Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/IQqbZ50k4tqId4-Gt0FYolMv9tY.roa
File: IQqbZ50k4tqId4-Gt0FYolMv9tY.roa (raw, json)
Hash identifier: Z3OM+bmXzzVV5Notn1NpB4WZ/QqmqGEGuouF3XtYV0E=
Subject key identifier: 21:0A:9B:67:9D:24:E2:DA:88:77:8F:86:B7:41:58:A2:53:2F:F6:D6
Certificate issuer: /CN=500596ce6073e8ededc5105f814ec97191b5e1d5
Certificate serial: 018CC8DEFFDF6A4DD09B0E5E7453BA8DDC5B
Authority key identifier: 50:05:96:CE:60:73:E8:ED:ED:C5:10:5F:81:4E:C9:71:91:B5:E1:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAWWzmBz6O3txRBfgU7JcZG14dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/IQqbZ50k4tqId4-Gt0FYolMv9tY.roa
Signing time: Tue 02 Jan 2024 06:31:46 +0000
ROA not before: Tue 02 Jan 2024 06:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 185.140.140.0/22 maxlen: 23
2a07:1b80::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/UAWWzmBz6O3txRBfgU7JcZG14dU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/UAWWzmBz6O3txRBfgU7JcZG14dU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UAWWzmBz6O3txRBfgU7JcZG14dU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ff:df:6a:4d:d0:9b:0e:5e:74:53:ba:8d:dc:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500596ce6073e8ededc5105f814ec97191b5e1d5
Validity
Not Before: Jan 2 06:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210a9b679d24e2da88778f86b74158a2532ff6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c1:2a:5a:ea:5d:91:23:7c:ae:e0:b5:db:8a:
9b:9b:b2:f2:d9:87:1f:fb:53:eb:05:e9:98:d0:97:
30:56:ff:52:e1:07:68:7a:40:f0:42:16:b9:53:5a:
7c:db:c4:99:15:ad:9b:b2:7b:08:57:d6:50:4a:42:
08:c5:fe:99:7d:13:f1:cd:9b:72:cb:2f:df:e6:7d:
ee:90:86:96:02:af:e4:ab:e6:0f:84:4c:09:0f:eb:
94:2f:e4:61:c9:a3:16:5d:52:53:03:30:d9:53:40:
bb:06:b8:cd:b9:7c:b6:e3:49:c8:40:ba:b6:ef:69:
99:24:32:76:dc:2d:13:f9:56:21:3b:49:fc:3a:16:
95:f7:b8:9f:f3:6e:67:d3:05:b9:15:d9:3e:65:27:
2e:0f:11:dc:9a:be:63:e1:d8:df:20:1b:23:14:5d:
92:b0:21:12:64:41:5c:80:29:66:75:a0:75:c6:ea:
d3:b9:d4:f6:3d:17:72:40:29:d9:42:bc:ce:8a:a6:
78:26:82:0d:89:44:72:81:ea:1a:e4:38:3b:b2:67:
91:ec:cc:bd:e1:14:d4:74:db:01:fb:f6:13:da:09:
f4:3f:f8:95:50:b3:ab:9f:86:92:cd:5c:72:0c:57:
35:de:01:ba:1f:22:a6:da:4d:36:f8:07:17:b6:47:
93:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0A:9B:67:9D:24:E2:DA:88:77:8F:86:B7:41:58:A2:53:2F:F6:D6
X509v3 Authority Key Identifier:
keyid:50:05:96:CE:60:73:E8:ED:ED:C5:10:5F:81:4E:C9:71:91:B5:E1:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAWWzmBz6O3txRBfgU7JcZG14dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/IQqbZ50k4tqId4-Gt0FYolMv9tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4a2604-66b6-4cb0-9d1e-1e167fa113b2/1/UAWWzmBz6O3txRBfgU7JcZG14dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.140.0/22
IPv6:
2a07:1b80::/40
Signature Algorithm: sha256WithRSAEncryption
62:9d:bd:13:dc:39:6f:bc:4b:11:ec:6d:de:b7:9d:d9:db:d1:
15:6a:f7:d2:3a:9a:a7:7a:d8:05:81:4e:fa:d4:45:07:21:9e:
7f:cf:d5:1c:db:46:30:a7:c0:6b:16:47:71:6b:fb:45:00:d5:
19:78:45:ad:dc:ca:cc:01:21:a7:8f:55:8b:6f:ed:5c:ca:b1:
73:92:b9:48:b9:17:8f:1a:14:bf:f8:26:00:8f:fa:3c:7c:de:
c0:f5:16:c4:24:4d:d5:5a:58:c8:ac:08:27:de:09:fd:83:a4:
bd:9d:4a:57:cf:df:66:07:ce:65:14:46:52:07:9f:6d:7a:40:
01:79:cf:e3:a6:d0:b0:cd:c9:42:e5:aa:8f:f0:4b:4b:45:0e:
67:c1:5a:bc:39:7b:d0:c1:98:df:80:08:ea:9c:76:d1:ad:9d:
87:51:29:34:00:69:65:e3:ca:34:4d:78:3f:9c:de:11:09:97:
22:c5:ad:10:71:90:e6:aa:1f:bf:c1:af:54:12:e8:da:fa:2f:
1a:40:b4:43:77:70:30:82:30:24:0c:a6:f6:5c:4f:d8:65:49:
3e:7c:58:5c:fe:36:a4:72:62:78:85:ef:f9:71:49:ec:42:f9:
bf:d7:95:4d:6d:e8:ad:25:0a:c3:c3:84:c2:05:01:20:19:c8:
45:e6:b1:c0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzI3v/fak3Qmw5edFO6jdxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDU5NmNlNjA3M2U4ZWRlZGM1MTA1ZjgxNGVjOTcxOTFi
NWUxZDUwHhcNMjQwMTAyMDYzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBhOWI2NzlkMjRlMmRhODg3NzhmODZiNzQxNThhMjUzMmZmNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8EqWupdkSN8ruC124qbm7Ly2Ycf
+1PrBemY0JcwVv9S4QdoekDwQha5U1p828SZFa2bsnsIV9ZQSkIIxf6ZfRPxzZty
yy/f5n3ukIaWAq/kq+YPhEwJD+uUL+RhyaMWXVJTAzDZU0C7BrjNuXy240nIQLq2
72mZJDJ23C0T+VYhO0n8OhaV97if825n0wW5Fdk+ZScuDxHcmr5j4djfIBsjFF2S
sCESZEFcgClmdaB1xurTudT2PRdyQCnZQrzOiqZ4JoINiURygeoa5Dg7smeR7My9
4RTUdNsB+/YT2gn0P/iVULOrn4aSzVxyDFc13gG6HyKm2k02+AcXtkeT3wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCEKm2edJOLaiHePhrdBWKJTL/bWMB8GA1UdIwQY
MBaAFFAFls5gc+jt7cUQX4FOyXGRteHVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFXV3ptQno2TzN0eFJCZmdVN0pjWkcxNGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YTI2MDQtNjZiNi00Y2IwLTlkMWUt
MWUxNjdmYTExM2IyLzEvSVFxYlo1MGs0dHFJZDQtR3QwRllvbE12OXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YTI2MDQtNjZiNi00Y2IwLTlkMWUtMWUxNjdmYTExM2Iy
LzEvVUFXV3ptQno2TzN0eFJCZmdVN0pjWkcxNGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuYyMMA4E
AgACMAgDBgAqBxuAADANBgkqhkiG9w0BAQsFAAOCAQEAYp29E9w5b7xLEext3red
2dvRFWr30jqap3rYBYFO+tRFByGef8/VHNtGMKfAaxZHcWv7RQDVGXhFrdzKzAEh
p49Vi2/tXMqxc5K5SLkXjxoUv/gmAI/6PHzewPUWxCRN1VpYyKwIJ94J/YOkvZ1K
V8/fZgfOZRRGUgefbXpAAXnP46bQsM3JQuWqj/BLS0UOZ8FavDl70MGY34AI6px2
0a2dh1EpNABpZePKNE14P5zeEQmXIsWtEHGQ5qofv8GvVBLo2vovGkC0Q3dwMIIw
JAym9lxP2GVJPnxYXP42pHJieIXv+XFJ7EL5v9eVTW3orSUKw8OEwgUBIBnIReax
wA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:48:50 2024 by rpki-client on console-ams.rpki-client.org