Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/1-qkXwvYlvGgsuqI5uJO1P8oDAs0.roa
File: 1-qkXwvYlvGgsuqI5uJO1P8oDAs0.roa (raw, json)
Hash identifier: 2D+pnv+26fi7n3xTTwFI7y631G0VukVYTnUNnxy9W/U=
Subject key identifier: FA:A9:17:C2:F6:25:BC:68:2C:BA:A2:39:B8:93:B5:3F:CA:03:02:CD
Certificate issuer: /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial: 018CC5DC5AEF99CF86CE2180C6C44AE9B781
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/1-qkXwvYlvGgsuqI5uJO1P8oDAs0.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196755
IP address blocks: 188.66.8.0/21 maxlen: 21
185.164.156.0/22 maxlen: 22
85.119.188.0/22 maxlen: 22
2a0c:10c0::/29 maxlen: 40
2a0c:10c0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5a:ef:99:cf:86:ce:21:80:c6:c4:4a:e9:b7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa917c2f625bc682cbaa239b893b53fca0302cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d2:f5:5a:5c:68:14:a2:65:c2:9e:1e:b9:19:
e0:88:ca:62:23:69:41:08:cf:af:bf:36:8b:d2:35:
d4:bd:30:a0:7e:1d:54:26:24:b0:64:79:68:77:7d:
f3:fd:ff:00:e0:20:79:23:d4:76:be:67:21:83:7c:
7b:03:ef:41:e8:52:98:e2:3c:5c:d7:39:7f:e7:47:
7d:ad:5e:42:4f:91:c4:e4:98:f2:21:13:79:37:29:
89:b8:da:ff:3a:84:b2:7f:c7:4d:87:3e:80:87:9d:
e1:1a:5e:ae:98:97:30:64:31:1d:a6:83:0c:08:21:
17:1d:ac:f3:37:f8:a3:83:0a:fb:77:53:19:3c:e4:
ba:9c:b6:8a:24:da:49:11:52:92:d0:1e:71:ba:97:
11:de:ba:86:8f:22:36:a5:e4:4e:69:0d:0d:ba:90:
67:15:d7:5e:79:a9:76:69:32:db:07:66:67:49:e7:
7f:45:c8:6d:18:67:aa:58:39:0e:d2:e1:e7:82:53:
ed:e7:ba:83:3c:2c:fa:63:f8:9e:d8:92:e4:57:da:
f7:be:36:37:62:66:c2:d4:aa:47:40:71:3c:b9:05:
21:b5:dd:91:d5:ff:43:18:fd:ca:f8:5b:ec:61:80:
11:0c:44:c7:ba:ba:ad:93:04:47:cb:17:61:b1:81:
7f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A9:17:C2:F6:25:BC:68:2C:BA:A2:39:B8:93:B5:3F:CA:03:02:CD
X509v3 Authority Key Identifier:
keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/1-qkXwvYlvGgsuqI5uJO1P8oDAs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.188.0/22
185.164.156.0/22
188.66.8.0/21
IPv6:
2a0c:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:2e:43:57:f2:58:6e:1c:a8:c5:57:11:e4:44:21:e9:f6:7e:
02:cc:dc:c0:95:81:f1:85:51:77:14:35:92:ed:fc:15:85:92:
35:5e:b1:91:41:62:21:39:64:79:7d:12:e5:b7:5e:2b:8c:11:
bc:5b:96:47:4e:c1:84:f4:85:45:9a:cd:37:a6:6f:4d:ef:3a:
70:01:4d:9e:57:b3:06:f4:06:cc:4a:61:ab:63:fc:9d:62:26:
df:3b:3f:2e:2d:96:4d:34:1d:fc:5b:95:75:03:0e:83:b7:6d:
2c:9c:6d:9b:ab:d8:c9:2d:f6:e2:e9:45:74:85:41:b0:54:b6:
17:17:a9:48:84:12:e1:9a:56:29:ba:8b:a3:be:ca:45:4b:72:
97:71:7a:9f:38:72:dd:39:59:56:7f:f1:13:75:60:83:9c:3a:
9e:25:f2:29:bc:62:15:52:fa:c3:c9:9f:4e:9b:b9:fa:3f:36:
b5:c0:7c:e1:f2:68:ad:09:6c:1c:ab:c2:23:ad:02:09:d9:e2:
cb:d5:de:64:73:aa:a5:b2:e7:fc:2a:7b:5d:2d:cc:f2:ad:24:
db:92:9a:72:7b:5d:79:33:6e:c1:03:6e:6e:87:64:44:12:56:
0b:dd:bf:8a:67:5d:d8:9e:40:69:b4:80:30:95:bf:06:e3:d5:
53:c0:bc:34
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3Frvmc+GziGAxsRK6beBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE5MTdjMmY2MjViYzY4MmNiYWEyMzliODkzYjUzZmNhMDMwMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNL1WlxoFKJlwp4euRngiMpiI2lB
CM+vvzaL0jXUvTCgfh1UJiSwZHlod33z/f8A4CB5I9R2vmchg3x7A+9B6FKY4jxc
1zl/50d9rV5CT5HE5JjyIRN5NymJuNr/OoSyf8dNhz6Ah53hGl6umJcwZDEdpoMM
CCEXHazzN/ijgwr7d1MZPOS6nLaKJNpJEVKS0B5xupcR3rqGjyI2peROaQ0NupBn
Fddeeal2aTLbB2ZnSed/RchtGGeqWDkO0uHnglPt57qDPCz6Y/ie2JLkV9r3vjY3
YmbC1KpHQHE8uQUhtd2R1f9DGP3K+FvsYYARDETHurqtkwRHyxdhsYF/6wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPqpF8L2JbxoLLqiObiTtT/KAwLNMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvMS1xa1h3dllsdkdnc3VxSTV1Sk8xUDhvREFzMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWIvODgxNzVhLTEyYzgtNDU5MC04MmUwLTNjNmY4OGM5MTRi
MS8xL0o5aGtEREJSQjNacVpHLV9qc2dkdEZ6aDhray5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAlV3vAME
ArmknAMEA7xCCDANBAIAAjAHAwUDKgwQwDANBgkqhkiG9w0BAQsFAAOCAQEAIi5D
V/JYbhyoxVcR5EQh6fZ+AszcwJWB8YVRdxQ1ku38FYWSNV6xkUFiITlkeX0S5bde
K4wRvFuWR07BhPSFRZrNN6ZvTe86cAFNnlezBvQGzEphq2P8nWIm3zs/Li2WTTQd
/FuVdQMOg7dtLJxtm6vYyS324ulFdIVBsFS2FxepSIQS4ZpWKbqLo77KRUtyl3F6
nzhy3TlZVn/xE3Vgg5w6niXyKbxiFVL6w8mfTpu5+j82tcB84fJorQlsHKvCI60C
Cdniy9XeZHOqpbLn/Cp7XS3M8q0k25KacntdeTNuwQNubodkRBJWC92/imdd2J5A
abSAMJW/BuPVU8C8NA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:28:39 2024 by rpki-client on console-ams.rpki-client.org