Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/sqA98Gx_eDAiYOxmr1xWvf2hXn4.roa
File: sqA98Gx_eDAiYOxmr1xWvf2hXn4.roa (raw, json)
Hash identifier: an3jTpLCi3zlLuwqVN0XH6gbhmqCmaOuPXlLwpoET4k=
Subject key identifier: B2:A0:3D:F0:6C:7F:78:30:22:60:EC:66:AF:5C:56:BD:FD:A1:5E:7E
Certificate issuer: /CN=b2e391169f0c9f21aa8f2e89e7375c72ec674feb
Certificate serial: 018CC2DB2BE3D91104DC51863A0298BD40A0
Authority key identifier: B2:E3:91:16:9F:0C:9F:21:AA:8F:2E:89:E7:37:5C:72:EC:67:4F:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suORFp8MnyGqjy6J5zdccuxnT-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/sqA98Gx_eDAiYOxmr1xWvf2hXn4.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 134.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/suORFp8MnyGqjy6J5zdccuxnT-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/suORFp8MnyGqjy6J5zdccuxnT-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/suORFp8MnyGqjy6J5zdccuxnT-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2b:e3:d9:11:04:dc:51:86:3a:02:98:bd:40:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e391169f0c9f21aa8f2e89e7375c72ec674feb
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2a03df06c7f78302260ec66af5c56bdfda15e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:7d:87:01:94:b3:c1:f3:8b:fc:a7:e1:1d:
ea:f4:2f:be:fb:4c:83:c5:d3:9c:24:5c:c5:aa:4b:
bb:4b:7f:1f:5f:df:08:af:18:3b:f6:6a:22:d2:fc:
b8:20:88:bf:6c:a9:cd:44:a3:f6:98:ac:5f:4a:b0:
49:41:57:ad:79:4d:76:9d:ce:d1:d7:ed:76:af:a5:
af:62:37:dd:02:bf:c4:4c:c0:da:e1:d5:55:92:66:
85:87:c2:ad:cb:ca:02:6f:a1:73:8b:3f:0f:d6:ac:
e4:b7:70:08:ee:03:35:4f:94:41:ba:a0:5b:6e:9b:
6d:16:a0:4b:2f:db:e4:f0:18:0b:ce:fa:93:12:ff:
0b:2f:31:25:f3:f4:ff:8b:8e:ef:bf:93:04:06:1a:
35:c4:75:d7:71:74:0f:b1:ee:4f:df:3d:9b:21:3c:
90:6e:71:6c:50:89:19:fc:9e:d6:b1:94:4e:47:26:
ca:e0:6d:f7:c5:0d:b7:25:ca:4e:49:22:82:2b:c3:
10:ab:14:31:14:75:95:73:de:8c:de:2d:c6:c0:35:
5f:e2:36:a9:d8:4a:2b:82:fa:81:86:5e:3f:b4:a4:
c8:a3:19:f6:0d:41:af:ae:a9:10:22:29:b9:ea:6d:
9f:23:fe:b2:19:4a:20:57:e5:15:e2:d0:12:ca:38:
c2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A0:3D:F0:6C:7F:78:30:22:60:EC:66:AF:5C:56:BD:FD:A1:5E:7E
X509v3 Authority Key Identifier:
keyid:B2:E3:91:16:9F:0C:9F:21:AA:8F:2E:89:E7:37:5C:72:EC:67:4F:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suORFp8MnyGqjy6J5zdccuxnT-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/sqA98Gx_eDAiYOxmr1xWvf2hXn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/88c204-bc30-4b9d-b9ec-5686279ec96e/1/suORFp8MnyGqjy6J5zdccuxnT-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:4b:e6:a4:3c:63:70:71:66:52:9a:85:91:6d:b1:f6:a1:af:
12:90:2c:93:45:3f:41:64:f6:0e:fa:ae:2b:5d:5d:ea:f4:11:
13:76:55:f4:c4:81:f9:18:b1:9c:52:6c:ff:8f:19:44:c2:45:
99:f3:60:df:e2:6d:a6:25:ce:4f:34:1d:80:eb:f7:14:76:9d:
51:2b:e6:08:6e:66:e0:9b:2f:95:da:e0:6c:41:3b:14:10:97:
4d:b2:71:7d:5f:30:51:bc:05:85:45:54:63:52:aa:5e:d3:74:
96:08:8c:01:71:9f:1e:e5:b5:2e:7f:d8:5d:b2:84:4c:82:ad:
38:40:ae:2c:4a:a7:0a:ad:bc:95:b0:bd:c9:ad:d2:6a:22:fc:
39:18:35:26:e0:1c:3c:82:51:70:ea:aa:e2:01:ab:67:00:eb:
fe:7d:ad:d5:7c:ef:68:c1:ba:b4:2d:7c:72:3f:89:09:a2:b1:
8f:e2:05:8b:15:d2:fb:92:35:ca:4c:8f:da:23:38:4a:d9:89:
dd:96:3f:bd:41:f7:34:b2:ba:22:4c:cf:3e:61:6d:c2:ba:f8:
89:83:12:bc:7a:df:a3:c8:5b:7b:ab:7a:33:71:dc:10:6b:83:
0c:65:5e:6d:29:44:8c:ca:93:9e:fe:bc:7a:24:53:04:43:29:
bb:93:ec:27
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzC2yvj2REE3FGGOgKYvUCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTM5MTE2OWYwYzlmMjFhYThmMmU4OWU3Mzc1YzcyZWM2
NzRmZWIwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmEwM2RmMDZjN2Y3ODMwMjI2MGVjNjZhZjVjNTZiZGZkYTE1ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/F9hwGUs8Hzi/yn4R3q9C+++0yD
xdOcJFzFqku7S38fX98Irxg79moi0vy4IIi/bKnNRKP2mKxfSrBJQVeteU12nc7R
1+12r6WvYjfdAr/ETMDa4dVVkmaFh8Kty8oCb6Fziz8P1qzkt3AI7gM1T5RBuqBb
bpttFqBLL9vk8BgLzvqTEv8LLzEl8/T/i47vv5MEBho1xHXXcXQPse5P3z2bITyQ
bnFsUIkZ/J7WsZRORybK4G33xQ23JcpOSSKCK8MQqxQxFHWVc96M3i3GwDVf4jap
2EorgvqBhl4/tKTIoxn2DUGvrqkQIim56m2fI/6yGUogV+UV4tASyjjCCwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLKgPfBsf3gwImDsZq9cVr39oV5+MB8GA1UdIwQY
MBaAFLLjkRafDJ8hqo8uiec3XHLsZ0/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VPUkZwOE1ueUdxank2SjV6ZGNjdXhuVC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS84OGMyMDQtYmMzMC00YjlkLWI5ZWMt
NTY4NjI3OWVjOTZlLzEvc3FBOThHeF9lREFpWU94bXIxeFd2ZjJoWG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS84OGMyMDQtYmMzMC00YjlkLWI5ZWMtNTY4NjI3OWVjOTZl
LzEvc3VPUkZwOE1ueUdxank2SjV6ZGNjdXhuVC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhiIwDQYJ
KoZIhvcNAQELBQADggEBAHhL5qQ8Y3BxZlKahZFtsfahrxKQLJNFP0Fk9g76ritd
Xer0ERN2VfTEgfkYsZxSbP+PGUTCRZnzYN/ibaYlzk80HYDr9xR2nVEr5ghuZuCb
L5Xa4GxBOxQQl02ycX1fMFG8BYVFVGNSql7TdJYIjAFxnx7ltS5/2F2yhEyCrThA
rixKpwqtvJWwvcmt0moi/DkYNSbgHDyCUXDqquIBq2cA6/59rdV872jBurQtfHI/
iQmisY/iBYsV0vuSNcpMj9ojOErZid2WP71B9zSyuiJMzz5hbcK6+ImDErx636PI
W3urejNx3BBrgwxlXm0pRIzKk57+vHokUwRDKbuT7Cc=
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:42:59 2024 by rpki-client on console-ams.rpki-client.org