Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/quawSWznBixEw4o-S2N9kVS_pl8.roa
File: quawSWznBixEw4o-S2N9kVS_pl8.roa (raw, json)
Hash identifier: jfuAfUWA8wWd2It4QrVHbjnc40ZYZktc0iu1fBcAjTw=
Subject key identifier: AA:E6:B0:49:6C:E7:06:2C:44:C3:8A:3E:4B:63:7D:91:54:BF:A6:5F
Certificate issuer: /CN=14446466c71d24658c8b6f7eae5305febd17a4ba
Certificate serial: 018CC26D4EB2F30BB092F091565FF95C737C
Authority key identifier: 14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/quawSWznBixEw4o-S2N9kVS_pl8.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35704
IP address blocks: 80.245.144.0/20 maxlen: 20
80.245.145.0/24 maxlen: 24
80.245.144.0/22 maxlen: 22
80.245.152.0/21 maxlen: 21
80.245.148.0/22 maxlen: 22
80.245.147.0/24 maxlen: 24
80.245.146.0/24 maxlen: 24
80.245.156.0/24 maxlen: 24
80.245.159.0/24 maxlen: 24
2a09:1480::/29 maxlen: 29
2a09:1480:100::/40 maxlen: 40
2a09:1480::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/FERkZscdJGWMi29-rlMF_r0XpLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/FERkZscdJGWMi29-rlMF_r0XpLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4e:b2:f3:0b:b0:92:f0:91:56:5f:f9:5c:73:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14446466c71d24658c8b6f7eae5305febd17a4ba
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aae6b0496ce7062c44c38a3e4b637d9154bfa65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:38:76:66:53:61:78:c2:cc:a2:93:8f:19:1e:
7f:05:c9:0b:08:be:ac:6e:df:a3:11:6e:89:e9:ac:
e0:0a:43:86:bd:b7:7a:51:d9:fe:9b:8c:1c:52:64:
82:48:df:e9:67:71:66:e5:2d:93:46:ec:a4:58:77:
1b:2b:8d:58:39:64:87:c4:24:2d:87:b0:d9:ec:48:
f9:4b:4d:ba:68:b9:16:71:1f:e0:4d:85:e5:4b:65:
27:8d:e3:b2:ce:5b:fc:80:33:3f:9f:0d:62:3a:39:
3b:97:31:9b:c3:02:e2:26:9e:f3:04:39:8c:c4:93:
e8:d3:28:55:84:56:01:61:3d:7c:c6:08:a5:f8:ed:
44:3e:8e:56:8a:29:d8:97:f0:f9:85:90:94:6e:57:
b4:c5:b8:8b:68:6b:0b:73:b8:ab:67:47:fa:81:bc:
66:f6:d3:d1:84:60:1d:f5:c7:1b:27:d9:e2:f5:f6:
78:e9:4d:79:02:fb:bb:1b:bd:4f:20:3c:a2:a3:53:
38:7b:66:c2:31:c1:a8:de:d5:41:16:06:95:0e:a9:
b5:c4:0d:e7:51:b2:f2:0c:45:dc:e1:37:d0:c1:f6:
d7:50:a8:6a:7a:d5:bc:09:0c:ba:80:63:0d:23:70:
a0:91:c4:d5:fb:0f:47:c6:b4:14:bd:88:6c:82:a1:
9f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E6:B0:49:6C:E7:06:2C:44:C3:8A:3E:4B:63:7D:91:54:BF:A6:5F
X509v3 Authority Key Identifier:
keyid:14:44:64:66:C7:1D:24:65:8C:8B:6F:7E:AE:53:05:FE:BD:17:A4:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FERkZscdJGWMi29-rlMF_r0XpLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/quawSWznBixEw4o-S2N9kVS_pl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/566fb3-a641-4d19-a58e-640e075bf87f/1/FERkZscdJGWMi29-rlMF_r0XpLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.144.0/20
IPv6:
2a09:1480::/29
Signature Algorithm: sha256WithRSAEncryption
12:75:4a:43:56:b9:74:bf:a8:dd:6a:bc:83:20:e0:e5:70:ad:
65:39:55:6e:be:dc:70:76:dc:fe:fa:a7:16:8b:d4:a1:42:f4:
ef:ee:0c:df:17:71:41:35:66:24:5f:9b:55:d1:66:fb:8d:be:
5c:55:ac:86:52:13:42:9d:7b:92:10:78:8d:89:a1:7b:e6:ec:
cc:29:6e:ca:4b:7d:6f:46:37:f0:61:d0:10:72:23:ce:04:03:
d8:ad:5f:a9:70:58:5e:20:ee:b0:da:2f:0d:ca:bb:63:2f:fa:
bc:3d:43:cf:7e:78:7e:8e:c7:81:06:e5:1a:b0:d2:2b:20:b4:
fe:ab:30:9f:43:00:8c:18:3c:16:0b:ec:7c:fe:d8:39:60:f0:
82:cd:31:e3:49:a6:75:80:27:14:12:8b:e2:a6:b0:47:aa:88:
8f:1b:d4:90:ba:b6:40:01:04:04:b9:67:87:ae:49:b0:3e:6f:
21:2f:01:29:4e:2c:30:e8:1e:93:1f:9b:38:db:4b:53:0b:5c:
87:7b:75:e5:34:97:e3:fa:87:ae:57:64:be:52:9d:c8:1d:5a:
9a:3c:14:b7:c2:62:71:cb:ad:ea:e6:85:01:80:9b:db:2f:a8:
11:c8:05:55:02:ee:e0:d5:e6:57:96:ac:f8:7e:2b:72:ae:52:
bc:59:d7:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbU6y8wuwkvCRVl/5XHN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NDQ2NDY2YzcxZDI0NjU4YzhiNmY3ZWFlNTMwNWZlYmQx
N2E0YmEwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU2YjA0OTZjZTcwNjJjNDRjMzhhM2U0YjYzN2Q5MTU0YmZhNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTh2ZlNheMLMopOPGR5/BckLCL6s
bt+jEW6J6azgCkOGvbd6Udn+m4wcUmSCSN/pZ3Fm5S2TRuykWHcbK41YOWSHxCQt
h7DZ7Ej5S026aLkWcR/gTYXlS2UnjeOyzlv8gDM/nw1iOjk7lzGbwwLiJp7zBDmM
xJPo0yhVhFYBYT18xgil+O1EPo5WiinYl/D5hZCUble0xbiLaGsLc7irZ0f6gbxm
9tPRhGAd9ccbJ9ni9fZ46U15Avu7G71PIDyio1M4e2bCMcGo3tVBFgaVDqm1xA3n
UbLyDEXc4TfQwfbXUKhqetW8CQy6gGMNI3CgkcTV+w9HxrQUvYhsgqGfFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKrmsEls5wYsRMOKPktjfZFUv6ZfMB8GA1UdIwQY
MBaAFBREZGbHHSRljItvfq5TBf69F6S6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUt
NjQwZTA3NWJmODdmLzEvcXVhd1NXem5CaXhFdzRvLVMyTjlrVlNfcGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC81NjZmYjMtYTY0MS00ZDE5LWE1OGUtNjQwZTA3NWJmODdm
LzEvRkVSa1pzY2RKR1dNaTI5LXJsTUZfcjBYcExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUPWQMA0E
AgACMAcDBQMqCRSAMA0GCSqGSIb3DQEBCwUAA4IBAQASdUpDVrl0v6jdaryDIODl
cK1lOVVuvtxwdtz++qcWi9ShQvTv7gzfF3FBNWYkX5tV0Wb7jb5cVayGUhNCnXuS
EHiNiaF75uzMKW7KS31vRjfwYdAQciPOBAPYrV+pcFheIO6w2i8NyrtjL/q8PUPP
fnh+jseBBuUasNIrILT+qzCfQwCMGDwWC+x8/tg5YPCCzTHjSaZ1gCcUEoviprBH
qoiPG9SQurZAAQQEuWeHrkmwPm8hLwEpTiww6B6TH5s420tTC1yHe3XlNJfj+oeu
V2S+Up3IHVqaPBS3wmJxy63q5oUBgJvbL6gRyAVVAu7g1eZXlqz4fityrlK8Wder
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:19 2024 by rpki-client on console-fra.rpki-client.org