Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/lqPrVTGn5gHI-VBZ631h_BX22Z4.roa
File: lqPrVTGn5gHI-VBZ631h_BX22Z4.roa (raw, json)
Hash identifier: 0ghjMoelFdalUfrX1JzlBCKGPUp+mqNLnym5Tx+gL60=
Subject key identifier: 96:A3:EB:55:31:A7:E6:01:C8:F9:50:59:EB:7D:61:FC:15:F6:D9:9E
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019201792228F0EE20C79067AC4F44306767
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/lqPrVTGn5gHI-VBZ631h_BX22Z4.roa
Signing time: Tue 17 Sep 2024 19:32:48 +0000
ROA not before: Tue 17 Sep 2024 19:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6206
IP address blocks: 37.46.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 24
94.228.208.0/20 maxlen: 24
109.235.48.0/21 maxlen: 24
194.110.67.0/24 maxlen: 24
2a00:dd0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:01:79:22:28:f0:ee:20:c7:90:67:ac:4f:44:30:67:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Sep 17 19:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96a3eb5531a7e601c8f95059eb7d61fc15f6d99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:ee:2b:90:47:51:98:90:eb:ac:de:05:03:
01:9b:b9:73:06:57:a9:a3:6d:5b:7e:87:8c:02:69:
77:f3:23:12:a3:8a:ef:74:b0:6d:85:3f:90:1b:b5:
87:60:7b:53:9a:5c:df:eb:0e:cd:f8:e1:04:3b:12:
47:ed:2a:79:0e:94:59:b1:19:8a:7c:9a:63:e5:1a:
1e:f0:ad:2d:d4:6d:39:49:68:ed:ad:79:7d:be:42:
5d:3c:25:59:32:ee:d1:ee:f8:f9:85:9c:2b:d1:5c:
0e:24:90:a8:82:6e:2d:63:f5:ce:83:37:48:8d:b4:
0d:cb:4a:87:37:66:60:9d:59:fe:99:06:2d:21:b9:
a0:e1:1c:da:18:14:46:7a:54:03:1c:b5:6d:84:03:
62:de:32:41:36:01:4c:9b:6c:85:74:0e:41:65:7f:
c4:7d:c3:0b:c2:27:fb:7d:e4:15:19:17:ed:36:c0:
95:ef:05:0c:b0:97:26:f2:9e:76:60:5d:5c:13:8d:
02:57:15:78:d0:d9:4c:f5:98:58:a8:04:0b:df:0a:
f1:6d:09:76:0a:31:ac:ed:8c:49:26:1c:3c:46:c3:
41:6b:b5:47:45:83:6f:29:f4:70:f6:68:d0:ed:82:
a7:ef:f6:7b:cb:63:cb:1a:3c:b1:5a:aa:1d:04:ab:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A3:EB:55:31:A7:E6:01:C8:F9:50:59:EB:7D:61:FC:15:F6:D9:9E
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/lqPrVTGn5gHI-VBZ631h_BX22Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:7e:7d:9d:3e:a3:d6:3c:3c:43:76:7c:22:b3:19:f6:ee:ef:
18:ff:3d:74:5c:15:a7:8f:57:fb:e8:ef:d4:ee:6e:2b:ac:d4:
33:4d:67:a0:4e:e5:02:9d:14:30:4f:85:6e:a7:98:c5:c1:97:
27:a1:86:57:9a:b9:1f:80:f2:0d:50:fc:2f:74:b5:cb:bd:8b:
06:ad:c6:5c:9d:05:e7:aa:20:51:14:a7:fa:95:42:2b:29:bd:
a9:3c:e3:f0:3b:13:9e:65:97:c0:6c:4d:fb:76:ba:d9:2e:c2:
4b:fd:08:3a:a5:aa:af:e2:bf:50:16:b8:84:f6:20:57:04:df:
a2:97:8b:b4:21:85:4d:56:e4:be:9c:b8:e3:58:28:31:48:fb:
44:58:f4:7c:33:fb:70:7c:a6:50:25:92:23:5f:bd:f5:84:c9:
df:cd:c8:24:d6:61:cb:ed:93:6e:dc:ad:7d:b2:2a:fb:06:5a:
59:75:90:6c:60:10:ec:b4:b5:7c:9f:ad:45:1c:02:bf:be:8c:
96:fe:56:06:e7:d9:2f:8d:a6:f9:f0:91:e9:25:78:7e:c6:d5:
08:29:79:1e:f7:00:2a:05:52:6b:93:57:d5:74:ef:3c:14:62:
e9:78:25:d8:48:a5:f5:f5:96:33:a5:d5:d3:36:77:a5:da:46:
d3:c9:81:da
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZIBeSIo8O4gx5BnrE9EMGdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQwOTE3MTkzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEzZWI1NTMxYTdlNjAxYzhmOTUwNTllYjdkNjFmYzE1ZjZkOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HjuK5BHUZiQ66zeBQMBm7lzBlep
o21bfoeMAml38yMSo4rvdLBthT+QG7WHYHtTmlzf6w7N+OEEOxJH7Sp5DpRZsRmK
fJpj5Roe8K0t1G05SWjtrXl9vkJdPCVZMu7R7vj5hZwr0VwOJJCogm4tY/XOgzdI
jbQNy0qHN2ZgnVn+mQYtIbmg4RzaGBRGelQDHLVthANi3jJBNgFMm2yFdA5BZX/E
fcMLwif7feQVGRftNsCV7wUMsJcm8p52YF1cE40CVxV40NlM9ZhYqAQL3wrxbQl2
CjGs7YxJJhw8RsNBa7VHRYNvKfRw9mjQ7YKn7/Z7y2PLGjyxWqodBKvkAQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJaj61Uxp+YByPlQWet9YfwV9tmeMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvbHFQclZUR241Z0hJLVZCWjYzMWhfQlgyMlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJS7AAwQA
W8cyAwQDXrlQAwQEXuTQAwQDbeswAwQAwm5DMA0EAgACMAcDBQAqAA3QMA0GCSqG
SIb3DQEBCwUAA4IBAQBKfn2dPqPWPDxDdnwisxn27u8Y/z10XBWnj1f76O/U7m4r
rNQzTWegTuUCnRQwT4Vup5jFwZcnoYZXmrkfgPINUPwvdLXLvYsGrcZcnQXnqiBR
FKf6lUIrKb2pPOPwOxOeZZfAbE37drrZLsJL/Qg6paqv4r9QFriE9iBXBN+il4u0
IYVNVuS+nLjjWCgxSPtEWPR8M/twfKZQJZIjX731hMnfzcgk1mHL7ZNu3K19sir7
BlpZdZBsYBDstLV8n61FHAK/voyW/lYG59kvjab58JHpJXh+xtUIKXke9wAqBVJr
k1fVdO88FGLpeCXYSKX19ZYzpdXTNnel2kbTyYHa
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:20 2024 by rpki-client on console-ams.rpki-client.org