Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/W1SQmisJz6YHu1ASu95fXwA21Go.roa
File: W1SQmisJz6YHu1ASu95fXwA21Go.roa (raw, json)
Hash identifier: MGWjQRhgNZPo0aqExSc9oUQA35rwjqxBoSzAFtRHJK4=
Subject key identifier: 5B:54:90:9A:2B:09:CF:A6:07:BB:50:12:BB:DE:5F:5F:00:36:D4:6A
Certificate issuer: /CN=412ac83a27ca8723c61b1446c3e678110c650689
Certificate serial: 018CC56E1A06F731F0484793A439FC4D3309
Authority key identifier: 41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/W1SQmisJz6YHu1ASu95fXwA21Go.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44207
IP address blocks: 193.111.112.0/23 maxlen: 23
193.111.108.0/22 maxlen: 22
194.9.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.mft
rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1a:06:f7:31:f0:48:47:93:a4:39:fc:4d:33:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=412ac83a27ca8723c61b1446c3e678110c650689
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b54909a2b09cfa607bb5012bbde5f5f0036d46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:21:4f:8b:55:0f:ea:b0:1f:bd:ac:45:8e:
8a:03:7a:83:6d:0f:96:55:95:32:f4:a5:d7:b6:47:
9f:ce:4b:dc:2c:c5:a9:77:1b:85:cf:d8:1e:d7:cc:
a1:c6:b4:e9:d1:f5:17:8a:1a:05:45:71:4b:9c:74:
31:fb:79:cb:a2:ae:b9:76:37:b6:05:64:47:95:fe:
68:04:dc:3b:d1:77:88:7a:c3:c5:7c:92:66:16:b8:
e7:01:66:3d:03:1a:9d:b9:f9:44:9d:78:1f:35:35:
fc:d7:a3:0c:d2:4b:79:33:6f:3b:0c:e8:ee:3e:9e:
ff:6c:d6:d0:a3:f8:25:2f:20:e1:3d:6c:03:f5:7a:
e7:a3:64:e2:2d:90:8c:f4:5f:da:8f:9e:e1:d9:c9:
e7:e2:3a:02:46:1b:6f:0f:05:c1:e5:87:42:53:80:
7c:87:8e:bc:4f:e6:2a:d4:52:3e:89:47:cd:55:1f:
02:eb:b7:17:63:9d:ba:c0:46:01:15:26:70:e5:36:
38:d1:9d:db:49:b8:26:f7:76:74:ac:73:ba:6d:12:
b1:fd:a1:8b:dd:ae:41:50:11:e1:fe:fa:5a:7d:87:
1e:ec:eb:34:c9:b6:62:1b:d3:3a:85:14:45:52:e8:
4d:65:91:10:d6:10:c2:fb:24:3d:dc:0c:bf:00:7d:
e5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:54:90:9A:2B:09:CF:A6:07:BB:50:12:BB:DE:5F:5F:00:36:D4:6A
X509v3 Authority Key Identifier:
keyid:41:2A:C8:3A:27:CA:87:23:C6:1B:14:46:C3:E6:78:11:0C:65:06:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSrIOifKhyPGGxRGw-Z4EQxlBok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/W1SQmisJz6YHu1ASu95fXwA21Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/321c0d-3671-4927-8937-1f856c093ae8/1/QSrIOifKhyPGGxRGw-Z4EQxlBok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.108.0-193.111.113.255
194.9.168.0/23
Signature Algorithm: sha256WithRSAEncryption
07:4d:94:ee:30:ee:3d:44:8d:32:96:8d:56:7e:d3:ac:84:0b:
1a:db:0a:c2:2e:da:d6:c5:86:06:6d:94:3c:ef:b6:c7:55:d3:
56:06:e7:95:be:43:d1:08:ef:88:11:fb:2c:1d:b7:a1:24:13:
5c:0e:6e:46:4f:c3:7a:57:f2:ae:ee:06:2c:b1:a2:98:4c:86:
20:fc:93:4d:24:10:39:63:30:00:a7:bc:83:b9:73:3a:ae:ee:
cc:6c:2e:56:89:70:5d:16:1f:63:85:1b:8c:3c:18:62:0d:df:
39:0a:d1:d5:d8:67:0c:89:c3:ae:e0:fd:5f:40:48:6e:ef:a1:
5b:e5:5c:b4:b4:85:7d:d8:88:51:c2:68:6d:da:61:d0:af:6c:
96:05:f7:c9:c7:61:50:61:3f:30:1d:b7:1b:e4:78:74:aa:16:
34:15:8b:72:df:52:b7:f7:a1:d3:f2:e4:28:b7:29:44:31:04:
ac:9f:9b:42:84:68:49:e6:54:e6:ab:a6:8c:96:a5:a8:66:30:
25:ce:44:37:67:ad:8d:ce:72:9e:74:47:60:6d:3a:63:84:67:
0f:e6:1a:85:09:59:b5:4f:e2:fd:ef:ae:e7:56:cf:d3:34:4e:
06:07:ec:a8:12:47:c7:5c:d8:61:94:67:e3:01:10:6f:19:70:
b5:4b:b5:2f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFbhoG9zHwSEeTpDn8TTMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMmFjODNhMjdjYTg3MjNjNjFiMTQ0NmMzZTY3ODExMGM2
NTA2ODkwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU0OTA5YTJiMDljZmE2MDdiYjUwMTJiYmRlNWY1ZjAwMzZkNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJIhT4tVD+qwH72sRY6KA3qDbQ+W
VZUy9KXXtkefzkvcLMWpdxuFz9ge18yhxrTp0fUXihoFRXFLnHQx+3nLoq65dje2
BWRHlf5oBNw70XeIesPFfJJmFrjnAWY9AxqduflEnXgfNTX816MM0kt5M287DOju
Pp7/bNbQo/glLyDhPWwD9Xrno2TiLZCM9F/aj57h2cnn4joCRhtvDwXB5YdCU4B8
h468T+Yq1FI+iUfNVR8C67cXY526wEYBFSZw5TY40Z3bSbgm93Z0rHO6bRKx/aGL
3a5BUBHh/vpafYce7Os0ybZiG9M6hRRFUuhNZZEQ1hDC+yQ93Ay/AH3l3QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFtUkJorCc+mB7tQErveX18ANtRqMB8GA1UdIwQY
MBaAFEEqyDonyocjxhsURsPmeBEMZQaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5Mzct
MWY4NTZjMDkzYWU4LzEvVzFTUW1pc0p6NllIdTFBU3U5NWZYd0EyMUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zMjFjMGQtMzY3MS00OTI3LTg5MzctMWY4NTZjMDkzYWU4
LzEvUVNySU9pZktoeVBHR3hSR3ctWjRFUXhsQm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBb2wD
BAHBb3ADBAHCCagwDQYJKoZIhvcNAQELBQADggEBAAdNlO4w7j1EjTKWjVZ+06yE
CxrbCsIu2tbFhgZtlDzvtsdV01YG55W+Q9EI74gR+ywdt6EkE1wObkZPw3pX8q7u
BiyxophMhiD8k00kEDljMACnvIO5czqu7sxsLlaJcF0WH2OFG4w8GGIN3zkK0dXY
ZwyJw67g/V9ASG7voVvlXLS0hX3YiFHCaG3aYdCvbJYF98nHYVBhPzAdtxvkeHSq
FjQVi3LfUrf3odPy5Ci3KUQxBKyfm0KEaEnmVOarpoyWpahmMCXORDdnrY3Ocp50
R2BtOmOEZw/mGoUJWbVP4v3vrudWz9M0TgYH7KgSR8dc2GGUZ+MBEG8ZcLVLtS8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:54 2024 by rpki-client on console-ams.rpki-client.org