Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/wQAVc6UvFjgVcRp_YiZUXIKcwlY.roa
File: wQAVc6UvFjgVcRp_YiZUXIKcwlY.roa (raw, json)
Hash identifier: l6a9JRCJ9ubwZnERRiwb2SJ0KMUcllZH5DItVa+Nc5I=
Subject key identifier: C1:00:15:73:A5:2F:16:38:15:71:1A:7F:62:26:54:5C:82:9C:C2:56
Certificate issuer: /CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Certificate serial: 018CC50031C734A47EEE926F6612C6C6490E
Authority key identifier: 41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/wQAVc6UvFjgVcRp_YiZUXIKcwlY.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202695
IP address blocks: 185.156.244.0/22 maxlen: 22
64.38.104.0/22 maxlen: 22
2a03:5b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:31:c7:34:a4:7e:ee:92:6f:66:12:c6:c6:49:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411c4322082191c79e2d86db4e1bf9d0718e27e9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1001573a52f163815711a7f6226545c829cc256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:3b:dd:dd:a4:0d:a2:74:06:b0:22:b4:f9:
f1:54:db:a4:62:ec:b4:23:f7:d6:10:c8:1f:42:b6:
79:5c:ce:9a:5e:5d:87:61:93:bf:7f:cf:7a:65:e3:
11:b7:15:24:51:76:65:f5:f1:6f:45:81:77:b9:da:
95:0f:ee:f3:77:ac:46:31:22:b2:91:be:ba:b3:0f:
24:fe:b8:10:c3:0f:e9:47:af:14:56:b3:b4:c9:8c:
03:a3:d4:fc:3d:30:68:00:23:28:66:50:c7:97:c5:
e7:7e:f8:17:81:51:f4:c6:16:7e:4c:96:f6:17:e5:
39:e0:ed:1a:ef:c7:b6:34:01:dc:d4:99:67:ea:3c:
37:9d:4c:02:74:52:d0:7f:e4:a8:e4:ff:6d:78:ac:
6d:63:f3:24:89:ae:2c:4a:09:b2:76:16:56:76:0b:
9d:b8:9f:e1:00:29:92:86:05:17:00:24:bd:c0:57:
cd:c7:32:41:a2:a5:6d:28:2b:ae:da:fb:4b:3d:8f:
d2:89:1e:fa:81:06:0e:ac:a1:7f:02:e1:f7:62:40:
e4:02:e1:ee:f4:b1:46:da:9d:f8:4f:e7:8c:b2:40:
e5:56:3b:57:d4:9f:10:b7:59:ac:5d:a2:c5:38:3d:
fc:4c:75:dc:6d:ef:6a:2b:2e:f3:dc:75:48:a7:5c:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:00:15:73:A5:2F:16:38:15:71:1A:7F:62:26:54:5C:82:9C:C2:56
X509v3 Authority Key Identifier:
keyid:41:1C:43:22:08:21:91:C7:9E:2D:86:DB:4E:1B:F9:D0:71:8E:27:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRxDIgghkceeLYbbThv50HGOJ-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/wQAVc6UvFjgVcRp_YiZUXIKcwlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a7938f-7c9a-43c9-95f3-f3810bd70376/1/QRxDIgghkceeLYbbThv50HGOJ-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.38.104.0/22
185.156.244.0/22
IPv6:
2a03:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
b7:66:ab:83:f0:3c:da:a6:1f:5f:51:2a:4e:ca:93:3b:96:b7:
db:31:38:af:e5:36:ad:ec:9a:6c:f8:78:7c:9b:4c:d5:e7:5f:
ea:64:5e:8c:c0:dd:e5:d1:cb:4a:4e:0b:e0:f2:a7:a4:62:41:
73:3f:08:75:2c:3e:02:8a:8e:4f:a9:f8:07:8f:b5:6d:34:b5:
1d:65:e4:4d:3e:68:c2:00:9c:5f:1f:4e:02:75:bf:c1:e3:35:
3a:f0:03:d3:03:93:a3:8e:27:6d:ae:9f:51:64:98:68:68:c8:
3f:6c:c3:21:20:95:8f:bc:c9:12:be:51:e1:84:15:79:7f:b2:
d8:55:b2:58:59:69:a7:7d:44:f2:ae:96:73:74:3e:33:8f:b6:
8d:b6:74:a6:e8:f3:1b:be:60:68:39:2c:fa:86:67:24:42:45:
5c:7f:ce:98:f4:92:94:00:c4:3b:a7:ff:6e:f2:9a:97:4c:d3:
24:5d:8e:44:4e:7e:01:4c:43:41:77:63:7e:74:61:47:6e:9c:
45:42:fe:56:b0:c3:f1:f6:2e:8e:6e:c2:32:77:c6:5d:06:ea:
77:8b:92:76:f0:80:a2:1d:3f:4d:52:90:bd:de:e5:03:a2:d2:
6e:3b:77:02:bd:41:25:cf:8a:37:35:d7:1c:69:b9:10:eb:65:
51:3c:97:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFADHHNKR+7pJvZhLGxkkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWM0MzIyMDgyMTkxYzc5ZTJkODZkYjRlMWJmOWQwNzE4
ZTI3ZTkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTAwMTU3M2E1MmYxNjM4MTU3MTFhN2Y2MjI2NTQ1YzgyOWNjMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7c73d2kDaJ0BrAitPnxVNukYuy0
I/fWEMgfQrZ5XM6aXl2HYZO/f896ZeMRtxUkUXZl9fFvRYF3udqVD+7zd6xGMSKy
kb66sw8k/rgQww/pR68UVrO0yYwDo9T8PTBoACMoZlDHl8XnfvgXgVH0xhZ+TJb2
F+U54O0a78e2NAHc1Jln6jw3nUwCdFLQf+So5P9teKxtY/Mkia4sSgmydhZWdgud
uJ/hACmShgUXACS9wFfNxzJBoqVtKCuu2vtLPY/SiR76gQYOrKF/AuH3YkDkAuHu
9LFG2p34T+eMskDlVjtX1J8Qt1msXaLFOD38THXcbe9qKy7z3HVIp1w1AwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMEAFXOlLxY4FXEaf2ImVFyCnMJWMB8GA1UdIwQY
MBaAFEEcQyIIIZHHni2G204b+dBxjifpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMt
ZjM4MTBiZDcwMzc2LzEvd1FBVmM2VXZGamdWY1JwX1lpWlVYSUtjd2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hNzkzOGYtN2M5YS00M2M5LTk1ZjMtZjM4MTBiZDcwMzc2
LzEvUVJ4RElnZ2hrY2VlTFliYlRodjUwSEdPSi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCQCZoAwQC
uZz0MA0EAgACMAcDBQAqA1sAMA0GCSqGSIb3DQEBCwUAA4IBAQC3ZquD8Dzaph9f
USpOypM7lrfbMTiv5Tat7Jps+Hh8m0zV51/qZF6MwN3l0ctKTgvg8qekYkFzPwh1
LD4Cio5PqfgHj7VtNLUdZeRNPmjCAJxfH04Cdb/B4zU68APTA5Ojjidtrp9RZJho
aMg/bMMhIJWPvMkSvlHhhBV5f7LYVbJYWWmnfUTyrpZzdD4zj7aNtnSm6PMbvmBo
OSz6hmckQkVcf86Y9JKUAMQ7p/9u8pqXTNMkXY5ETn4BTENBd2N+dGFHbpxFQv5W
sMPx9i6ObsIyd8ZdBup3i5J28ICiHT9NUpC93uUDotJuO3cCvUElz4o3NdccabkQ
62VRPJd9
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:46 2024 by rpki-client on console-fra.rpki-client.org