Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/qZgq5PEruZKDXlqWF1xLZ6Y5UKs.roa
File: qZgq5PEruZKDXlqWF1xLZ6Y5UKs.roa (raw, json)
Hash identifier: 8A4ep0EEhUT4nPG2srtH0UdmXwR5nnzVhFIc5NbOWEs=
Subject key identifier: A9:98:2A:E4:F1:2B:B9:92:83:5E:5A:96:17:5C:4B:67:A6:39:50:AB
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018CC94E5780DEF30373CDC39A5C4D52B76E
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/qZgq5PEruZKDXlqWF1xLZ6Y5UKs.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40021
IP address blocks: 176.57.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:57:80:de:f3:03:73:cd:c3:9a:5c:4d:52:b7:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9982ae4f12bb992835e5a96175c4b67a63950ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:54:62:35:3c:4c:25:0e:dc:54:5e:7e:cc:c8:
23:34:ee:ca:82:84:68:a5:fa:4a:a5:5a:79:3d:10:
1a:00:8c:aa:b2:41:7c:5b:b9:0c:a3:36:b7:f5:77:
00:88:3a:79:1c:fa:a8:cf:34:9a:3c:75:bc:ab:22:
67:44:97:4c:f8:e4:4c:ac:90:57:b1:85:8e:4b:0f:
b7:3f:f3:e7:42:bd:82:ee:93:e1:76:be:d0:df:a9:
d2:67:e1:fa:83:6d:f5:2c:e0:9e:86:ea:41:80:b7:
dd:3f:f0:8b:e5:6c:01:ba:d6:46:b6:9c:de:c2:6d:
14:0c:a3:06:47:fa:ed:ab:bf:a9:8f:cb:70:bf:68:
c2:42:d7:a8:2b:4f:9e:ce:4a:6e:98:6b:c4:a7:0d:
14:e0:68:ab:08:1e:ce:24:e8:04:21:ec:87:03:47:
89:c6:aa:6a:75:27:01:8e:25:78:1c:8f:ce:76:d7:
03:b8:65:cd:0f:f0:e1:b2:95:2d:2d:47:96:d2:40:
98:3f:6f:4b:da:6a:7d:ba:db:e2:b3:db:99:e1:cd:
cc:d5:c3:77:9a:3c:3a:44:7f:3a:29:4d:94:1c:20:
df:60:35:3a:12:04:e1:bd:5f:2b:81:5f:79:41:9b:
0c:9b:0e:33:d7:4b:9b:3f:4c:e9:e3:c7:79:ae:84:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:98:2A:E4:F1:2B:B9:92:83:5E:5A:96:17:5C:4B:67:A6:39:50:AB
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/qZgq5PEruZKDXlqWF1xLZ6Y5UKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.165.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:4a:3c:df:f8:83:88:ca:7b:fe:9b:08:71:1e:e8:5b:7c:ed:
5c:0f:0a:dc:45:ef:fc:28:b5:fe:e3:7b:de:12:22:93:b4:2a:
20:86:f8:63:60:f5:3d:b1:df:a5:a4:f9:5d:f5:dd:90:3a:62:
bc:34:5c:90:b6:29:b8:6f:f0:8e:ac:a4:da:ab:27:a6:f4:68:
11:9d:38:b7:36:dd:b7:fb:84:e6:12:3d:28:e5:b6:45:0a:20:
38:10:76:30:0e:b1:18:6b:8e:1a:9d:0e:e3:14:4b:f4:48:7f:
c8:4e:04:06:31:ef:06:f9:26:fc:7d:4d:e7:f2:56:4b:d2:33:
1b:f2:b5:e8:0c:60:b5:ed:9b:66:ab:2a:3e:07:09:31:f6:a2:
f1:20:17:8a:dd:63:02:4e:31:43:2e:82:93:40:20:9b:3b:a7:
ac:d4:cb:38:58:d2:ae:94:9b:dc:15:fa:3c:61:0c:7c:1d:e3:
ab:26:17:06:f3:8f:bf:64:c2:cd:98:f6:d9:54:74:ac:55:a8:
b7:d6:12:32:af:78:07:06:05:c7:82:28:3b:c2:46:4d:45:47:
9d:34:f6:9d:5f:01:16:92:ff:bc:24:31:53:0e:06:f2:fa:46:
3d:11:6c:bd:46:6c:7d:d4:97:86:6e:fe:72:66:3c:43:9f:56:
e1:d1:34:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTleA3vMDc83DmlxNUrduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk4MmFlNGYxMmJiOTkyODM1ZTVhOTYxNzVjNGI2N2E2Mzk1MGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilRiNTxMJQ7cVF5+zMgjNO7KgoRo
pfpKpVp5PRAaAIyqskF8W7kMoza39XcAiDp5HPqozzSaPHW8qyJnRJdM+ORMrJBX
sYWOSw+3P/PnQr2C7pPhdr7Q36nSZ+H6g231LOCehupBgLfdP/CL5WwButZGtpze
wm0UDKMGR/rtq7+pj8twv2jCQteoK0+ezkpumGvEpw0U4GirCB7OJOgEIeyHA0eJ
xqpqdScBjiV4HI/OdtcDuGXND/DhspUtLUeW0kCYP29L2mp9utvis9uZ4c3M1cN3
mjw6RH86KU2UHCDfYDU6EgThvV8rgV95QZsMmw4z10ubP0zp48d5roSKRwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKmYKuTxK7mSg15alhdcS2emOVCrMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL3FaZ3E1UEVydVpLRFhscVdGMXhMWjZZNVVLcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwOaUw
DQYJKoZIhvcNAQELBQADggEBAE5KPN/4g4jKe/6bCHEe6Ft87VwPCtxF7/wotf7j
e94SIpO0KiCG+GNg9T2x36Wk+V313ZA6Yrw0XJC2Kbhv8I6spNqrJ6b0aBGdOLc2
3bf7hOYSPSjltkUKIDgQdjAOsRhrjhqdDuMUS/RIf8hOBAYx7wb5Jvx9TefyVkvS
MxvytegMYLXtm2arKj4HCTH2ovEgF4rdYwJOMUMugpNAIJs7p6zUyzhY0q6Um9wV
+jxhDHwd46smFwbzj79kws2Y9tlUdKxVqLfWEjKveAcGBceCKDvCRk1FR5009p1f
ARaS/7wkMVMOBvL6Rj0RbL1GbH3Ul4Zu/nJmPEOfVuHRNDU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:08 2024 by rpki-client on console-ams.rpki-client.org