Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/1-qHp-Kj754i3T1uirCWv-O095dY.roa
File: 1-qHp-Kj754i3T1uirCWv-O095dY.roa (raw, json)
Hash identifier: YusZCD+ZL+odJZmX9Basngxa9NgivE0GDkOhwTdcfzY=
Subject key identifier: FA:A1:E9:F8:A8:FB:E7:88:B7:4F:5B:A2:AC:25:AF:F8:ED:3D:E5:D6
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0192D01E90A59AEF59853D4ABCAD41916255
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/1-qHp-Kj754i3T1uirCWv-O095dY.roa
Signing time: Sun 27 Oct 2024 22:35:16 +0000
ROA not before: Sun 27 Oct 2024 22:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d0:1e:90:a5:9a:ef:59:85:3d:4a:bc:ad:41:91:62:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Oct 27 22:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa1e9f8a8fbe788b74f5ba2ac25aff8ed3de5d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:6e:f9:fb:55:8d:f8:81:35:76:ab:e1:19:
2c:88:8e:30:c5:f4:94:5a:06:ae:1f:44:b1:4c:b4:
d2:9c:72:ae:6b:c0:01:d3:fd:f1:2e:f3:63:70:72:
81:e8:d0:46:0b:37:05:d3:b2:0b:d4:37:28:aa:c7:
7c:61:fe:84:27:a9:b6:71:87:a6:47:78:b5:27:fc:
2d:62:ef:0d:05:68:5f:aa:e1:d1:e7:c8:e9:a0:92:
3c:6d:94:22:f9:72:11:dc:f9:cb:14:86:6d:a9:43:
de:37:ff:1b:dd:91:34:a9:be:8f:09:18:34:ce:01:
d0:bb:3b:d8:f0:23:d5:43:35:47:10:65:88:20:70:
90:78:26:2b:da:04:c6:59:1a:8f:bf:88:fe:cd:ff:
eb:92:9c:af:69:61:41:79:e9:ba:0a:d9:4a:2d:e7:
9b:da:bd:3f:54:02:77:f2:c2:78:bf:72:0e:e2:d3:
15:0a:4a:c9:5e:65:8c:21:5b:2c:c2:33:97:7e:72:
90:10:af:12:45:1a:dd:e4:de:c6:b0:03:46:14:74:
68:80:be:f1:b7:ee:14:5c:ac:41:ca:41:8f:26:97:
9f:2c:80:c4:62:93:f1:a6:a4:00:77:ff:c9:6a:4f:
71:b4:28:71:2d:a7:cb:84:0d:8a:80:61:98:be:c1:
48:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A1:E9:F8:A8:FB:E7:88:B7:4F:5B:A2:AC:25:AF:F8:ED:3D:E5:D6
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/1-qHp-Kj754i3T1uirCWv-O095dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
4e:f4:eb:55:dc:23:59:b3:6b:c9:79:35:1f:ab:da:b1:12:69:
f0:46:8a:f8:60:18:39:b1:b8:0f:4c:53:6e:45:7a:42:1d:da:
b1:5a:23:62:8e:ef:77:d1:81:f5:56:d9:8d:39:d0:26:76:1a:
2f:b7:fd:1b:c5:39:77:cc:e2:7d:c6:2e:07:78:3d:23:ce:82:
7d:d7:d4:41:7c:12:27:e9:66:55:2e:e0:f5:01:53:ec:c1:92:
74:78:b1:c9:a8:ed:82:19:68:3a:72:b2:75:9f:54:60:32:f0:
34:5d:c2:7f:d0:b3:aa:4b:8c:0f:aa:97:cd:57:b3:9e:d6:60:
3a:69:16:d0:69:d7:7f:99:56:fb:c7:50:ed:9b:49:bb:05:34:
16:cf:10:3f:ea:14:b6:5c:cd:c7:d0:4d:64:f1:7c:f7:a5:85:
0e:c6:f9:50:e6:73:c5:dd:36:45:f1:e0:c5:84:e6:d7:aa:7f:
fc:76:64:b2:d7:a0:09:74:93:4d:2b:53:0b:0e:13:f1:ea:ff:
4e:bd:29:69:a9:88:96:13:94:5b:36:a3:53:4c:aa:72:43:bf:
45:81:0b:bd:92:95:3d:9f:51:b2:89:80:43:fd:d1:6e:05:82:
5c:ce:42:c0:22:dd:d0:9d:b2:07:3a:53:ea:67:17:c1:eb:fe:
7f:0f:7e:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZLQHpClmu9ZhT1KvK1BkWJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQxMDI3MjIzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWExZTlmOGE4ZmJlNzg4Yjc0ZjViYTJhYzI1YWZmOGVkM2RlNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxlu+ftVjfiBNXar4RksiI4wxfSU
WgauH0SxTLTSnHKua8AB0/3xLvNjcHKB6NBGCzcF07IL1Dcoqsd8Yf6EJ6m2cYem
R3i1J/wtYu8NBWhfquHR58jpoJI8bZQi+XIR3PnLFIZtqUPeN/8b3ZE0qb6PCRg0
zgHQuzvY8CPVQzVHEGWIIHCQeCYr2gTGWRqPv4j+zf/rkpyvaWFBeem6CtlKLeeb
2r0/VAJ38sJ4v3IO4tMVCkrJXmWMIVsswjOXfnKQEK8SRRrd5N7GsANGFHRogL7x
t+4UXKxBykGPJpefLIDEYpPxpqQAd//Jak9xtChxLafLhA2KgGGYvsFITQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFPqh6fio++eIt09boqwlr/jtPeXWMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvMS1xSHAtS2o3NTRpM1QxdWlyQ1d2LU8wOTVkWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvYjc5YTY4LTViMDItNDA5Ny1hMmUzLTBhNDNiN2EzZWI1
NC8xL1p1MDdwb3g0dl9MRWNrUUFyZVkwaElMN1EyUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCARcGCCsGAQUFBwEHAQH/BIIBBjCCAQIwGAQCAAEwEgME
ALnhGAMEALnhGgMEAMC9nTCB5QQCAAIwgd4wEgMHAyoUP4AACAMHBCoUP4AAIAMH
AyoUP4AAYAMHBCoUP4AAgAMHBCoUP4ABADAQAwYDKhQ/gAgDBgIqFD+AGDAQAwYF
KhQ/gCADBgIqFD+AKDAQAwYEKhQ/gDADBgMqFD+AQAMGAioUP4BQAwYCKhQ/gGAD
BgIqFD+AcAMGAioUP4CIAwcDKhQ/gK84AwYCKhQ/gVgDBgIqFD+CQAMGAioUP4Jg
AwYCKhQ/gnADBgIqFD+CiAMGAioUP4coAwYCKhQ/h0gDBgIqFD+HaAMGAioUP4eY
AwYCKhQ/h/wwDQYJKoZIhvcNAQELBQADggEBAE7061XcI1mza8l5NR+r2rESafBG
ivhgGDmxuA9MU25FekId2rFaI2KO73fRgfVW2Y050CZ2Gi+3/RvFOXfM4n3GLgd4
PSPOgn3X1EF8EifpZlUu4PUBU+zBknR4scmo7YIZaDpysnWfVGAy8DRdwn/Qs6pL
jA+ql81Xs57WYDppFtBp13+ZVvvHUO2bSbsFNBbPED/qFLZczcfQTWTxfPelhQ7G
+VDmc8XdNkXx4MWE5teqf/x2ZLLXoAl0k00rUwsOE/Hq/069KWmpiJYTlFs2o1NM
qnJDv0WBC72SlT2fUbKJgEP90W4FglzOQsAi3dCdsgc6U+pnF8Hr/n8PfiI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:14 2024 by rpki-client on console-ams.rpki-client.org