Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/q4VEQrbnIXp2-ayL4LM-hdM-fIE.roa
File: q4VEQrbnIXp2-ayL4LM-hdM-fIE.roa (raw, json)
Hash identifier: amqTnJge9v+r7h4YcffAZjyBY7gTBY4SBtzhEqfUvzg=
Subject key identifier: AB:85:44:42:B6:E7:21:7A:76:F9:AC:8B:E0:B3:3E:85:D3:3E:7C:81
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 0192766129ABE3D43878B7BE55A77FCAE00B
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/q4VEQrbnIXp2-ayL4LM-hdM-fIE.roa
Signing time: Thu 10 Oct 2024 12:22:12 +0000
ROA not before: Thu 10 Oct 2024 12:22:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
194.24.160.0/24 maxlen: 24
2a00:1910::/29 maxlen: 29
2a09:8700::/32 maxlen: 32
2a12:5e41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:61:29:ab:e3:d4:38:78:b7:be:55:a7:7f:ca:e0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Oct 10 12:22:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab854442b6e7217a76f9ac8be0b33e85d33e7c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a4:60:9e:bd:55:be:6c:46:76:14:59:a1:07:
85:31:c5:38:0c:55:6c:0f:f9:3b:72:b6:12:94:72:
35:14:e1:1e:61:29:e6:bb:c5:d0:31:8f:15:ae:96:
22:5f:6b:8d:cd:d0:7b:0d:9a:06:a5:90:f1:d3:20:
3e:7e:16:12:5a:cc:fd:f2:13:ed:08:c5:cf:c4:ec:
35:db:fc:52:bf:87:bf:38:70:98:1e:be:75:b9:9d:
76:24:be:1c:41:6b:00:a7:c7:93:94:01:e7:8f:0b:
3b:ce:b4:b6:50:98:63:d5:04:48:e1:eb:de:d9:8d:
61:6c:bf:54:90:c4:c0:27:46:05:cb:2e:d4:5f:de:
90:d1:5d:a0:45:a3:b9:87:20:76:10:94:dc:a1:bd:
51:c0:82:f8:94:9f:74:69:fe:25:b7:95:9e:f9:66:
01:d5:cd:53:0f:41:71:80:40:b3:9c:93:1e:21:39:
f0:1d:e7:6d:3e:03:4b:a0:cf:9d:1b:43:6c:58:0d:
81:5d:5e:31:19:54:91:30:c8:d0:4a:e9:9d:ad:76:
77:f1:ac:87:2c:e3:cd:a2:38:48:f7:f2:71:e6:b2:
48:bc:9b:d2:cf:c5:ce:5b:63:cc:02:4d:10:30:27:
78:78:37:32:d8:79:92:04:f1:66:d6:57:28:58:de:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:85:44:42:B6:E7:21:7A:76:F9:AC:8B:E0:B3:3E:85:D3:3E:7C:81
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/q4VEQrbnIXp2-ayL4LM-hdM-fIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/29
2a09:8700::/32
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
42:f0:e9:02:40:45:a0:d9:7e:3c:4a:a7:87:8f:82:e3:c1:f7:
c3:6a:76:c2:f5:29:24:89:32:8a:0f:db:ef:b7:36:76:8f:1c:
e3:c8:2f:d9:06:1e:0b:29:92:ac:81:1a:06:31:59:de:f1:1d:
3f:a3:d1:f5:9f:32:45:56:39:cf:fa:35:03:32:aa:b2:a9:89:
30:12:e4:7f:ec:1a:1e:8e:11:f1:2e:7e:93:39:6f:06:79:ab:
4f:61:80:71:6f:ee:43:eb:ff:12:d1:49:ce:20:0e:ca:1e:2b:
3a:93:5e:1d:3d:a7:6c:be:a4:13:31:eb:28:fe:d3:d8:95:b6:
12:32:b1:61:67:9f:1c:05:b0:4d:33:5b:d7:1e:1c:d3:f5:01:
a8:50:ca:54:08:3b:41:42:81:fe:98:08:87:91:8c:64:c6:36:
a0:6c:89:28:09:1d:c5:af:02:c9:c1:e8:dc:87:7c:d5:ce:4d:
9b:0d:bf:6a:46:c6:ca:74:fa:3d:5f:1f:f4:0a:fa:70:26:6b:
4c:9b:6b:59:97:43:87:33:1a:02:c1:4b:2f:cb:4a:fc:70:bf:
36:7d:5e:42:9e:79:34:31:76:db:96:51:b4:4e:a4:0d:78:a2:
a2:7d:3d:5a:c2:fe:f2:d0:77:f1:26:2c:f0:02:9a:4c:73:bc:
a5:9d:7d:5a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZJ2YSmr49Q4eLe+Vad/yuALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQxMDEwMTIyMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg1NDQ0MmI2ZTcyMTdhNzZmOWFjOGJlMGIzM2U4NWQzM2U3YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKRgnr1VvmxGdhRZoQeFMcU4DFVs
D/k7crYSlHI1FOEeYSnmu8XQMY8VrpYiX2uNzdB7DZoGpZDx0yA+fhYSWsz98hPt
CMXPxOw12/xSv4e/OHCYHr51uZ12JL4cQWsAp8eTlAHnjws7zrS2UJhj1QRI4eve
2Y1hbL9UkMTAJ0YFyy7UX96Q0V2gRaO5hyB2EJTcob1RwIL4lJ90af4lt5We+WYB
1c1TD0FxgECznJMeITnwHedtPgNLoM+dG0NsWA2BXV4xGVSRMMjQSumdrXZ38ayH
LOPNojhI9/Jx5rJIvJvSz8XOW2PMAk0QMCd4eDcy2HmSBPFm1lcoWN5DNwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKuFREK25yF6dvmsi+CzPoXTPnyBMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvcTRWRVFyYm5JWHAyLWF5TDRMTS1oZE0tZklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBsEAgACMBUDBQMqABkQAwUAKgmHAAMFACoS
XkEwDQYJKoZIhvcNAQELBQADggEBAELw6QJARaDZfjxKp4ePguPB98NqdsL1KSSJ
MooP2++3NnaPHOPIL9kGHgspkqyBGgYxWd7xHT+j0fWfMkVWOc/6NQMyqrKpiTAS
5H/sGh6OEfEufpM5bwZ5q09hgHFv7kPr/xLRSc4gDsoeKzqTXh09p2y+pBMx6yj+
09iVthIysWFnnxwFsE0zW9ceHNP1AahQylQIO0FCgf6YCIeRjGTGNqBsiSgJHcWv
AsnB6NyHfNXOTZsNv2pGxsp0+j1fH/QK+nAma0yba1mXQ4czGgLBSy/LSvxwvzZ9
XkKeeTQxdtuWUbROpA14oqJ9PVrC/vLQd/EmLPACmkxzvKWdfVo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:10:49 2024 by rpki-client on console-ams.rpki-client.org