Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qc1P8jUMrd_Llx18tNb9WbbfBqM.roa
File: qc1P8jUMrd_Llx18tNb9WbbfBqM.roa (raw, json)
Hash identifier: B3bOcxEZBOOzv7EcodCnzKwcyWMMuhkpMmq0HwY7Qjk=
Subject key identifier: A9:CD:4F:F2:35:0C:AD:DF:CB:97:1D:7C:B4:D6:FD:59:B6:DF:06:A3
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01928A32191FF34E4EDE4401B046934CA82F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qc1P8jUMrd_Llx18tNb9WbbfBqM.roa
Signing time: Mon 14 Oct 2024 08:43:11 +0000
ROA not before: Mon 14 Oct 2024 08:43:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:32:19:1f:f3:4e:4e:de:44:01:b0:46:93:4c:a8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 14 08:43:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9cd4ff2350caddfcb971d7cb4d6fd59b6df06a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:04:a3:03:0d:54:3b:90:e1:0b:45:61:6b:
b3:d2:59:e0:aa:34:41:4a:af:69:4e:96:4b:2b:98:
1f:98:d9:83:ac:20:a4:22:ed:3a:86:7b:43:75:53:
00:ee:cf:b9:3b:da:7e:85:2a:1c:3d:dd:26:9e:c2:
67:86:b1:e4:fb:3b:b0:41:c9:26:ec:bc:6f:84:f7:
c3:1b:60:2e:fb:be:40:03:38:e2:34:a1:65:ed:4d:
ea:9c:36:8c:c1:41:2f:01:de:90:b9:90:38:28:5b:
e9:7a:16:4d:c9:8a:f7:ca:1e:f3:6a:af:d6:06:e4:
f7:bd:11:ca:00:96:01:28:31:0e:eb:86:2f:1c:c7:
fa:3e:ea:bf:db:a2:b9:b5:02:5b:20:73:cd:47:6f:
d3:b7:55:8e:25:42:0c:c4:ab:f3:70:58:f7:22:db:
0c:ee:bb:00:3e:27:e1:9b:d6:44:d0:dd:f5:90:a5:
cc:35:18:e9:10:d7:5c:19:1f:ae:d9:7d:54:9c:66:
84:e0:3c:57:e2:cd:f8:c5:eb:62:67:35:4b:68:7c:
9e:52:50:97:97:b9:4f:0b:a7:15:d6:44:ce:35:71:
53:e7:4f:6d:95:f5:78:ba:4d:ef:7a:42:b7:b5:05:
74:b8:6e:b7:78:e7:c3:c2:95:49:a5:c0:b6:01:6c:
dc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CD:4F:F2:35:0C:AD:DF:CB:97:1D:7C:B4:D6:FD:59:B6:DF:06:A3
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/qc1P8jUMrd_Llx18tNb9WbbfBqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.151.0/24
Signature Algorithm: sha256WithRSAEncryption
88:16:cf:e7:c2:05:6b:bc:70:67:8c:6c:99:86:c5:78:cd:aa:
9c:3e:10:2c:5d:8f:28:16:7e:80:66:a2:98:18:10:17:1f:1e:
94:35:32:d2:6f:bd:d6:37:a4:9c:4c:c0:1d:a8:a2:a9:74:6c:
c3:77:17:03:96:4f:e6:97:5c:74:9c:94:d2:53:48:ac:6d:61:
05:93:be:de:44:8c:3c:b2:cc:d5:03:39:b2:89:e2:3d:58:bd:
95:90:c6:80:f0:25:fd:2b:a4:ed:26:ba:72:0c:73:da:31:cb:
ac:f2:15:c2:60:17:07:36:20:dd:dc:c3:43:a7:0a:6a:8a:2d:
6f:37:8a:d1:a0:81:b3:df:f0:e1:fe:b8:4c:4d:de:6b:0b:78:
63:00:97:d1:41:7c:ca:eb:bc:a1:82:d2:a7:46:c0:bf:60:79:
ee:78:d3:00:3e:35:63:87:e3:7a:da:83:15:f2:92:98:96:cb:
3a:b6:68:f4:f6:64:8f:52:e4:ed:06:ba:03:0d:aa:05:24:b4:
30:4a:65:21:6b:9a:42:9e:d4:1c:0e:f5:d6:fc:48:e7:bd:06:
36:ec:88:ce:b1:37:92:68:8b:21:7f:03:41:9c:ad:46:01:6d:
4e:a9:e4:ee:2b:6c:92:3b:a3:33:23:b0:7f:df:d7:d3:9e:8d:
79:f2:61:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKKMhkf805O3kQBsEaTTKgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDE0MDg0MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWNkNGZmMjM1MGNhZGRmY2I5NzFkN2NiNGQ2ZmQ1OWI2ZGYwNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlMEowMNVDuQ4QtFYWuz0lngqjRB
Sq9pTpZLK5gfmNmDrCCkIu06hntDdVMA7s+5O9p+hSocPd0mnsJnhrHk+zuwQckm
7LxvhPfDG2Au+75AAzjiNKFl7U3qnDaMwUEvAd6QuZA4KFvpehZNyYr3yh7zaq/W
BuT3vRHKAJYBKDEO64YvHMf6Puq/26K5tQJbIHPNR2/Tt1WOJUIMxKvzcFj3ItsM
7rsAPifhm9ZE0N31kKXMNRjpENdcGR+u2X1UnGaE4DxX4s34xetiZzVLaHyeUlCX
l7lPC6cV1kTONXFT509tlfV4uk3vekK3tQV0uG63eOfDwpVJpcC2AWzcoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKnNT/I1DK3fy5cdfLTW/Vm23wajMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcWMxUDhqVU1yZF9MbHgxOHROYjlXYmJmQnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsC6EAwQA
sC6MAwQAsC6RAwQAsC6XMA0GCSqGSIb3DQEBCwUAA4IBAQCIFs/nwgVrvHBnjGyZ
hsV4zaqcPhAsXY8oFn6AZqKYGBAXHx6UNTLSb73WN6ScTMAdqKKpdGzDdxcDlk/m
l1x0nJTSU0isbWEFk77eRIw8sszVAzmyieI9WL2VkMaA8CX9K6TtJrpyDHPaMcus
8hXCYBcHNiDd3MNDpwpqii1vN4rRoIGz3/Dh/rhMTd5rC3hjAJfRQXzK67yhgtKn
RsC/YHnueNMAPjVjh+N62oMV8pKYlss6tmj09mSPUuTtBroDDaoFJLQwSmUha5pC
ntQcDvXW/EjnvQY27IjOsTeSaIshfwNBnK1GAW1OqeTuK2ySO6MzI7B/39fTno15
8mFc
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:34 2024 by rpki-client on console-ams.rpki-client.org