Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/Q0zggZOhDl3GXfMDZXmg_qNv1o4.roa
File: Q0zggZOhDl3GXfMDZXmg_qNv1o4.roa (raw, json)
Hash identifier: Ce17jv+7uKF5tx9mcYNAzt+Kphp3/JhrVzyFcLLFEBQ=
Subject key identifier: 43:4C:E0:81:93:A1:0E:5D:C6:5D:F3:03:65:79:A0:FE:A3:6F:D6:8E
Certificate issuer: /CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Certificate serial: 018CC4934CECF1DE7E1C3B19FFDEE3DF9D57
Authority key identifier: 95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/Q0zggZOhDl3GXfMDZXmg_qNv1o4.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34154
IP address blocks: 193.17.230.0/24 maxlen: 24
217.71.216.0/21 maxlen: 24
195.160.196.0/22 maxlen: 24
185.121.196.0/22 maxlen: 24
2a00:1fe8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4c:ec:f1:de:7e:1c:3b:19:ff:de:e3:df:9d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=434ce08193a10e5dc65df3036579a0fea36fd68e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:d0:3f:65:f9:9f:84:f5:58:cd:c3:82:e6:
27:ef:48:d8:f2:6c:6b:df:bb:cd:60:54:13:e5:3c:
35:a1:fb:21:00:f6:6b:21:c6:28:fd:9b:f6:4b:b3:
05:a0:36:e6:f9:d3:a4:61:49:f4:f7:4d:b0:dd:0a:
74:ff:e1:40:20:26:cb:2c:f3:a5:f9:67:37:f5:70:
69:bd:92:91:6b:be:63:13:d1:1b:cd:94:5d:d8:ed:
48:b5:d9:f6:62:3c:06:fc:90:d9:a6:c1:14:b8:40:
e8:24:64:ea:e0:48:0e:30:dd:0e:d3:af:2b:c3:c1:
b5:23:a3:a5:a4:9b:f1:a5:3a:c5:34:6c:43:01:f5:
ad:e3:2c:d2:42:a7:4d:58:35:94:92:2a:3a:04:2b:
d1:4f:5e:88:3b:9d:d3:69:a7:0c:76:68:36:c4:39:
30:72:d3:6b:89:a4:1d:06:95:eb:dd:7c:ea:30:73:
26:f9:42:e1:02:9f:f9:60:7d:f3:49:6e:85:a1:70:
05:35:f5:d7:38:00:c9:15:1a:5b:08:8a:96:04:f6:
e3:2d:17:93:0d:83:25:09:3a:15:83:09:6d:8d:86:
d6:d5:83:2d:32:6a:b4:7b:e3:be:27:40:69:5c:45:
ce:d3:8c:89:b0:92:b6:d6:e5:d4:68:00:d3:0d:2c:
dc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4C:E0:81:93:A1:0E:5D:C6:5D:F3:03:65:79:A0:FE:A3:6F:D6:8E
X509v3 Authority Key Identifier:
keyid:95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/Q0zggZOhDl3GXfMDZXmg_qNv1o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.196.0/22
193.17.230.0/24
195.160.196.0/22
217.71.216.0/21
IPv6:
2a00:1fe8::/32
Signature Algorithm: sha256WithRSAEncryption
13:c7:7d:cd:5c:59:01:a6:b2:06:ea:dd:37:b4:36:ce:53:c2:
06:b5:06:4e:0d:89:62:cd:b3:ca:f1:33:90:e4:a7:78:29:af:
d1:07:59:92:78:dc:ec:7b:18:09:fb:6f:2c:2e:f8:ed:bf:1f:
b4:40:a4:04:4d:a6:3e:52:54:0a:89:9b:6e:16:4c:e1:b0:04:
8d:8d:4b:92:38:5d:90:dd:53:ed:8f:fd:7f:d9:ed:ce:59:50:
31:43:14:71:62:1d:3e:2c:5c:e2:5e:df:77:dd:3a:13:21:27:
ec:a0:68:e4:56:58:75:b1:42:e9:67:94:4a:f6:d9:6d:2f:6b:
fd:2d:19:f4:4c:69:e2:90:6e:33:b2:06:8d:4d:9a:05:3f:36:
c4:b1:ba:a3:94:cc:4e:ca:95:b7:db:a3:9e:ff:b8:c1:9b:c2:
f5:51:d7:64:92:96:26:7f:27:a5:8f:87:b8:70:85:1a:e8:ba:
12:ec:d1:ac:9f:37:f2:cf:bb:f8:08:f8:77:f0:5a:9b:e5:81:
36:12:4d:95:56:ea:d0:fb:7d:c9:31:42:61:f2:dc:c3:76:85:
12:06:15:3f:9d:40:28:5f:8a:98:51:f0:8c:00:45:74:74:bd:
71:02:51:ae:2a:25:0f:79:09:2b:38:c1:25:6c:0e:7d:24:31:
2c:53:eb:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEk0zs8d5+HDsZ/97j351XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZmQwM2I1ZjM1YjMxN2I0ZDMyZmYxYTRiMmMxN2JiMzc2
YzIxZTEwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzRjZTA4MTkzYTEwZTVkYzY1ZGYzMDM2NTc5YTBmZWEzNmZkNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw3QP2X5n4T1WM3DguYn70jY8mxr
37vNYFQT5Tw1ofshAPZrIcYo/Zv2S7MFoDbm+dOkYUn0902w3Qp0/+FAICbLLPOl
+Wc39XBpvZKRa75jE9EbzZRd2O1Itdn2YjwG/JDZpsEUuEDoJGTq4EgOMN0O068r
w8G1I6OlpJvxpTrFNGxDAfWt4yzSQqdNWDWUkio6BCvRT16IO53TaacMdmg2xDkw
ctNriaQdBpXr3XzqMHMm+ULhAp/5YH3zSW6FoXAFNfXXOADJFRpbCIqWBPbjLReT
DYMlCToVgwltjYbW1YMtMmq0e+O+J0BpXEXO04yJsJK21uXUaADTDSzcLwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFENM4IGToQ5dxl3zA2V5oP6jb9aOMB8GA1UdIwQY
MBaAFJX9A7XzWzF7TTL/GkssF7s3bCHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2Et
ZDYwZjQ0YTkzNGIxLzEvUTB6Z2daT2hEbDNHWGZNRFpYbWdfcU52MW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2EtZDYwZjQ0YTkzNGIx
LzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuXnEAwQA
wRHmAwQCw6DEAwQD2UfYMA0EAgACMAcDBQAqAB/oMA0GCSqGSIb3DQEBCwUAA4IB
AQATx33NXFkBprIG6t03tDbOU8IGtQZODYlizbPK8TOQ5Kd4Ka/RB1mSeNzsexgJ
+28sLvjtvx+0QKQETaY+UlQKiZtuFkzhsASNjUuSOF2Q3VPtj/1/2e3OWVAxQxRx
Yh0+LFziXt933ToTISfsoGjkVlh1sULpZ5RK9tltL2v9LRn0TGnikG4zsgaNTZoF
PzbEsbqjlMxOypW326Oe/7jBm8L1UddkkpYmfyelj4e4cIUa6LoS7NGsnzfyz7v4
CPh38Fqb5YE2Ek2VVurQ+33JMUJh8tzDdoUSBhU/nUAoX4qYUfCMAEV0dL1xAlGu
KiUPeQkrOMElbA59JDEsU+tm
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:34 2024 by rpki-client on console-fra.rpki-client.org