Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/qUfWfoU2g1I04GIlrNAeXaW-kAs.roa
File: qUfWfoU2g1I04GIlrNAeXaW-kAs.roa (raw, json)
Hash identifier: 82IR5zJOQ4OHuGhteO9n8cja3N/pN5savxF2n7uC7yQ=
Subject key identifier: A9:47:D6:7E:85:36:83:52:34:E0:62:25:AC:D0:1E:5D:A5:BE:90:0B
Certificate issuer: /CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Certificate serial: 018CC6B79C13169076DE55C2EE972EAC6451
Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/qUfWfoU2g1I04GIlrNAeXaW-kAs.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2852
IP address blocks: 185.8.160.0/22 maxlen: 24
78.128.128.0/17 maxlen: 24
193.84.80.0/22 maxlen: 24
195.178.64.0/19 maxlen: 24
195.113.0.0/16 maxlen: 24
2001:718::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9c:13:16:90:76:de:55:c2:ee:97:2e:ac:64:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a947d67e8536835234e06225acd01e5da5be900b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:cd:39:bd:c0:a6:8e:de:43:71:3a:c4:a3:
17:d0:45:06:6a:67:45:6a:80:fa:d6:3d:85:45:81:
0b:b4:10:94:33:36:ea:3b:04:32:47:94:b1:f5:52:
9c:42:90:ff:e7:9d:14:17:d9:5e:0f:af:04:9e:a0:
5e:3a:db:8e:b1:0c:b4:1e:33:76:45:dc:4d:36:bb:
1e:ff:a7:6c:d2:52:74:9d:06:8a:98:f5:00:fb:2a:
c2:d1:f7:31:fc:33:cc:d1:3a:15:2b:0b:f7:76:6e:
7c:10:aa:24:a3:e1:ba:92:66:b4:c9:76:51:59:c6:
08:f6:da:82:12:5c:91:96:ea:9d:7f:db:64:87:9f:
77:0e:7e:11:cb:75:26:f1:63:65:42:fd:3a:fe:17:
4b:36:25:09:f3:e2:81:52:0d:df:57:92:ce:cd:bc:
f6:75:ec:9f:c8:2b:9c:5e:09:67:f8:31:78:c2:3a:
35:4c:b2:b8:a8:b6:c4:8c:5c:fb:55:41:e7:d3:46:
61:31:a6:10:8d:01:e6:79:e8:3e:e9:d1:2e:fa:c7:
b9:77:bf:09:6c:04:02:8b:42:53:2a:60:93:5a:1c:
38:a6:68:3a:8b:4a:b9:93:24:5d:a1:d8:2c:9f:e9:
7c:37:c1:93:8e:7a:5b:b7:db:f5:1c:65:20:4d:35:
dd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:47:D6:7E:85:36:83:52:34:E0:62:25:AC:D0:1E:5D:A5:BE:90:0B
X509v3 Authority Key Identifier:
keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/qUfWfoU2g1I04GIlrNAeXaW-kAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.128.0/17
185.8.160.0/22
193.84.80.0/22
195.113.0.0/16
195.178.64.0/19
IPv6:
2001:718::/29
Signature Algorithm: sha256WithRSAEncryption
a1:45:9a:3a:ff:33:64:20:4c:17:33:be:f3:ac:98:9e:e0:0b:
36:88:7d:dc:1c:78:b0:c0:c8:7c:91:e4:b7:24:a1:5c:8c:b6:
57:93:86:53:6e:a5:71:a7:a8:41:8f:e3:a1:82:c0:1b:72:33:
80:43:4e:66:53:7e:fa:be:24:43:ac:ee:6a:9b:b3:e1:e6:be:
de:69:bf:9e:d9:bd:63:10:65:00:d3:16:83:70:85:ca:e0:c7:
ed:5c:c1:6d:5f:40:99:2a:5e:30:d0:85:d0:bb:2b:b2:97:73:
4a:5f:97:2c:4a:55:55:51:ef:a0:b2:ee:25:a0:70:1b:3d:f7:
28:71:c9:ab:38:39:98:be:cc:2e:fc:80:fe:b5:7a:22:ef:52:
64:de:37:dc:e3:79:41:7d:24:6c:5a:e6:2c:57:fb:3e:51:ef:
29:1b:b6:4f:03:7a:21:24:d1:7b:9b:8d:8b:2e:95:5b:6c:c9:
7b:dd:2e:5b:58:2c:e7:96:ae:dc:a0:f1:a3:af:0c:7e:e6:fb:
fb:72:a2:8c:f4:88:ef:d9:f7:81:f2:a0:d5:c3:e2:6f:ea:14:
8d:77:a3:21:5a:ca:a0:4b:2b:16:f1:7d:ce:97:db:52:4c:fe:
06:4f:4f:c8:b1:55:bc:28:a8:0b:08:1f:9b:1d:54:5c:fa:87:
9b:10:e0:e9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzGt5wTFpB23lXC7pcurGRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZGYwNDI4MjQyNzNmY2ZmM2YwOTNkMGY5YjFkZWM2OTYw
YmFlNmEwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ3ZDY3ZTg1MzY4MzUyMzRlMDYyMjVhY2QwMWU1ZGE1YmU5MDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qXNOb3Apo7eQ3E6xKMX0EUGamdF
aoD61j2FRYELtBCUMzbqOwQyR5Sx9VKcQpD/550UF9leD68EnqBeOtuOsQy0HjN2
RdxNNrse/6ds0lJ0nQaKmPUA+yrC0fcx/DPM0ToVKwv3dm58EKoko+G6kma0yXZR
WcYI9tqCElyRluqdf9tkh593Dn4Ry3Um8WNlQv06/hdLNiUJ8+KBUg3fV5LOzbz2
deyfyCucXgln+DF4wjo1TLK4qLbEjFz7VUHn00ZhMaYQjQHmeeg+6dEu+se5d78J
bAQCi0JTKmCTWhw4pmg6i0q5kyRdodgsn+l8N8GTjnpbt9v1HGUgTTXd+wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKlH1n6FNoNSNOBiJazQHl2lvpALMB8GA1UdIwQY
MBaAFCffBCgkJz/P8/CT0Pmx3saWC65qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUt
Y2UyMmQ1ZWFiODJmLzEvcVVmV2ZvVTJnMUkwNEdJbHJOQWVYYVcta0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUtY2UyMmQ1ZWFiODJm
LzEvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHToCAAwQC
uQigAwQCwVRQAwMAw3EDBAXDskAwDQQCAAIwBwMFAyABBxgwDQYJKoZIhvcNAQEL
BQADggEBAKFFmjr/M2QgTBczvvOsmJ7gCzaIfdwceLDAyHyR5LckoVyMtleThlNu
pXGnqEGP46GCwBtyM4BDTmZTfvq+JEOs7mqbs+Hmvt5pv57ZvWMQZQDTFoNwhcrg
x+1cwW1fQJkqXjDQhdC7K7KXc0pflyxKVVVR76Cy7iWgcBs99yhxyas4OZi+zC78
gP61eiLvUmTeN9zjeUF9JGxa5ixX+z5R7ykbtk8DeiEk0XubjYsulVtsyXvdLltY
LOeWrtyg8aOvDH7m+/tyooz0iO/Z94HyoNXD4m/qFI13oyFayqBLKxbxfc6X21JM
/gZPT8ixVbwoqAsIH5sdVFz6h5sQ4Ok=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:19:40 2024 by rpki-client on console-fra.rpki-client.org