Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/cQTXQ_cOwKxzFKxhAM78DgWgZqU.roa
File: cQTXQ_cOwKxzFKxhAM78DgWgZqU.roa (raw, json)
Hash identifier: e5qZn8HmgIhFoe11zbOuXC48vmwS9coIvVH/J33da6U=
Subject key identifier: 71:04:D7:43:F7:0E:C0:AC:73:14:AC:61:00:CE:FC:0E:05:A0:66:A5
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 018CC3491FF5A7BC6669C02A28353522B522
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/cQTXQ_cOwKxzFKxhAM78DgWgZqU.roa
Signing time: Mon 01 Jan 2024 04:29:58 +0000
ROA not before: Mon 01 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15525
IP address blocks: 213.13.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.mft
rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1f:f5:a7:bc:66:69:c0:2a:28:35:35:22:b5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: Jan 1 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7104d743f70ec0ac7314ac6100cefc0e05a066a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:c7:ae:2c:0d:16:b8:63:74:e6:8a:3f:4a:
a0:65:82:d2:9d:7a:f3:e6:b5:4e:b5:9d:bb:eb:a0:
18:36:4e:0b:37:fe:49:47:9b:76:3a:65:e6:8d:99:
66:7f:20:8c:ad:b3:ef:a7:df:61:cf:0b:49:59:ce:
2f:3a:cc:45:93:14:0d:81:37:f5:62:23:f1:2c:87:
3c:c5:d0:b6:fc:22:22:a7:4c:17:0b:a6:f9:6e:90:
c8:a9:14:c3:dd:c6:1e:43:7d:dc:ba:24:5b:c6:e1:
95:8a:65:87:72:2b:21:71:8f:14:0c:7f:a1:5c:18:
bf:34:86:73:18:e4:ce:90:3d:aa:d7:2e:fb:76:16:
e3:69:7c:2c:0e:43:88:c6:59:08:f7:1a:64:74:a9:
d7:1f:c7:15:98:e0:dd:36:02:0c:4f:62:0c:e4:4c:
bc:67:78:c7:c0:fe:2a:81:23:30:9b:d3:85:64:e8:
0d:d1:9a:84:51:ec:69:ac:f9:23:e9:f1:39:05:c7:
1b:62:07:7a:59:8b:92:ea:da:23:a0:97:f8:8e:96:
82:df:53:33:64:49:e8:d2:9e:dc:ce:f9:1f:df:49:
1c:ea:ab:10:0b:3a:44:b3:c2:0c:e3:0a:b4:e0:d2:
d9:19:06:57:02:cb:98:6c:68:19:3f:27:e7:7b:37:
01:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:04:D7:43:F7:0E:C0:AC:73:14:AC:61:00:CE:FC:0E:05:A0:66:A5
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/cQTXQ_cOwKxzFKxhAM78DgWgZqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.13.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:fb:60:19:11:f9:ce:2b:9f:a1:29:e1:cb:df:9d:b3:a9:78:
0c:e0:12:b4:4c:06:25:41:3a:ab:d7:dd:5d:9f:04:c9:88:f4:
d8:21:ad:c1:ec:84:3a:5d:70:51:7a:57:dc:cb:18:05:07:6d:
c1:dc:50:08:78:4c:6f:04:1f:38:ec:ae:1f:2a:42:52:2d:ae:
52:15:1f:61:8e:02:78:2e:dd:0e:18:ba:0c:a7:19:2f:2b:bc:
04:a3:24:20:0c:f4:ed:ae:b3:d7:32:e5:14:85:d9:ce:18:f3:
c3:88:62:97:6e:7c:86:fc:78:5c:7a:37:7b:2c:d3:ee:fd:b4:
74:00:b4:12:87:91:cd:42:ba:c4:29:14:bb:56:55:55:bd:50:
86:48:97:e4:1f:f0:e2:10:14:ce:42:69:31:33:e3:1f:f3:bc:
fa:21:c6:bf:37:0e:78:5e:10:df:00:28:66:10:70:d6:8f:7f:
5a:ac:a4:59:11:2b:10:a6:5c:44:71:49:ad:c7:38:13:ac:f9:
3a:83:6c:f3:dd:4b:98:ac:4f:2f:8b:8d:5b:75:0b:c1:c6:7c:
53:ce:59:db:8e:e1:74:23:52:14:b7:f9:93:b9:c8:3b:d0:c5:
fb:66:1c:6c:8f:bc:90:8b:9f:d3:ab:e1:aa:02:e4:15:29:5e:
ec:ad:c6:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSR/1p7xmacAqKDU1IrUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjQwMTAxMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA0ZDc0M2Y3MGVjMGFjNzMxNGFjNjEwMGNlZmMwZTA1YTA2NmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSXHriwNFrhjdOaKP0qgZYLSnXrz
5rVOtZ2766AYNk4LN/5JR5t2OmXmjZlmfyCMrbPvp99hzwtJWc4vOsxFkxQNgTf1
YiPxLIc8xdC2/CIip0wXC6b5bpDIqRTD3cYeQ33cuiRbxuGVimWHcishcY8UDH+h
XBi/NIZzGOTOkD2q1y77dhbjaXwsDkOIxlkI9xpkdKnXH8cVmODdNgIMT2IM5Ey8
Z3jHwP4qgSMwm9OFZOgN0ZqEUexprPkj6fE5BccbYgd6WYuS6tojoJf4jpaC31Mz
ZEno0p7czvkf30kc6qsQCzpEs8IM4wq04NLZGQZXAsuYbGgZPyfnezcBbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEE10P3DsCscxSsYQDO/A4FoGalMB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvY1FUWFFfY093S3h6Rkt4aEFNNzhEZ1dnWnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1Q0gMA0G
CSqGSIb3DQEBCwUAA4IBAQAK+2AZEfnOK5+hKeHL352zqXgM4BK0TAYlQTqr191d
nwTJiPTYIa3B7IQ6XXBRelfcyxgFB23B3FAIeExvBB847K4fKkJSLa5SFR9hjgJ4
Lt0OGLoMpxkvK7wEoyQgDPTtrrPXMuUUhdnOGPPDiGKXbnyG/Hhcejd7LNPu/bR0
ALQSh5HNQrrEKRS7VlVVvVCGSJfkH/DiEBTOQmkxM+Mf87z6Ica/Nw54XhDfAChm
EHDWj39arKRZESsQplxEcUmtxzgTrPk6g2zz3UuYrE8vi41bdQvBxnxTzlnbjuF0
I1IUt/mTucg70MX7Zhxsj7yQi5/Tq+GqAuQVKV7srcZ0
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:51:47 2024 by rpki-client on console-fra.rpki-client.org