Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/2Q1th_baALviADVG-9K6zae1kGM.roa
File: 2Q1th_baALviADVG-9K6zae1kGM.roa (raw, json)
Hash identifier: kHMKQyD8yA4Nf/BU+OckIq4vRyiTTytKvGin4JCqAkI=
Subject key identifier: D9:0D:6D:87:F6:DA:00:BB:E2:00:35:46:FB:D2:BA:CD:A7:B5:90:63
Certificate issuer: /CN=9344b4879f19ee719a351463001726f686d659ef
Certificate serial: 018CC6B8C4E3C80A4B60455028CB4B0D14E4
Authority key identifier: 93:44:B4:87:9F:19:EE:71:9A:35:14:63:00:17:26:F6:86:D6:59:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k0S0h58Z7nGaNRRjABcm9obWWe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/2Q1th_baALviADVG-9K6zae1kGM.roa
Signing time: Mon 01 Jan 2024 20:30:46 +0000
ROA not before: Mon 01 Jan 2024 20:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51432
IP address blocks: 185.55.208.0/22 maxlen: 32
2a02:22f8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/k0S0h58Z7nGaNRRjABcm9obWWe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/k0S0h58Z7nGaNRRjABcm9obWWe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/k0S0h58Z7nGaNRRjABcm9obWWe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c4:e3:c8:0a:4b:60:45:50:28:cb:4b:0d:14:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9344b4879f19ee719a351463001726f686d659ef
Validity
Not Before: Jan 1 20:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d90d6d87f6da00bbe2003546fbd2bacda7b59063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a0:5b:e0:7a:35:aa:ed:8f:20:d0:ef:bb:8a:
52:1d:a5:44:5b:40:73:28:04:65:d8:4e:d2:59:4c:
2d:cc:00:a6:88:08:20:94:37:00:d8:1c:74:3d:c0:
ab:5d:e3:1e:19:ba:71:dd:fd:b5:ce:0b:bd:ca:27:
05:a1:81:b9:9f:5a:fd:f5:2a:ec:a2:9c:2d:f8:40:
52:1e:c7:55:c7:c4:99:52:b3:c2:70:7b:b5:ea:6b:
91:73:c3:e1:21:04:e6:d1:fa:b1:cb:ac:74:d6:64:
f9:c1:5b:d5:ab:d3:e0:84:8a:7a:29:ca:88:c7:d5:
c4:6a:e5:56:8e:f3:f0:70:e3:c5:fe:1f:6f:f2:f8:
83:f4:55:16:31:3a:a1:3e:56:2c:5c:fd:46:c9:04:
c2:f2:88:ef:48:2e:36:eb:50:98:45:14:0d:67:bd:
0f:e0:dc:b0:c9:ca:ea:90:02:24:43:4a:8d:7c:1c:
25:c6:fc:92:d9:4b:36:cf:78:81:ff:24:b5:14:5b:
29:9a:e2:4b:00:b5:a2:7f:95:22:11:91:ce:78:bd:
a7:a4:b3:18:02:0c:c7:58:56:bf:26:9f:4d:7c:5c:
3a:0e:7c:40:7e:bf:12:50:46:38:c9:03:86:c4:e7:
2a:8c:d5:0a:fc:2a:37:1c:55:cf:98:03:10:a6:80:
c0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0D:6D:87:F6:DA:00:BB:E2:00:35:46:FB:D2:BA:CD:A7:B5:90:63
X509v3 Authority Key Identifier:
keyid:93:44:B4:87:9F:19:EE:71:9A:35:14:63:00:17:26:F6:86:D6:59:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0S0h58Z7nGaNRRjABcm9obWWe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/2Q1th_baALviADVG-9K6zae1kGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5858f1-29c5-46e6-a76d-5a40e52cd481/1/k0S0h58Z7nGaNRRjABcm9obWWe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.208.0/22
IPv6:
2a02:22f8::/29
Signature Algorithm: sha256WithRSAEncryption
1f:62:14:3b:8d:75:9d:1f:63:97:90:26:e4:c2:fd:15:b0:76:
9a:4e:89:40:08:5f:aa:67:0d:f4:7d:7d:3b:54:6f:c4:e3:89:
cf:f2:98:d3:5f:1a:20:17:4f:08:25:59:33:d3:40:7b:0b:9b:
c1:cc:98:71:f2:9f:bc:ee:25:d9:ca:ef:51:4b:63:8c:d6:03:
0a:9b:a0:9e:8a:a3:1f:43:18:72:d4:91:4f:eb:37:dc:2c:6d:
2e:b4:c7:b9:8d:34:31:d4:15:93:db:6c:9b:2d:fd:9f:2c:c9:
f9:14:3c:3f:f0:d2:9a:88:71:9e:0f:e1:08:31:8b:d1:b6:fb:
ae:12:7e:03:aa:6f:46:5b:33:e7:da:41:22:f2:06:1f:14:15:
02:d3:1f:a4:9e:ec:d4:46:e8:5a:c8:99:38:eb:9a:31:25:63:
1e:1b:38:9e:fa:5e:24:1e:37:7e:71:83:a2:5f:d6:00:f5:8e:
13:ed:d5:fd:3a:9c:5e:ee:91:fe:84:b1:56:69:c5:f8:67:12:
d9:7a:ae:8b:d5:79:c4:bd:3b:0e:5e:a4:48:10:87:34:03:d4:
59:55:5c:ac:fb:85:89:c7:12:96:62:d0:ed:91:3f:67:bc:06:
1d:72:51:39:f6:fa:ec:2f:45:b9:87:16:9c:e1:b6:57:3a:a4:
35:85:b9:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuMTjyApLYEVQKMtLDRTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDRiNDg3OWYxOWVlNzE5YTM1MTQ2MzAwMTcyNmY2ODZk
NjU5ZWYwHhcNMjQwMTAxMjAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBkNmQ4N2Y2ZGEwMGJiZTIwMDM1NDZmYmQyYmFjZGE3YjU5MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqBb4Ho1qu2PINDvu4pSHaVEW0Bz
KARl2E7SWUwtzACmiAgglDcA2Bx0PcCrXeMeGbpx3f21zgu9yicFoYG5n1r99Srs
opwt+EBSHsdVx8SZUrPCcHu16muRc8PhIQTm0fqxy6x01mT5wVvVq9PghIp6KcqI
x9XEauVWjvPwcOPF/h9v8viD9FUWMTqhPlYsXP1GyQTC8ojvSC4261CYRRQNZ70P
4NywycrqkAIkQ0qNfBwlxvyS2Us2z3iB/yS1FFspmuJLALWif5UiEZHOeL2npLMY
AgzHWFa/Jp9NfFw6DnxAfr8SUEY4yQOGxOcqjNUK/Co3HFXPmAMQpoDA1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNkNbYf22gC74gA1RvvSus2ntZBjMB8GA1UdIwQY
MBaAFJNEtIefGe5xmjUUYwAXJvaG1lnvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBTMGg1OFo3bkdhTlJSakFCY205b2JXV2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81ODU4ZjEtMjljNS00NmU2LWE3NmQt
NWE0MGU1MmNkNDgxLzEvMlExdGhfYmFBTHZpQURWRy05SzZ6YWUxa0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81ODU4ZjEtMjljNS00NmU2LWE3NmQtNWE0MGU1MmNkNDgx
LzEvazBTMGg1OFo3bkdhTlJSakFCY205b2JXV2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTfQMA0E
AgACMAcDBQMqAiL4MA0GCSqGSIb3DQEBCwUAA4IBAQAfYhQ7jXWdH2OXkCbkwv0V
sHaaTolACF+qZw30fX07VG/E44nP8pjTXxogF08IJVkz00B7C5vBzJhx8p+87iXZ
yu9RS2OM1gMKm6CeiqMfQxhy1JFP6zfcLG0utMe5jTQx1BWT22ybLf2fLMn5FDw/
8NKaiHGeD+EIMYvRtvuuEn4Dqm9GWzPn2kEi8gYfFBUC0x+knuzURuhayJk465ox
JWMeGzie+l4kHjd+cYOiX9YA9Y4T7dX9Opxe7pH+hLFWacX4ZxLZeq6L1XnEvTsO
XqRIEIc0A9RZVVys+4WJxxKWYtDtkT9nvAYdclE59vrsL0W5hxac4bZXOqQ1hbnG
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:57:40 2024 by rpki-client on console-fra.rpki-client.org