Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Q9eEcFFhPdUcG7uje53C_tKgUbc.roa
File: Q9eEcFFhPdUcG7uje53C_tKgUbc.roa (raw, json)
Hash identifier: jCgyTc5lYwGrjTdNg7HPPFI5qnzPSRzhIguexEwawSE=
Subject key identifier: 43:D7:84:70:51:61:3D:D5:1C:1B:BB:A3:7B:9D:C2:FE:D2:A0:51:B7
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019086FC9525C3AFBA82302FFE1F64469B54
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Q9eEcFFhPdUcG7uje53C_tKgUbc.roa
Signing time: Sat 06 Jul 2024 07:40:18 +0000
ROA not before: Sat 06 Jul 2024 07:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41412
IP address blocks: 46.245.176.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
89.38.36.0/23 maxlen: 24
91.90.144.0/20 maxlen: 24
91.230.172.0/22 maxlen: 24
109.70.216.0/21 maxlen: 24
185.187.64.0/22 maxlen: 24
194.1.181.0/24 maxlen: 24
2a00:14e0::/29 maxlen: 48
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:86:fc:95:25:c3:af:ba:82:30:2f:fe:1f:64:46:9b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jul 6 07:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d7847051613dd51c1bbba37b9dc2fed2a051b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:da:6a:a0:f7:61:91:f4:6d:94:c7:a2:1a:33:
56:2d:61:ae:30:5d:e9:b8:fa:1a:cb:6f:f0:83:4f:
4c:d6:54:55:1d:c7:74:1b:8f:09:a3:8e:61:79:97:
d1:86:8f:4a:ac:33:31:e8:04:16:e7:c0:26:3d:ae:
23:a1:00:fc:94:f7:31:bf:8a:74:bb:26:70:01:c6:
55:f9:9f:60:59:62:1b:72:89:14:e1:fb:88:32:4d:
33:83:9c:ff:25:f1:3b:35:fe:b0:01:7a:28:c6:fa:
90:7b:87:23:e3:29:76:06:dc:0b:e2:14:73:70:7d:
ec:b3:53:d5:33:76:5b:11:f7:84:7f:4d:d1:85:01:
77:df:fe:8b:be:a5:e0:32:45:c2:cb:b7:bf:71:a6:
11:93:3a:e7:55:16:b5:cb:80:ac:e9:e8:71:05:0a:
b7:dc:dc:d9:a8:5d:64:a1:99:dc:7f:a7:b2:da:07:
d2:26:d5:c4:e5:8d:a4:cc:72:1d:4d:71:17:2d:3d:
ed:85:de:22:83:60:98:ff:e7:fa:38:69:6b:a1:27:
e8:92:82:fa:0f:78:c8:53:77:a4:0d:89:c3:e7:24:
df:a9:4d:6b:5e:08:ae:9e:bc:33:c2:ad:29:f8:9d:
6d:52:0a:16:f6:7a:fa:0c:47:f1:fb:b5:52:27:64:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D7:84:70:51:61:3D:D5:1C:1B:BB:A3:7B:9D:C2:FE:D2:A0:51:B7
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Q9eEcFFhPdUcG7uje53C_tKgUbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
194.1.181.0/24
IPv6:
2a00:14e0::/29
2a0a:db80:2000::/35
Signature Algorithm: sha256WithRSAEncryption
26:3f:df:78:72:d5:6d:2f:da:89:61:cb:c8:6e:21:f0:a6:91:
ee:c1:61:ac:c9:c5:26:0f:b3:ac:63:52:73:84:b5:c4:b5:39:
32:8a:b4:f4:4c:c8:f1:2d:a1:66:f4:93:dc:9b:3b:fa:6e:0b:
d9:08:7e:d1:77:a6:87:d5:ec:a8:24:fa:f1:e4:0b:6c:92:a9:
c5:62:e4:cf:27:8b:e6:f7:20:7f:91:e5:3c:f5:66:79:24:39:
50:3b:e4:8f:0c:dc:5f:0c:39:70:8f:b2:82:27:ed:9d:5e:1a:
bd:e3:a2:65:2f:74:f8:f3:cb:46:8e:88:8d:d7:cd:df:fa:1f:
ae:b8:20:75:da:b3:d5:61:1a:4e:f9:a8:cc:a4:6f:0f:4e:1e:
15:09:44:0d:e5:7d:52:22:01:84:24:55:98:7d:7c:83:a5:52:
61:1a:db:43:a3:0b:fe:34:09:65:4f:7a:15:62:ab:77:04:3e:
65:1e:dc:3e:3c:18:65:e6:73:cc:43:80:b1:77:1d:b1:c4:85:
fc:78:13:c3:ae:2a:d7:43:cd:84:da:8a:0f:20:09:6d:36:61:
f3:59:7b:98:12:59:48:d8:a1:7d:dc:5c:a1:31:c5:ff:79:0c:
cd:06:ec:ec:68:32:f3:8d:7f:e3:24:b6:49:cc:5e:19:6d:61:
cf:fb:5f:a1
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZCG/JUlw6+6gjAv/h9kRptUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNzA2MDc0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q3ODQ3MDUxNjEzZGQ1MWMxYmJiYTM3YjlkYzJmZWQyYTA1MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtpqoPdhkfRtlMeiGjNWLWGuMF3p
uPoay2/wg09M1lRVHcd0G48Jo45heZfRho9KrDMx6AQW58AmPa4joQD8lPcxv4p0
uyZwAcZV+Z9gWWIbcokU4fuIMk0zg5z/JfE7Nf6wAXooxvqQe4cj4yl2BtwL4hRz
cH3ss1PVM3ZbEfeEf03RhQF33/6LvqXgMkXCy7e/caYRkzrnVRa1y4Cs6ehxBQq3
3NzZqF1koZncf6ey2gfSJtXE5Y2kzHIdTXEXLT3thd4ig2CY/+f6OGlroSfokoL6
D3jIU3ekDYnD5yTfqU1rXgiunrwzwq0p+J1tUgoW9nr6DEfx+7VSJ2S33QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEPXhHBRYT3VHBu7o3udwv7SoFG3MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvUTllRWNGRmhQZFVjRzd1amU1M0NfdEtnVWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA2BAIAATAwAwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQAwgG1MBUEAgACMA8D
BQMqABTgAwYFKgrbgCAwDQYJKoZIhvcNAQELBQADggEBACY/33hy1W0v2olhy8hu
IfCmke7BYazJxSYPs6xjUnOEtcS1OTKKtPRMyPEtoWb0k9ybO/puC9kIftF3pofV
7Kgk+vHkC2ySqcVi5M8ni+b3IH+R5Tz1ZnkkOVA75I8M3F8MOXCPsoIn7Z1eGr3j
omUvdPjzy0aOiI3Xzd/6H664IHXas9VhGk75qMykbw9OHhUJRA3lfVIiAYQkVZh9
fIOlUmEa20OjC/40CWVPehViq3cEPmUe3D48GGXmc8xDgLF3HbHEhfx4E8OuKtdD
zYTaig8gCW02YfNZe5gSWUjYoX3cXKExxf95DM0G7OxoMvONf+MktknMXhltYc/7
X6E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:24:23 2024 by rpki-client on console-ams.rpki-client.org