Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0qAHUNY6ySXITO7TS9qqZm4DHCA.roa
File: 0qAHUNY6ySXITO7TS9qqZm4DHCA.roa (raw, json)
Hash identifier: SG5n9OAYAOFcwEd2MKd18U7XywFHhIfdjMwnj2AqFDk=
Subject key identifier: D2:A0:07:50:D6:3A:C9:25:C8:4C:EE:D3:4B:DA:AA:66:6E:03:1C:20
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 018D9CE9F7F05634DA234646EF7AA9F2E9BB
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0qAHUNY6ySXITO7TS9qqZm4DHCA.roa
Signing time: Mon 12 Feb 2024 10:43:15 +0000
ROA not before: Mon 12 Feb 2024 10:43:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 213.238.166.0/24 maxlen: 24
213.238.173.0/24 maxlen: 24
213.238.177.0/24 maxlen: 24
213.238.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:e9:f7:f0:56:34:da:23:46:46:ef:7a:a9:f2:e9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Feb 12 10:43:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2a00750d63ac925c84ceed34bdaaa666e031c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b3:12:a5:42:fb:77:81:85:67:89:f5:47:34:
91:aa:0a:98:87:f5:94:79:60:1f:20:ce:db:6b:93:
10:b4:62:fb:37:e4:0d:13:32:fd:63:e4:4d:24:8d:
68:74:f4:90:3a:a9:a1:78:00:fa:97:48:88:30:36:
37:64:5a:07:48:86:43:61:38:bb:f0:3a:01:60:a8:
ca:67:df:76:fa:a5:26:c1:75:c0:05:a3:9f:4b:ad:
09:f3:23:aa:c1:eb:4f:d3:2b:82:60:88:5a:dc:c0:
e9:85:bd:74:d2:57:fe:c1:24:0c:70:28:b0:6e:af:
b9:24:6a:c7:7f:d1:c3:54:26:b8:3f:2c:48:c0:f7:
d2:85:c2:3c:2e:7a:74:ba:f8:ca:f5:f1:03:2b:52:
6a:89:b7:a1:d9:39:b6:27:5c:08:e7:78:0e:14:96:
04:16:2c:d1:73:85:88:91:26:79:63:32:39:1c:23:
90:7e:8d:1b:2e:92:47:ff:ca:8a:81:b2:85:95:a5:
44:89:32:91:7d:a2:05:13:60:b4:e8:09:c9:fa:0e:
da:d3:72:0e:37:45:96:b4:99:48:61:bf:d3:72:58:
22:92:3e:57:70:b6:23:d4:f4:d8:d0:e9:c6:b1:4c:
d4:57:a6:40:5a:a4:5b:07:18:39:76:f7:b7:e2:3a:
4f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A0:07:50:D6:3A:C9:25:C8:4C:EE:D3:4B:DA:AA:66:6E:03:1C:20
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/0qAHUNY6ySXITO7TS9qqZm4DHCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.166.0/24
213.238.173.0/24
213.238.177.0/24
213.238.184.0/24
Signature Algorithm: sha256WithRSAEncryption
58:5a:4a:82:df:80:57:e8:d7:5e:04:c8:5a:f7:c7:3c:c5:b1:
68:bd:45:8a:e7:1f:b7:c9:10:57:2f:0f:4a:e0:13:87:ef:21:
b9:5c:8d:c4:ef:59:9d:ed:8e:9c:dd:20:1e:87:55:07:5b:66:
d0:2d:70:e3:6c:fe:d4:c8:7c:0f:5a:3a:8e:ae:38:7e:aa:2f:
49:25:3f:00:71:38:8f:1f:c6:5c:08:a9:7a:ed:01:e7:18:9d:
ce:6f:87:2b:8d:e3:9f:f9:49:40:c0:c8:f7:0b:86:5c:a1:f2:
08:a8:5c:89:6b:eb:91:dd:f3:de:6e:a4:34:61:03:02:c0:b4:
30:4f:bf:b8:43:30:ad:d0:06:52:43:d3:fc:d5:52:e3:7d:62:
e1:f2:05:6f:da:8f:34:ba:09:5b:84:a8:f5:e4:1d:0e:96:63:
59:02:e3:51:3b:18:b7:69:7e:68:ff:02:61:23:d9:47:09:09:
38:76:4e:e1:b7:44:76:1d:59:4f:52:7a:13:cc:a3:bb:4d:38:
8d:24:de:b7:52:49:3c:c5:c7:23:9d:23:64:0e:74:1b:31:fc:
69:ef:47:67:04:34:0f:0a:5b:d2:e5:fd:a9:07:a2:65:41:0b:
ac:7a:b4:9a:39:d1:1e:10:d2:97:dc:30:e3:61:98:e1:7e:6c:
86:c0:f0:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2c6ffwVjTaI0ZG73qp8um7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Y2JkYTc4YjFkMWI2MTNkZjU2NWZmOTk3MDBiNmFlZTk0
MGRlM2YwHhcNMjQwMjEyMTA0MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEwMDc1MGQ2M2FjOTI1Yzg0Y2VlZDM0YmRhYWE2NjZlMDMxYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7MSpUL7d4GFZ4n1RzSRqgqYh/WU
eWAfIM7ba5MQtGL7N+QNEzL9Y+RNJI1odPSQOqmheAD6l0iIMDY3ZFoHSIZDYTi7
8DoBYKjKZ992+qUmwXXABaOfS60J8yOqwetP0yuCYIha3MDphb100lf+wSQMcCiw
bq+5JGrHf9HDVCa4PyxIwPfShcI8Lnp0uvjK9fEDK1Jqibeh2Tm2J1wI53gOFJYE
FizRc4WIkSZ5YzI5HCOQfo0bLpJH/8qKgbKFlaVEiTKRfaIFE2C06AnJ+g7a03IO
N0WWtJlIYb/Tclgikj5XcLYj1PTY0OnGsUzUV6ZAWqRbBxg5dve34jpPWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNKgB1DWOsklyEzu00vaqmZuAxwgMB8GA1UdIwQY
MBaAFFTL2nix0bYT31Zf+ZcAtq7pQN4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYt
Y2QzMTYxNWQwMWE5LzEvMHFBSFVOWTZ5U1hJVE83VFM5cXFabTRESENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82ZDYxZDktMGJmNy00NGJiLWI4MGYtY2QzMTYxNWQwMWE5
LzEvVk12YWVMSFJ0aFBmVmxfNWx3QzJydWxBM2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1e6mAwQA
1e6tAwQA1e6xAwQA1e64MA0GCSqGSIb3DQEBCwUAA4IBAQBYWkqC34BX6NdeBMha
98c8xbFovUWK5x+3yRBXLw9K4BOH7yG5XI3E71md7Y6c3SAeh1UHW2bQLXDjbP7U
yHwPWjqOrjh+qi9JJT8AcTiPH8ZcCKl67QHnGJ3Ob4crjeOf+UlAwMj3C4ZcofII
qFyJa+uR3fPebqQ0YQMCwLQwT7+4QzCt0AZSQ9P81VLjfWLh8gVv2o80uglbhKj1
5B0OlmNZAuNROxi3aX5o/wJhI9lHCQk4dk7ht0R2HVlPUnoTzKO7TTiNJN63Ukk8
xccjnSNkDnQbMfxp70dnBDQPClvS5f2pB6JlQQuserSaOdEeENKX3DDjYZjhfmyG
wPAG
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:55 2024 by rpki-client on console-fra.rpki-client.org