Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/SFqVeeD6QxzuKQYfNA56-OcOOxg.roa
File: SFqVeeD6QxzuKQYfNA56-OcOOxg.roa (raw, json)
Hash identifier: IidFdTsliS37s0pSQwsLj5HFEu/ItxxZ3GxDAjg39e4=
Subject key identifier: 48:5A:95:79:E0:FA:43:1C:EE:29:06:1F:34:0E:7A:F8:E7:0E:3B:18
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 0192473500571CD9B128171780F01E7AA636
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/SFqVeeD6QxzuKQYfNA56-OcOOxg.roa
Signing time: Tue 01 Oct 2024 08:31:48 +0000
ROA not before: Tue 01 Oct 2024 08:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20765
IP address blocks: 139.3.0.0/16 maxlen: 16
185.84.216.0/22 maxlen: 24
193.96.96.0/21 maxlen: 24
194.45.0.0/22 maxlen: 22
194.45.6.0/23 maxlen: 23
194.115.4.0/24 maxlen: 24
2a05:a880:8000::/40 maxlen: 40
2a05:a880:de10::/48 maxlen: 48
2a05:a880:de52::/48 maxlen: 48
2a05:a880:de56::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:35:00:57:1c:d9:b1:28:17:17:80:f0:1e:7a:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Oct 1 08:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=485a9579e0fa431cee29061f340e7af8e70e3b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b1:63:4a:6d:28:f6:0a:8e:46:8c:01:e3:95:
93:6d:72:30:02:2b:45:ea:cc:b6:fa:fa:6b:dd:b9:
5d:23:66:40:7d:c1:eb:b8:30:7a:e9:99:af:ca:31:
13:4c:75:f4:be:d3:7e:12:f6:d6:23:8f:5a:a7:91:
f2:8b:14:d8:06:cf:88:4e:fd:54:e6:1e:7b:3f:12:
93:d8:55:ed:8b:01:73:b2:f5:b4:33:cd:90:7a:ce:
f5:41:a4:3f:b1:8a:19:26:96:80:3e:c6:7d:d6:f8:
4b:dd:8f:c4:ff:37:4d:81:e8:26:6e:2b:36:2e:72:
e8:eb:d0:9e:6b:36:38:b5:33:96:9e:1e:6e:48:f6:
40:f1:13:20:86:a9:0b:3a:08:41:f2:4b:2c:78:59:
f9:37:6e:79:9f:5d:86:98:40:1e:13:df:8a:d3:40:
08:80:d5:12:3f:e9:eb:ba:28:1e:63:24:74:65:0b:
0b:42:f4:9f:0f:02:54:6a:e8:65:2b:d2:59:79:8f:
79:4c:c8:c0:e7:48:d1:d9:ab:eb:fd:02:29:b2:c8:
aa:92:e5:d4:f3:96:2b:6b:27:ab:1d:1a:05:21:90:
53:62:90:9a:9d:43:5d:78:4f:5e:c8:a1:84:fc:48:
14:25:b5:41:49:4a:44:56:d7:f2:f0:a1:60:c0:4f:
33:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5A:95:79:E0:FA:43:1C:EE:29:06:1F:34:0E:7A:F8:E7:0E:3B:18
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/SFqVeeD6QxzuKQYfNA56-OcOOxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.3.0.0/16
185.84.216.0/22
193.96.96.0/21
194.45.0.0/22
194.45.6.0/23
194.115.4.0/24
IPv6:
2a05:a880:8000::/40
2a05:a880:de10::/48
2a05:a880:de52::/48
2a05:a880:de56::/48
Signature Algorithm: sha256WithRSAEncryption
46:d1:5d:e6:6f:bf:a2:f0:ee:0c:1b:0e:0e:d1:96:f8:a1:40:
87:11:e5:40:9a:53:25:e9:8c:35:0e:4e:91:2c:62:df:ba:96:
74:0c:7f:dd:ff:5d:d2:70:9e:d1:31:e9:b5:bd:48:ff:60:05:
fc:00:40:70:31:2e:87:79:ca:e4:79:5a:d7:39:51:86:42:f0:
b8:bb:ce:d8:b7:6b:cb:02:84:e9:cf:a5:9a:47:f8:b1:d0:7c:
a8:7c:75:8e:45:94:1d:73:3f:6f:26:c2:bd:47:0c:c4:4a:99:
84:69:5a:03:50:b7:56:81:de:a8:bf:82:c5:14:ad:ba:88:9c:
4f:da:67:96:8b:c2:5c:4c:9d:c4:95:a6:2c:ab:c1:34:0e:2a:
27:bb:c1:ec:5e:b8:23:63:43:28:14:02:e0:cd:fd:83:3c:ea:
ff:4a:20:56:d7:94:df:39:ca:69:fd:4a:d6:37:38:fc:bc:b1:
e2:ec:68:24:8a:f0:a1:5f:61:98:28:01:f1:a3:c3:b5:4a:9f:
d8:69:cd:89:a5:60:c8:20:58:b6:d6:f8:75:58:f9:2b:3a:3e:
6a:53:6f:6e:f7:19:52:13:ed:b6:05:8f:f1:13:64:3d:4d:80:
e8:64:01:76:e9:7d:66:49:31:2f:8f:0d:d3:ce:fd:72:df:6a:
83:6b:e4:18
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZJHNQBXHNmxKBcXgPAeeqY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQxMDAxMDgzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVhOTU3OWUwZmE0MzFjZWUyOTA2MWYzNDBlN2FmOGU3MGUzYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorFjSm0o9gqORowB45WTbXIwAitF
6sy2+vpr3bldI2ZAfcHruDB66ZmvyjETTHX0vtN+EvbWI49ap5HyixTYBs+ITv1U
5h57PxKT2FXtiwFzsvW0M82Qes71QaQ/sYoZJpaAPsZ91vhL3Y/E/zdNgegmbis2
LnLo69CeazY4tTOWnh5uSPZA8RMghqkLOghB8ksseFn5N255n12GmEAeE9+K00AI
gNUSP+nruigeYyR0ZQsLQvSfDwJUauhlK9JZeY95TMjA50jR2avr/QIpssiqkuXU
85YrayerHRoFIZBTYpCanUNdeE9eyKGE/EgUJbVBSUpEVtfy8KFgwE8zjwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEhalXng+kMc7ikGHzQOevjnDjsYMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvU0ZxVmVlRDZReHp1S1FZZk5BNTYtT2NPT3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjApBAIAATAjAwMAiwMDBAK5
VNgDBAPBYGADBALCLQADBAHCLQYDBADCcwQwKQQCAAIwIwMGACoFqICAAwcAKgWo
gN4QAwcAKgWogN5SAwcAKgWogN5WMA0GCSqGSIb3DQEBCwUAA4IBAQBG0V3mb7+i
8O4MGw4O0Zb4oUCHEeVAmlMl6Yw1Dk6RLGLfupZ0DH/d/13ScJ7RMem1vUj/YAX8
AEBwMS6HecrkeVrXOVGGQvC4u87Yt2vLAoTpz6WaR/ix0HyofHWORZQdcz9vJsK9
RwzESpmEaVoDULdWgd6ov4LFFK26iJxP2meWi8JcTJ3ElaYsq8E0Dionu8HsXrgj
Y0MoFALgzf2DPOr/SiBW15TfOcpp/UrWNzj8vLHi7GgkivChX2GYKAHxo8O1Sp/Y
ac2JpWDIIFi21vh1WPkrOj5qU29u9xlSE+22BY/xE2Q9TYDoZAF26X1mSTEvjw3T
zv1y32qDa+QY
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:42:58 2024 by rpki-client on console-fra.rpki-client.org