Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/qee9JBcyPQsqho8RHzSCw4zM34g.roa
File: qee9JBcyPQsqho8RHzSCw4zM34g.roa (raw, json)
Hash identifier: /hUsJ55oFwkNDDCajUWa5hu5GrYBHB61OB0gXOh+noI=
Subject key identifier: A9:E7:BD:24:17:32:3D:0B:2A:86:8F:11:1F:34:82:C3:8C:CC:DF:88
Certificate issuer: /CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Certificate serial: 018CC50105FA5915A8B0E684173D7CA161AE
Authority key identifier: EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/qee9JBcyPQsqho8RHzSCw4zM34g.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31103
IP address blocks: 84.19.160.0/19 maxlen: 24
217.114.208.0/20 maxlen: 24
84.19.167.0/24 maxlen: 24
84.19.188.0/24 maxlen: 24
95.169.161.0/24 maxlen: 24
87.118.67.0/24 maxlen: 24
95.169.160.0/24 maxlen: 24
87.118.64.0/18 maxlen: 24
95.169.170.0/24 maxlen: 24
95.169.169.0/24 maxlen: 24
87.118.83.0/24 maxlen: 24
95.169.176.0/21 maxlen: 24
95.169.184.0/22 maxlen: 24
87.118.86.0/24 maxlen: 24
95.169.186.0/24 maxlen: 24
95.169.190.0/23 maxlen: 24
95.169.189.0/24 maxlen: 24
95.169.188.0/24 maxlen: 24
95.169.187.0/24 maxlen: 24
87.118.92.0/24 maxlen: 24
62.141.48.0/20 maxlen: 24
87.118.120.0/24 maxlen: 24
2001:1b60::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/7t3kHzYumK430e_HyvPn08FlPuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/7t3kHzYumK430e_HyvPn08FlPuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:05:fa:59:15:a8:b0:e6:84:17:3d:7c:a1:61:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9e7bd2417323d0b2a868f111f3482c38cccdf88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:fe:6f:60:c1:19:00:ab:5b:da:0a:36:60:63:
c6:44:5a:05:e8:2d:7e:c1:48:92:40:dc:23:da:61:
cd:be:8c:6a:f1:e8:ec:02:bb:8a:c3:4f:86:f1:1c:
16:39:fa:a3:12:67:f8:82:cb:e5:9d:89:4e:79:1a:
24:0a:e3:49:10:26:76:56:ba:e3:f3:de:2a:55:83:
1f:3c:9a:50:a9:19:1e:72:e1:05:91:1b:3b:5f:84:
2d:20:49:d3:9c:6a:c2:98:7b:42:ba:f9:c3:76:d1:
33:85:ba:6d:58:e3:0b:1d:70:18:6f:63:dd:41:d6:
13:8a:da:4a:56:48:88:73:9e:ba:f2:1e:78:b7:9d:
4d:cf:4b:62:e3:bc:68:e9:03:1e:ba:fd:0b:22:a0:
68:5d:da:76:8c:8e:d4:1f:d0:a1:47:74:11:dd:9b:
fa:19:26:3a:e7:81:65:b2:52:cd:a1:f5:5f:3c:06:
94:a8:b4:c4:62:ce:53:e1:36:b7:1c:88:f2:ed:5e:
31:1f:d1:10:a2:29:a8:59:2b:4c:c1:50:35:d9:0d:
b6:3d:15:2f:f7:ad:66:e1:a7:8f:d8:8d:42:2c:73:
3e:4f:d4:3e:28:b7:aa:9b:1d:a8:68:3f:ca:4f:a0:
00:8c:10:aa:62:af:04:9c:8f:e9:9f:6f:d3:ef:9b:
04:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E7:BD:24:17:32:3D:0B:2A:86:8F:11:1F:34:82:C3:8C:CC:DF:88
X509v3 Authority Key Identifier:
keyid:EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/qee9JBcyPQsqho8RHzSCw4zM34g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/7t3kHzYumK430e_HyvPn08FlPuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.141.48.0/20
84.19.160.0/19
87.118.64.0/18
95.169.160.0/23
95.169.169.0-95.169.170.255
95.169.176.0/20
217.114.208.0/20
IPv6:
2001:1b60::/29
Signature Algorithm: sha256WithRSAEncryption
b7:be:78:56:84:01:6d:7f:2f:c2:ca:30:12:84:09:a2:4a:f7:
cc:16:1a:9f:3b:67:c9:e3:90:12:a5:85:6c:4e:f8:c7:5a:63:
3c:e5:7d:7a:ce:22:5c:dd:6f:48:36:0e:7e:f9:3b:d0:4e:87:
49:95:fe:db:fd:53:90:a9:01:6b:f8:fd:5c:da:59:a0:2f:7a:
62:fc:95:8d:91:cf:cc:af:80:4d:c1:bf:b2:60:da:f1:db:a9:
e9:62:2b:12:a7:c0:c7:98:a4:25:ab:ad:6b:42:1d:f9:52:b2:
9c:ed:80:46:20:b8:15:51:e6:16:c5:1e:09:5e:07:71:0f:d0:
0c:29:97:35:ae:48:ce:6d:a1:5d:be:59:14:6e:96:bd:12:f9:
9a:c7:ab:5c:97:f7:fd:b3:ba:89:2d:de:2b:24:a0:61:e7:4e:
f8:70:d8:fc:da:f5:40:e1:e2:3c:0f:fe:d6:71:1b:6a:21:3d:
b6:ee:be:36:22:4a:84:aa:9e:4c:4f:71:c6:4e:07:b6:1f:b6:
15:1a:b0:e9:43:41:07:d0:e5:0c:c4:ec:f2:b3:2d:32:29:c6:
bf:31:15:93:f8:81:e7:76:e9:9b:2d:31:03:e9:26:33:44:fb:
c8:5d:f3:fa:d0:e6:6e:02:b7:c2:b5:c2:a1:36:93:f3:65:75:
81:1d:a2:e6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzFAQX6WRWosOaEFz18oWGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZGRlNDFmMzYyZTk4YWUzN2QxZWZjN2NhZjNlN2QzYzE2
NTNlZTIwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU3YmQyNDE3MzIzZDBiMmE4NjhmMTExZjM0ODJjMzhjY2NkZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/5vYMEZAKtb2go2YGPGRFoF6C1+
wUiSQNwj2mHNvoxq8ejsAruKw0+G8RwWOfqjEmf4gsvlnYlOeRokCuNJECZ2Vrrj
894qVYMfPJpQqRkecuEFkRs7X4QtIEnTnGrCmHtCuvnDdtEzhbptWOMLHXAYb2Pd
QdYTitpKVkiIc5668h54t51Nz0ti47xo6QMeuv0LIqBoXdp2jI7UH9ChR3QR3Zv6
GSY654FlslLNofVfPAaUqLTEYs5T4Ta3HIjy7V4xH9EQoimoWStMwVA12Q22PRUv
961m4aeP2I1CLHM+T9Q+KLeqmx2oaD/KT6AAjBCqYq8EnI/pn2/T75sE3wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFKnnvSQXMj0LKoaPER80gsOMzN+IMB8GA1UdIwQY
MBaAFO7d5B82LpiuN9Hvx8rz59PBZT7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYt
YWZlNjMzNzZjODhmLzEvcWVlOUpCY3lQUXNxaG84Ukh6U0N3NHpNMzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYtYWZlNjMzNzZjODhm
LzEvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQEPo0wAwQF
VBOgAwQGV3ZAAwQBX6mgMAwDBABfqakDBABfqaoDBARfqbADBATZctAwDQQCAAIw
BwMFAyABG2AwDQYJKoZIhvcNAQELBQADggEBALe+eFaEAW1/L8LKMBKECaJK98wW
Gp87Z8njkBKlhWxO+MdaYzzlfXrOIlzdb0g2Dn75O9BOh0mV/tv9U5CpAWv4/Vza
WaAvemL8lY2Rz8yvgE3Bv7Jg2vHbqeliKxKnwMeYpCWrrWtCHflSspztgEYguBVR
5hbFHgleB3EP0AwplzWuSM5toV2+WRRulr0S+ZrHq1yX9/2zuokt3iskoGHnTvhw
2Pza9UDh4jwP/tZxG2ohPbbuvjYiSoSqnkxPccZOB7YfthUasOlDQQfQ5QzE7PKz
LTIpxr8xFZP4ged26ZstMQPpJjNE+8hd8/rQ5m4Ct8K1wqE2k/NldYEdouY=
-----END CERTIFICATE-----
Generated at Fri May 10 14:29:39 2024 by rpki-client on console-ams.rpki-client.org