Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/pQJZXZRaLPukd1c8DAKYb6D6usU.roa
File: pQJZXZRaLPukd1c8DAKYb6D6usU.roa (raw, json)
Hash identifier: 4SH59zpSspNP32S7MpmykHj7VFpiILrjNWV65iqTEPU=
Subject key identifier: A5:02:59:5D:94:5A:2C:FB:A4:77:57:3C:0C:02:98:6F:A0:FA:BA:C5
Certificate issuer: /CN=3848885c9702eac1f3d01263e6d3e54449ee2154
Certificate serial: 018CC2DB2F080C51B3EAC2FDD6DAFD730627
Authority key identifier: 38:48:88:5C:97:02:EA:C1:F3:D0:12:63:E6:D3:E5:44:49:EE:21:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEiIXJcC6sHz0BJj5tPlREnuIVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/pQJZXZRaLPukd1c8DAKYb6D6usU.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210767
IP address blocks: 188.64.139.0/24 maxlen: 24
2a11:fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/OEiIXJcC6sHz0BJj5tPlREnuIVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/OEiIXJcC6sHz0BJj5tPlREnuIVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OEiIXJcC6sHz0BJj5tPlREnuIVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2f:08:0c:51:b3:ea:c2:fd:d6:da:fd:73:06:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3848885c9702eac1f3d01263e6d3e54449ee2154
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a502595d945a2cfba477573c0c02986fa0fabac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:fe:2e:3c:11:b0:7f:19:6a:bf:b7:3a:f4:
a2:b0:ea:5a:db:f0:ce:1b:44:82:23:55:c3:4b:5c:
8b:2f:af:6d:cd:55:56:7b:06:9f:c7:01:8c:46:18:
05:48:3e:9e:74:fd:87:f8:e2:d0:89:d6:2c:af:3d:
b1:72:42:3d:55:58:13:72:13:79:a2:5c:40:d3:5a:
84:06:d6:62:67:04:89:85:4a:0c:e0:af:1b:70:6c:
c3:14:51:a7:a3:f7:8e:af:5a:a0:2b:29:d3:e5:f2:
78:d9:db:b1:f3:26:6e:32:53:3a:e0:64:75:06:6c:
cd:7d:df:dc:c9:36:eb:05:74:bd:53:1f:f0:20:02:
5b:d4:b6:15:37:12:e4:85:50:a7:ee:03:53:66:0b:
b2:4b:1c:cb:42:0f:96:d1:fc:03:95:cb:eb:43:ec:
7f:e3:14:da:3b:b8:95:f1:d5:22:db:a4:34:76:60:
eb:9d:1a:80:1c:e7:d8:e8:3a:18:f9:0e:9a:2e:b3:
26:7b:e2:12:0e:4c:c3:e4:27:c9:af:10:f5:ac:c8:
ec:f9:e3:19:68:41:9b:27:d8:61:41:54:3f:e3:bf:
88:df:09:34:67:9c:eb:71:77:13:64:53:84:31:79:
77:e4:90:cb:38:14:55:b9:03:d9:41:dc:66:04:b5:
ae:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:59:5D:94:5A:2C:FB:A4:77:57:3C:0C:02:98:6F:A0:FA:BA:C5
X509v3 Authority Key Identifier:
keyid:38:48:88:5C:97:02:EA:C1:F3:D0:12:63:E6:D3:E5:44:49:EE:21:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEiIXJcC6sHz0BJj5tPlREnuIVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/pQJZXZRaLPukd1c8DAKYb6D6usU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/37bdb7-9b93-46ab-9a15-42a48dbc2521/1/OEiIXJcC6sHz0BJj5tPlREnuIVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.139.0/24
IPv6:
2a11:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
15:f6:6f:37:c4:04:e2:93:9c:91:fe:04:cb:b6:5b:12:4d:f4:
1d:d2:25:ee:f1:31:86:5c:47:6a:e1:90:af:f9:6b:8c:3e:a1:
fe:83:e2:73:9b:d4:ae:0a:8e:8e:77:4b:47:5a:78:6c:5d:2e:
c8:ca:c1:a4:ad:b3:01:ec:f3:68:61:2d:e5:02:98:3e:37:db:
46:1c:eb:c7:42:4a:38:9d:a7:48:ab:6a:8f:55:59:82:5f:60:
dc:89:a6:22:46:34:ea:13:97:cc:3a:10:44:b1:88:1f:17:15:
15:9e:2c:d6:c1:b1:89:0c:6e:c9:dc:83:be:c2:9b:8d:53:0d:
ad:8b:7b:ba:f9:ef:1a:17:10:3c:2d:ad:7e:22:2e:a1:20:23:
4f:29:6c:f7:f9:fd:64:35:fc:c6:0f:c0:e6:70:88:31:d1:66:
a6:15:bf:78:42:4f:33:3e:f0:5b:52:ee:f1:89:67:46:f0:c1:
02:ef:4b:5d:97:94:ac:ef:c2:e5:ae:df:74:2d:93:97:a0:10:
20:58:57:af:58:c5:c2:96:dc:f1:c2:64:ec:b2:2d:1a:c7:51:
1f:24:62:a8:2a:42:57:0e:c3:29:aa:25:3a:91:7d:88:1e:28:
e9:6f:ca:7b:48:36:2e:fc:c6:91:a6:da:ab:fa:c5:74:27:f6:
4a:9d:bc:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2y8IDFGz6sL91tr9cwYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg4ODVjOTcwMmVhYzFmM2QwMTI2M2U2ZDNlNTQ0NDll
ZTIxNTQwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAyNTk1ZDk0NWEyY2ZiYTQ3NzU3M2MwYzAyOTg2ZmEwZmFiYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt/+LjwRsH8Zar+3OvSisOpa2/DO
G0SCI1XDS1yLL69tzVVWewafxwGMRhgFSD6edP2H+OLQidYsrz2xckI9VVgTchN5
olxA01qEBtZiZwSJhUoM4K8bcGzDFFGno/eOr1qgKynT5fJ42dux8yZuMlM64GR1
BmzNfd/cyTbrBXS9Ux/wIAJb1LYVNxLkhVCn7gNTZguySxzLQg+W0fwDlcvrQ+x/
4xTaO7iV8dUi26Q0dmDrnRqAHOfY6DoY+Q6aLrMme+ISDkzD5CfJrxD1rMjs+eMZ
aEGbJ9hhQVQ/47+I3wk0Z5zrcXcTZFOEMXl35JDLOBRVuQPZQdxmBLWufwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUCWV2UWiz7pHdXPAwCmG+g+rrFMB8GA1UdIwQY
MBaAFDhIiFyXAurB89ASY+bT5URJ7iFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VpSVhKY0M2c0h6MEJKajV0UGxSRW51SVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zN2JkYjctOWI5My00NmFiLTlhMTUt
NDJhNDhkYmMyNTIxLzEvcFFKWlhaUmFMUHVrZDFjOERBS1liNkQ2dXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zN2JkYjctOWI5My00NmFiLTlhMTUtNDJhNDhkYmMyNTIx
LzEvT0VpSVhKY0M2c0h6MEJKajV0UGxSRW51SVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvECLMA0E
AgACMAcDBQMqEQ/AMA0GCSqGSIb3DQEBCwUAA4IBAQAV9m83xATik5yR/gTLtlsS
TfQd0iXu8TGGXEdq4ZCv+WuMPqH+g+Jzm9SuCo6Od0tHWnhsXS7IysGkrbMB7PNo
YS3lApg+N9tGHOvHQko4nadIq2qPVVmCX2DciaYiRjTqE5fMOhBEsYgfFxUVnizW
wbGJDG7J3IO+wpuNUw2ti3u6+e8aFxA8La1+Ii6hICNPKWz3+f1kNfzGD8DmcIgx
0WamFb94Qk8zPvBbUu7xiWdG8MEC70tdl5Ss78Llrt90LZOXoBAgWFevWMXCltzx
wmTssi0ax1EfJGKoKkJXDsMpqiU6kX2IHijpb8p7SDYu/MaRptqr+sV0J/ZKnbwW
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:01 2024 by rpki-client on console-fra.rpki-client.org