23:f6:ae:76:49:b4:95:ec:9b:
b0:20:99:39:bc:0b:b9:6a:95:9b:9c:58:c8:a0:4b:68:8b:18:
8b:af:98:17:c4:b4:ec:60:9b:79:6d:c1:a3:19:20:c8:3a:ce:
b3:b0:b9:38:4b:54:6b:a8:53:c5:e6:41:7a:9c:9c:a2:81:25:
f7:94:8b:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yOgSoH+sn70hDwooMIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVmZWFhZmYzMzlhYTg4YjY3MTg5ZmFlZjI0YzU1Y2IwNTUyMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCDpLO7EYI1wZCXWf+K0eewJOHEU
engFfHWdsDMpPCwGRPrl64QYwx2ysFaxhAuizCxzB4iP/qbWHnP07KO6DqvFgATj
6yvo23vpcGO+qwnSUu/GYSRTp2EgT69NoUoXbMn0wlYw7Ofs1GFNjV+UXvWPWWJb
fKvmwKOsHgYV/XkjnYqE+ykJlnoQUMiFfYd/QWLLudU6aLpnROe+DlGV0nDhhh68
GhvAAPSIyVdYZ4cdLnK9bxDRfzJ+4czEMObPCXZpax8poh3ZzE2KAUrmooX6QOKO
L5CDsljaVEMthKsvm0ro7XeU9pxN5+D+133K0PnGddkjw0DJEjoL6npYVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJNf6q/zOaqItnGJ+u8kxVywVSK2MB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvazFfcXJfTTVxb2kyY1luNjd5VEZYTEJWSXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQCNz+3SOCgJ294VrDxy
AYeTarzhs1c1lzHj6rMg+oCyuAY1L58Qg4HcY/PpKh3X5tZuYhOfDsB/ms9iRnHG
RAX+iFzNAu9cOP9emTzFpDcn2EfkfjvTGj6DPz2uBwkxCKykcS9G5HodUxk2maFy
Q5axY9T6/WJGKW1zZi4ER1+G1i6jr8mys0HvpdvRLpOQHly+h+U2roYd1n+3O4Lp
mA7plkccspeVYQQRQA9QiVZWNI7FAJshvzdb4WYJMwEj9q52SbSV7JuwIJk5vAu5
apWbnFjIoEtoixiLr5gXxLTsYJt5bcGjGSDIOs6zsLk4S1RrqFPF5kF6nJyigSX3
lItd
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:37 2024 by rpki-client on console-ams.rpki-client.org