Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/SIX2qb-e2mSCyTKgkkq8qnQsi90.roa
File: SIX2qb-e2mSCyTKgkkq8qnQsi90.roa (raw, json)
Hash identifier: /DzQbHQLHk3H/c7jgFIp0Ta8i/c3zP6zRWfSLVlD+M0=
Subject key identifier: 48:85:F6:A9:BF:9E:DA:64:82:C9:32:A0:92:4A:BC:AA:74:2C:8B:DD
Certificate issuer: /CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Certificate serial: 0191C605020D642DE150D117A87EFA341816
Authority key identifier: AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/SIX2qb-e2mSCyTKgkkq8qnQsi90.roa
Signing time: Fri 06 Sep 2024 06:28:22 +0000
ROA not before: Fri 06 Sep 2024 06:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50477
IP address blocks: 178.57.56.0/21 maxlen: 21
194.58.168.0/22 maxlen: 22
194.58.168.0/24 maxlen: 24
194.58.169.0/24 maxlen: 24
194.58.170.0/24 maxlen: 24
194.58.171.0/24 maxlen: 24
194.58.172.0/22 maxlen: 22
194.58.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c6:05:02:0d:64:2d:e1:50:d1:17:a8:7e:fa:34:18:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Validity
Not Before: Sep 6 06:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4885f6a9bf9eda6482c932a0924abcaa742c8bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:9b:e4:3f:45:79:d5:93:c8:77:e2:3f:1c:
bb:e8:4b:32:d2:b5:24:9d:63:5c:77:d2:7b:6f:7c:
2a:3e:f9:1c:97:d6:03:ea:0f:24:29:35:cb:62:aa:
8c:5d:b2:a5:c3:f1:18:53:93:81:1c:4f:4d:05:b3:
a2:5c:fc:6e:b4:2f:37:00:f2:d0:1b:3c:8a:ed:cc:
63:07:c0:fe:74:f2:33:15:a8:83:f1:e2:29:c2:fd:
6b:68:26:d7:77:b5:81:e1:8b:68:ed:a0:4c:fa:14:
fd:95:77:94:1a:ba:fb:84:c7:8d:d9:50:f0:6c:d3:
1e:1c:5f:0c:f8:4e:db:99:df:3c:37:ab:3b:f1:75:
cd:87:ce:f2:b8:a2:fd:e7:f0:07:41:f6:72:1c:64:
de:d8:99:27:12:55:82:27:b4:ed:56:6b:3a:53:b3:
ff:f0:b2:78:9a:58:54:89:b9:37:9c:02:e6:ad:8f:
f9:27:18:98:3e:be:68:a1:a3:8f:66:fe:fa:b3:76:
b9:03:49:81:f2:f9:8d:4b:38:0a:c5:12:f7:76:61:
7e:f2:98:67:92:eb:76:0e:62:9f:5b:ff:64:40:4b:
e6:1b:a2:92:04:ed:00:ea:41:81:7b:be:72:7d:cc:
20:a8:3d:a4:0c:6c:cd:e1:94:ff:44:0e:9e:d7:ff:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:85:F6:A9:BF:9E:DA:64:82:C9:32:A0:92:4A:BC:AA:74:2C:8B:DD
X509v3 Authority Key Identifier:
keyid:AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/SIX2qb-e2mSCyTKgkkq8qnQsi90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.56.0/21
194.58.168.0/21
194.58.184.0/21
Signature Algorithm: sha256WithRSAEncryption
36:7a:a1:17:ce:d4:f6:3b:13:68:8b:69:ce:3b:18:c2:b1:63:
10:be:44:c1:c7:f0:8e:38:59:09:71:ad:5e:c9:b3:41:cc:f2:
97:5d:6c:c2:33:d4:c6:fc:54:0a:1f:ca:e5:d9:d4:13:e9:7f:
36:13:c3:37:04:b8:6f:4b:4b:4d:21:fd:d8:70:15:f2:6f:f2:
cf:48:43:cb:99:eb:aa:bb:e2:86:5a:f3:a5:73:82:62:f6:a4:
7c:50:53:05:34:c6:4a:d9:0f:18:62:2e:15:35:24:b7:a3:1e:
ca:9d:54:0b:c7:f8:44:e1:a6:51:05:54:83:77:73:cb:d8:16:
8d:5d:40:4c:98:1d:2f:a7:92:1c:0d:fa:21:53:9b:33:07:4c:
eb:96:d9:c4:af:52:08:59:30:cb:5e:38:d8:e0:c4:60:81:ad:
b4:9a:b3:be:a4:8b:f1:ce:50:4e:a8:11:f9:a0:3a:05:db:e0:
ea:df:83:b8:be:4a:55:fd:85:ce:2a:50:d5:84:c1:9b:ed:b3:
62:95:16:49:cb:ae:5d:5f:99:50:1f:00:f9:31:61:90:16:c5:
4c:cf:3a:34:a4:e7:ea:07:86:ef:a3:04:56:2d:71:4b:e9:d1:
99:24:ce:d1:78:b3:32:25:e0:9e:8b:81:78:b1:59:21:a8:cc:
7a:c2:81:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHGBQINZC3hUNEXqH76NBgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE1OGM2OTdhMTQ0OTk3NmIwZDExZDZmMTI2MDI1ZTE0
MDg5YzYwHhcNMjQwOTA2MDYyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODg1ZjZhOWJmOWVkYTY0ODJjOTMyYTA5MjRhYmNhYTc0MmM4YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoub5D9FedWTyHfiPxy76Esy0rUk
nWNcd9J7b3wqPvkcl9YD6g8kKTXLYqqMXbKlw/EYU5OBHE9NBbOiXPxutC83APLQ
GzyK7cxjB8D+dPIzFaiD8eIpwv1raCbXd7WB4Yto7aBM+hT9lXeUGrr7hMeN2VDw
bNMeHF8M+E7bmd88N6s78XXNh87yuKL95/AHQfZyHGTe2JknElWCJ7TtVms6U7P/
8LJ4mlhUibk3nALmrY/5JxiYPr5ooaOPZv76s3a5A0mB8vmNSzgKxRL3dmF+8phn
kut2DmKfW/9kQEvmG6KSBO0A6kGBe75yfcwgqD2kDGzN4ZT/RA6e1/+CeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEiF9qm/ntpkgskyoJJKvKp0LIvdMB8GA1UdIwQY
MBaAFKoqWMaXoUSZdrDRHW8SYCXhQInGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgt
YmU2MjJjMzEzMmRmLzEvU0lYMnFiLWUybVNDeVRLZ2trcThxblFzaTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgtYmU2MjJjMzEzMmRm
LzEvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDsjk4AwQD
wjqoAwQDwjq4MA0GCSqGSIb3DQEBCwUAA4IBAQA2eqEXztT2OxNoi2nOOxjCsWMQ
vkTBx/COOFkJca1eybNBzPKXXWzCM9TG/FQKH8rl2dQT6X82E8M3BLhvS0tNIf3Y
cBXyb/LPSEPLmeuqu+KGWvOlc4Ji9qR8UFMFNMZK2Q8YYi4VNSS3ox7KnVQLx/hE
4aZRBVSDd3PL2BaNXUBMmB0vp5IcDfohU5szB0zrltnEr1IIWTDLXjjY4MRgga20
mrO+pIvxzlBOqBH5oDoF2+Dq34O4vkpV/YXOKlDVhMGb7bNilRZJy65dX5lQHwD5
MWGQFsVMzzo0pOfqB4bvowRWLXFL6dGZJM7ReLMyJeCei4F4sVkhqMx6woFh
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:29 2024 by rpki-client on console-fra.rpki-client.org