Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/IQwNxnZCTzT07Us7C_mEII7OU2o.roa
File: IQwNxnZCTzT07Us7C_mEII7OU2o.roa (raw, json)
Hash identifier: GPCl1qsF6BiOtAjAdQNoj+sLFt1tYMp2QfUI8bbP/dA=
Subject key identifier: 21:0C:0D:C6:76:42:4F:34:F4:ED:4B:3B:0B:F9:84:20:8E:CE:53:6A
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 018CC34895B9563AF3268B6F880F8E347B3C
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/IQwNxnZCTzT07Us7C_mEII7OU2o.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206614
IP address blocks: 141.226.125.0/24 maxlen: 24
141.226.129.0/24 maxlen: 24
141.226.128.0/24 maxlen: 24
141.226.130.0/24 maxlen: 24
141.226.131.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.126.0/24 maxlen: 24
2a06:3b80:26::/48 maxlen: 48
2a06:3b80:21::/48 maxlen: 48
2a06:3b80:154::/48 maxlen: 48
2a06:3b80:24::/48 maxlen: 48
2a06:3b80:25::/48 maxlen: 48
2a06:3b80:23::/48 maxlen: 48
2a06:3b80:22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:95:b9:56:3a:f3:26:8b:6f:88:0f:8e:34:7b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210c0dc676424f34f4ed4b3b0bf984208ece536a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:86:5d:62:e7:cc:29:a0:f4:98:0b:8b:d3:0b:
2a:eb:e6:3d:9c:c1:dd:5e:c1:d2:1e:1c:7b:b9:19:
dd:00:ae:de:df:98:ea:ba:0f:97:e7:65:2c:bc:6b:
39:e1:76:10:00:ad:ba:53:6d:5e:31:61:ee:78:2e:
49:53:13:a4:ec:1c:72:c3:5d:23:80:e6:76:7c:a4:
ba:49:08:2b:2f:3e:a9:6a:92:f1:60:4b:14:17:1e:
5b:7d:29:1c:0a:cf:a7:7f:4c:5c:04:c0:26:68:b0:
e1:da:4c:7e:27:d8:42:0e:c2:16:6c:67:10:14:07:
77:4a:ef:18:45:50:d7:dd:30:b8:b6:9d:19:41:60:
df:3a:3a:9c:ad:ff:26:8a:78:de:2f:04:8e:4f:5d:
76:3e:a9:78:24:1a:39:6e:35:d2:ab:6d:19:96:30:
f3:56:2d:bf:f2:e5:fc:d0:97:a9:69:a9:14:cf:33:
99:66:53:9b:9e:70:da:92:f3:51:6e:ff:c3:88:30:
e9:8e:a7:6a:2b:13:2a:5c:a4:8e:cf:6e:bb:ad:10:
e1:4d:f7:0b:2c:e2:10:38:d9:4d:eb:12:8f:fd:60:
c3:1c:ec:65:13:c0:04:71:fc:78:3e:7f:90:37:5b:
93:fc:e9:89:38:39:a4:16:00:86:9c:88:8d:a6:2d:
5c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0C:0D:C6:76:42:4F:34:F4:ED:4B:3B:0B:F9:84:20:8E:CE:53:6A
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/IQwNxnZCTzT07Us7C_mEII7OU2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.125.0-141.226.131.255
IPv6:
2a06:3b80:21::-2a06:3b80:26:ffff:ffff:ffff:ffff:ffff
2a06:3b80:154::/48
Signature Algorithm: sha256WithRSAEncryption
92:ee:b9:84:d0:25:10:64:40:c8:1f:96:49:36:ab:33:4c:26:
6f:a6:c8:bf:a4:18:71:6c:27:c4:07:4f:ad:fe:2e:2e:2d:35:
c6:50:eb:16:95:17:f6:9a:86:87:8f:1c:49:1d:f6:52:c7:17:
ef:b1:e8:15:70:aa:64:bb:05:c8:9d:68:60:1c:80:97:bc:2d:
37:b6:34:ee:ed:cb:87:aa:ef:bc:25:dc:a4:1a:3f:9a:a3:cc:
2d:c3:47:b6:2e:fe:d4:c7:59:f2:5c:e2:7c:4b:d6:ea:a6:1e:
df:54:a3:9f:aa:7d:0a:27:b0:5a:6a:34:bc:33:f5:b9:c6:49:
71:60:73:cd:bb:34:dd:05:e8:3c:ca:c4:eb:d6:60:8b:c4:d5:
be:da:35:cc:2d:6b:17:f3:70:20:ef:06:90:ff:9d:2d:4d:4a:
de:ca:d3:93:c9:cf:e7:2c:37:13:38:32:93:af:ff:c1:1c:14:
19:5b:9c:7c:75:cd:99:e3:57:a5:44:48:71:48:8b:60:f8:e1:
dc:7d:37:a1:64:a2:92:e5:36:f6:a9:05:ab:c0:d3:2a:8d:bc:
dd:14:be:df:06:bd:4a:49:6e:f6:a3:d4:7e:9e:2e:2c:e9:e7:
2c:bb:dd:b9:90:4b:17:20:94:67:24:44:10:3f:1c:da:a1:a7:
ad:55:ae:7b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDSJW5VjrzJotviA+ONHs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjc0Y2Q4NDY0OTMxMzhmNTIyYzU3YzAwNjViNWM2MDUx
MmRkMDkwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBjMGRjNjc2NDI0ZjM0ZjRlZDRiM2IwYmY5ODQyMDhlY2U1MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYZdYufMKaD0mAuL0wsq6+Y9nMHd
XsHSHhx7uRndAK7e35jqug+X52UsvGs54XYQAK26U21eMWHueC5JUxOk7Bxyw10j
gOZ2fKS6SQgrLz6papLxYEsUFx5bfSkcCs+nf0xcBMAmaLDh2kx+J9hCDsIWbGcQ
FAd3Su8YRVDX3TC4tp0ZQWDfOjqcrf8minjeLwSOT112Pql4JBo5bjXSq20ZljDz
Vi2/8uX80JepaakUzzOZZlObnnDakvNRbv/DiDDpjqdqKxMqXKSOz267rRDhTfcL
LOIQONlN6xKP/WDDHOxlE8AEcfx4Pn+QN1uT/OmJODmkFgCGnIiNpi1c/QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCEMDcZ2Qk809O1LOwv5hCCOzlNqMB8GA1UdIwQY
MBaAFMv3TNhGSTE49SLFfABltcYFEt0JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2Yt
OTgyZDFmMjFhMzJiLzEvSVF3TnhuWkNUelQwN1VzN0NfbUVJSTdPVTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2YtOTgyZDFmMjFhMzJi
LzEveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAUBAIAATAOMAwDBACN4n0D
BAKN4oAwIwQCAAIwHTASAwcAKgY7gAAhAwcAKgY7gAAmAwcAKgY7gAFUMA0GCSqG
SIb3DQEBCwUAA4IBAQCS7rmE0CUQZEDIH5ZJNqszTCZvpsi/pBhxbCfEB0+t/i4u
LTXGUOsWlRf2moaHjxxJHfZSxxfvsegVcKpkuwXInWhgHICXvC03tjTu7cuHqu+8
JdykGj+ao8wtw0e2Lv7Ux1nyXOJ8S9bqph7fVKOfqn0KJ7BaajS8M/W5xklxYHPN
uzTdBeg8ysTr1mCLxNW+2jXMLWsX83Ag7waQ/50tTUreytOTyc/nLDcTODKTr//B
HBQZW5x8dc2Z41elREhxSItg+OHcfTehZKKS5Tb2qQWrwNMqjbzdFL7fBr1KSW72
o9R+ni4s6ecsu925kEsXIJRnJEQQPxzaoaetVa57
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:55:41 2024 by rpki-client on console-ams.rpki-client.org