Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Qy1qD0ZlMKv8w29CO7u2go1xRng.roa
File: Qy1qD0ZlMKv8w29CO7u2go1xRng.roa (raw, json)
Hash identifier: 98lOCdIWdvmyh0ofx4tBkWZ5+8JiSjrXsCx/f7jn7eU=
Subject key identifier: 43:2D:6A:0F:46:65:30:AB:FC:C3:6F:42:3B:BB:B6:82:8D:71:46:78
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 018CC3B6D1CEC0963712810CB508A8494CA5
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Qy1qD0ZlMKv8w29CO7u2go1xRng.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13068
IP address blocks: 213.164.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d1:ce:c0:96:37:12:81:0c:b5:08:a8:49:4c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=432d6a0f466530abfcc36f423bbbb6828d714678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3d:b3:07:22:9b:08:ec:c8:70:6d:38:8a:0c:
6e:d0:ab:cc:ad:31:b3:66:32:7f:2e:e9:c0:bc:e1:
df:36:d5:b1:cd:0b:a1:42:40:4c:50:b1:6b:82:ce:
68:a7:e1:ec:f6:9a:8b:61:90:fa:4e:b0:b0:ac:f9:
02:90:69:84:14:16:16:91:4b:ee:e1:98:f6:e7:e8:
20:cc:41:8f:8a:48:90:4f:20:54:c2:71:24:55:28:
42:74:2c:e2:ff:78:8e:7b:42:ba:07:a5:8d:a5:50:
fb:12:58:44:b2:7d:37:b0:65:c4:6c:0a:18:6a:b2:
31:50:06:37:65:0b:ad:73:fa:b4:5b:0a:24:15:79:
b8:24:52:9d:57:65:24:79:9d:13:ff:80:4e:6a:86:
24:36:28:dc:02:5a:39:40:e4:77:1a:bf:63:70:75:
c4:c2:ff:21:d8:8b:f8:ce:ac:8e:b4:7d:5c:0e:1a:
40:8d:7f:56:2b:ce:0b:e9:e7:ec:d0:e8:a9:7c:35:
cd:97:3c:19:f5:5b:9d:ce:27:65:8d:d8:8e:7c:21:
95:33:43:ba:9a:84:66:67:0e:00:01:c1:98:57:c1:
dc:17:94:54:44:cf:63:b6:80:5b:f2:32:c2:45:df:
8c:2b:b8:a9:65:9e:e6:3a:ef:b3:ed:49:47:ad:55:
b6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2D:6A:0F:46:65:30:AB:FC:C3:6F:42:3B:BB:B6:82:8D:71:46:78
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Qy1qD0ZlMKv8w29CO7u2go1xRng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.164.9.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:15:ce:3a:9a:7f:1a:c3:31:42:09:b8:80:af:eb:23:87:5e:
64:c4:83:d2:4b:ac:6d:f3:0a:52:81:75:4b:e3:bb:95:f8:3a:
9c:4f:50:c7:3b:4b:4d:45:32:39:7f:d1:b5:4d:4f:ab:e0:cb:
03:b6:63:24:1e:52:ff:84:ff:34:3d:84:a8:ef:e5:ef:63:b2:
61:1a:94:b3:48:46:5c:16:43:c7:c0:a3:25:99:fc:be:f8:d3:
11:58:cc:0b:21:85:7a:01:d8:ec:40:b5:58:ce:80:c6:87:7d:
f3:c4:8e:30:11:8d:55:2e:89:41:fa:0b:82:87:c7:a9:0f:16:
28:2b:0f:01:e0:a2:b3:a1:20:69:6a:2f:21:79:d7:58:96:12:
15:46:a3:e4:dd:14:cd:50:cf:2c:06:81:d0:2f:b5:7d:78:e1:
f6:e3:fa:fc:b0:d3:08:cb:29:97:57:bf:ae:46:30:8f:e8:3d:
20:53:e1:c1:00:c1:5c:59:d3:d9:5e:13:2f:35:49:5c:69:12:
9a:93:c8:8d:0c:c8:a1:ee:26:ef:f8:2c:f7:28:5a:10:93:ff:
45:95:7e:48:be:22:49:c8:92:31:b4:de:b0:75:38:df:cd:22:
a5:80:55:e6:32:42:71:f2:60:99:dc:2e:1b:29:84:32:7e:b1:
c9:32:07:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDttHOwJY3EoEMtQioSUylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzJkNmEwZjQ2NjUzMGFiZmNjMzZmNDIzYmJiYjY4MjhkNzE0Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij2zByKbCOzIcG04igxu0KvMrTGz
ZjJ/LunAvOHfNtWxzQuhQkBMULFrgs5op+Hs9pqLYZD6TrCwrPkCkGmEFBYWkUvu
4Zj25+ggzEGPikiQTyBUwnEkVShCdCzi/3iOe0K6B6WNpVD7ElhEsn03sGXEbAoY
arIxUAY3ZQutc/q0WwokFXm4JFKdV2UkeZ0T/4BOaoYkNijcAlo5QOR3Gr9jcHXE
wv8h2Iv4zqyOtH1cDhpAjX9WK84L6efs0OipfDXNlzwZ9VudzidljdiOfCGVM0O6
moRmZw4AAcGYV8HcF5RURM9jtoBb8jLCRd+MK7ipZZ7mOu+z7UlHrVW2SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMtag9GZTCr/MNvQju7toKNcUZ4MB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvUXkxcUQwWmxNS3Y4dzI5Q083dTJnbzF4Um5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aQJMA0G
CSqGSIb3DQEBCwUAA4IBAQCnFc46mn8awzFCCbiAr+sjh15kxIPSS6xt8wpSgXVL
47uV+DqcT1DHO0tNRTI5f9G1TU+r4MsDtmMkHlL/hP80PYSo7+XvY7JhGpSzSEZc
FkPHwKMlmfy++NMRWMwLIYV6AdjsQLVYzoDGh33zxI4wEY1VLolB+guCh8epDxYo
Kw8B4KKzoSBpai8heddYlhIVRqPk3RTNUM8sBoHQL7V9eOH24/r8sNMIyymXV7+u
RjCP6D0gU+HBAMFcWdPZXhMvNUlcaRKak8iNDMih7ibv+Cz3KFoQk/9FlX5IviJJ
yJIxtN6wdTjfzSKlgFXmMkJx8mCZ3C4bKYQyfrHJMgdq
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:31 2024 by rpki-client on console-ams.rpki-client.org