Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/qRp5jN7Ipfthiin5xppDik9uiLI.roa
File: qRp5jN7Ipfthiin5xppDik9uiLI.roa (raw, json)
Hash identifier: fsTlvB7JUVxfsitCfgyEQqbjXai2/3dkBtGssl4iU9Q=
Subject key identifier: A9:1A:79:8C:DE:C8:A5:FB:61:8A:29:F9:C6:9A:43:8A:4F:6E:88:B2
Certificate issuer: /CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Certificate serial: 018CC56EA829D016144E75FF8E19C263868E
Authority key identifier: 3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/qRp5jN7Ipfthiin5xppDik9uiLI.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204326
IP address blocks: 31.132.40.0/22 maxlen: 24
185.18.240.0/22 maxlen: 24
171.22.92.0/22 maxlen: 24
2a0d:9f40::/29 maxlen: 48
2a09:3cc0::/29 maxlen: 48
2a04:d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/PB4_3feITXhacI_U5mS2LekQ6-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/PB4_3feITXhacI_U5mS2LekQ6-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a8:29:d0:16:14:4e:75:ff:8e:19:c2:63:86:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a91a798cdec8a5fb618a29f9c69a438a4f6e88b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:92:e0:d2:c1:b9:7c:f0:df:73:d6:f8:5f:8e:
60:d9:64:58:8d:c0:65:50:45:b8:86:1c:e8:a8:a7:
05:c8:56:39:83:f5:ba:9d:24:65:d5:6d:e5:cd:f4:
86:a0:a8:73:8d:0c:0a:87:33:1c:51:85:aa:77:5b:
56:26:0b:5c:60:65:01:e6:de:6d:0a:a0:a1:2e:09:
8e:43:45:83:4d:c0:74:eb:40:93:77:01:40:0f:4b:
79:d2:84:d2:4c:83:ce:a6:3a:45:d2:b7:98:e6:90:
ca:b9:82:8c:40:99:84:4e:ba:a4:ba:03:7f:dd:e0:
bb:61:e9:de:db:c4:0c:6e:1f:56:0e:97:5f:32:1e:
89:7e:d6:65:ad:4b:23:6d:3a:5e:9f:f6:70:64:f8:
42:f7:ed:6a:4f:0a:00:cb:aa:05:a0:58:a1:3f:40:
59:9d:a9:80:ed:08:3e:f0:00:16:88:49:a4:dd:23:
3c:38:6a:8e:ad:59:e5:b7:e3:16:4c:43:0a:d8:e6:
a2:2e:cd:29:7d:db:b0:86:85:d1:e7:88:32:39:23:
16:98:36:cb:28:2e:fd:17:3c:35:19:17:ab:8a:7e:
a7:03:f6:13:b5:e4:e5:33:c8:1b:1b:ae:1c:5e:ff:
2a:ed:5d:db:b6:8f:0e:9f:91:84:12:e7:11:9a:af:
ec:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:1A:79:8C:DE:C8:A5:FB:61:8A:29:F9:C6:9A:43:8A:4F:6E:88:B2
X509v3 Authority Key Identifier:
keyid:3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/qRp5jN7Ipfthiin5xppDik9uiLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/PB4_3feITXhacI_U5mS2LekQ6-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.40.0/22
171.22.92.0/22
185.18.240.0/22
IPv6:
2a04:d00::/29
2a09:3cc0::/29
2a0d:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
d2:e1:0e:25:c4:21:55:f8:12:1e:c9:9e:54:77:e6:d8:8f:0a:
df:02:3b:db:e7:c9:90:d3:c6:d8:15:af:9f:8c:83:c6:05:a2:
22:c8:2d:74:ca:da:c2:74:ff:2e:b5:ac:ab:ec:6b:33:9a:68:
3a:b5:b4:23:7f:24:02:95:4d:0a:79:f2:ba:eb:8a:95:7d:32:
9b:ab:03:22:dc:33:58:31:1b:26:b0:c2:59:21:68:e0:7b:7e:
98:e1:6c:7d:7c:dd:94:0e:38:dd:23:98:51:7d:39:08:19:bb:
99:ac:46:ae:5a:15:a0:a5:70:6b:09:08:b8:a6:d0:31:12:47:
0b:f1:48:b2:41:f1:58:2b:83:50:4a:f7:89:e7:3d:5d:81:30:
79:6a:c6:f6:ac:d5:e3:c9:3a:82:26:6d:a2:5f:32:c0:e5:62:
6d:e2:99:9b:3c:8a:ab:ff:db:8d:5c:76:b6:e2:4d:28:37:60:
71:84:c1:df:05:0f:2a:46:91:07:61:db:89:4c:f9:6f:fe:ca:
dc:17:73:5e:75:21:6f:da:82:5d:03:87:16:1a:e5:9e:b3:79:
36:e7:08:ec:0d:0a:76:7a:c0:21:ba:df:72:06:1a:89:e7:9b:
ed:b5:ce:54:af:94:e4:82:8c:5f:47:3c:24:7f:d6:c7:2e:4b:
65:be:31:4a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzFbqgp0BYUTnX/jhnCY4aOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMWUzZmRkZjc4ODRkNzg1YTcwOGZkNGU2NjRiNjJkZTkx
MGViZTgwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTFhNzk4Y2RlYzhhNWZiNjE4YTI5ZjljNjlhNDM4YTRmNmU4OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipLg0sG5fPDfc9b4X45g2WRYjcBl
UEW4hhzoqKcFyFY5g/W6nSRl1W3lzfSGoKhzjQwKhzMcUYWqd1tWJgtcYGUB5t5t
CqChLgmOQ0WDTcB060CTdwFAD0t50oTSTIPOpjpF0reY5pDKuYKMQJmETrqkugN/
3eC7Yene28QMbh9WDpdfMh6JftZlrUsjbTpen/ZwZPhC9+1qTwoAy6oFoFihP0BZ
namA7Qg+8AAWiEmk3SM8OGqOrVnlt+MWTEMK2OaiLs0pfduwhoXR54gyOSMWmDbL
KC79Fzw1GRerin6nA/YTteTlM8gbG64cXv8q7V3bto8On5GEEucRmq/svwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKkaeYzeyKX7YYop+caaQ4pPboiyMB8GA1UdIwQY
MBaAFDweP933iE14WnCP1OZkti3pEOvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDct
NTljMThhZGEzNTJmLzEvcVJwNWpON0lwZnRoaWluNXhwcERpazl1aUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDctNTljMThhZGEzNTJm
LzEvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCH4QoAwQC
qxZcAwQCuRLwMBsEAgACMBUDBQMqBA0AAwUDKgk8wAMFAyoNn0AwDQYJKoZIhvcN
AQELBQADggEBANLhDiXEIVX4Eh7JnlR35tiPCt8CO9vnyZDTxtgVr5+Mg8YFoiLI
LXTK2sJ0/y61rKvsazOaaDq1tCN/JAKVTQp58rrripV9MpurAyLcM1gxGyawwlkh
aOB7fpjhbH183ZQOON0jmFF9OQgZu5msRq5aFaClcGsJCLim0DESRwvxSLJB8Vgr
g1BK94nnPV2BMHlqxvas1ePJOoImbaJfMsDlYm3imZs8iqv/241cdrbiTSg3YHGE
wd8FDypGkQdh24lM+W/+ytwXc151IW/agl0DhxYa5Z6zeTbnCOwNCnZ6wCG633IG
Gonnm+21zlSvlOSCjF9HPCR/1scuS2W+MUo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:37 2024 by rpki-client on console-fra.rpki-client.org