Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/fQVEtKDzussz1PRDw8t4hQlQL3E.roa
File: fQVEtKDzussz1PRDw8t4hQlQL3E.roa (raw, json)
Hash identifier: 4pW0vjjiFOuF9QS+P79WQbJ3SbBvyVwpixLrgw2HXuY=
Subject key identifier: 7D:05:44:B4:A0:F3:BA:CB:33:D4:F4:43:C3:CB:78:85:09:50:2F:71
Certificate issuer: /CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Certificate serial: 018CC7950A7128F2CD385D9DE49FB4E1E277
Authority key identifier: 19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/fQVEtKDzussz1PRDw8t4hQlQL3E.roa
Signing time: Tue 02 Jan 2024 00:31:22 +0000
ROA not before: Tue 02 Jan 2024 00:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204453
IP address blocks: 193.104.170.0/24 maxlen: 24
91.199.54.0/24 maxlen: 24
194.145.202.0/24 maxlen: 24
194.242.59.0/24 maxlen: 24
91.214.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:0a:71:28:f2:cd:38:5d:9d:e4:9f:b4:e1:e2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Validity
Not Before: Jan 2 00:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d0544b4a0f3bacb33d4f443c3cb788509502f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b9:fa:5e:ae:33:ca:d5:94:b9:1f:e2:90:4d:
e2:64:f7:a4:8c:c6:13:a1:a1:90:3a:fc:01:a8:90:
18:09:d2:79:4c:10:c3:38:f2:09:2c:1c:6d:b4:7f:
c4:14:04:3b:84:e5:0b:dd:ea:b6:ff:4f:23:ae:d5:
92:d6:22:5d:8a:56:7b:9f:60:e5:f2:0e:55:5c:f8:
07:b0:92:60:f2:11:1b:38:e5:4d:b7:1a:dd:99:c4:
3d:db:b2:6c:cf:51:5b:d3:9a:eb:b7:68:34:9c:f8:
0f:c9:43:71:e1:54:1d:10:51:d6:2c:e1:47:71:8f:
36:a5:bd:86:9c:a5:06:43:a0:68:c9:ba:0a:ef:6e:
e4:e4:b0:cd:27:05:30:36:ca:e7:cc:5e:79:06:d9:
1b:00:a0:0b:ff:35:0a:17:6f:a1:e1:1f:5f:08:db:
8d:b2:1c:90:d8:87:e3:10:ff:a3:4c:48:2e:54:8d:
d0:59:27:d5:ea:bb:39:fe:d0:e6:8c:1a:33:ed:df:
3c:25:f9:91:03:c5:1c:54:fd:30:ee:64:78:b3:77:
d3:da:e1:99:39:75:05:02:92:3d:7b:98:41:08:c2:
5c:8f:34:c7:da:cd:88:9a:fa:8d:f0:ac:61:58:7f:
62:c0:6e:0a:3f:f2:e4:50:74:df:63:6b:9f:c0:56:
86:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:05:44:B4:A0:F3:BA:CB:33:D4:F4:43:C3:CB:78:85:09:50:2F:71
X509v3 Authority Key Identifier:
keyid:19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/fQVEtKDzussz1PRDw8t4hQlQL3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.54.0/24
91.214.126.0/24
193.104.170.0/24
194.145.202.0/24
194.242.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ad:88:2c:3a:a1:16:11:99:d0:80:9b:ff:ab:be:cd:fc:61:
e7:8d:8c:f0:ec:d5:af:ea:90:00:6f:0e:42:ab:56:23:74:3b:
f9:8f:8f:b0:96:49:60:4a:a1:b4:f5:73:03:12:3e:08:ec:fa:
6f:b8:73:2c:af:ab:1e:86:68:4a:5e:33:e1:92:90:3e:94:93:
f7:08:6f:b8:fd:80:65:b0:02:eb:81:b9:5b:26:bf:d5:0a:5c:
5b:c7:09:ad:dd:6e:e7:c3:9f:48:7c:01:37:c0:11:0c:74:56:
7d:7c:1f:24:e7:66:ff:d0:bc:49:72:d5:df:37:12:0e:83:d6:
67:48:03:f2:98:39:81:a1:a1:b2:ad:64:dd:b5:a6:7c:be:63:
9c:b3:40:22:42:f3:8a:78:15:75:64:5f:eb:78:22:0d:4b:af:
c0:77:60:62:b2:ee:65:26:a8:af:72:58:6c:64:4b:05:93:e9:
3a:6f:5b:6d:eb:7f:25:c9:4e:85:38:f8:49:b5:7e:7f:2e:5d:
24:56:4c:f4:a7:96:2f:e2:82:79:50:1b:75:5a:a2:00:5f:39:
51:ef:d8:3d:1a:87:92:aa:7c:1f:f3:e3:88:09:3d:e3:3b:80:
6b:63:ac:69:2b:d1:ce:1b:f8:cc:a3:e3:e5:d2:61:8f:ff:13:
94:c1:0d:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlQpxKPLNOF2d5J+04eJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjVlMDRiNjU1NWYxZTJjOTJkN2E0MWFjMTA2YTc1ZGVh
OTI4YTIwHhcNMjQwMTAyMDAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA1NDRiNGEwZjNiYWNiMzNkNGY0NDNjM2NiNzg4NTA5NTAyZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27n6Xq4zytWUuR/ikE3iZPekjMYT
oaGQOvwBqJAYCdJ5TBDDOPIJLBxttH/EFAQ7hOUL3eq2/08jrtWS1iJdilZ7n2Dl
8g5VXPgHsJJg8hEbOOVNtxrdmcQ927Jsz1Fb05rrt2g0nPgPyUNx4VQdEFHWLOFH
cY82pb2GnKUGQ6BoyboK727k5LDNJwUwNsrnzF55BtkbAKAL/zUKF2+h4R9fCNuN
shyQ2IfjEP+jTEguVI3QWSfV6rs5/tDmjBoz7d88JfmRA8UcVP0w7mR4s3fT2uGZ
OXUFApI9e5hBCMJcjzTH2s2ImvqN8KxhWH9iwG4KP/LkUHTfY2ufwFaGFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH0FRLSg87rLM9T0Q8PLeIUJUC9xMB8GA1UdIwQY
MBaAFBn14EtlVfHiyS16QawQanXeqSiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgt
NzUzMDRmOWY1YzI0LzEvZlFWRXRLRHp1c3N6MVBSRHc4dDRoUWxRTDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgtNzUzMDRmOWY1YzI0
LzEvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8c2AwQA
W9Z+AwQAwWiqAwQAwpHKAwQAwvI7MA0GCSqGSIb3DQEBCwUAA4IBAQAKrYgsOqEW
EZnQgJv/q77N/GHnjYzw7NWv6pAAbw5Cq1YjdDv5j4+wlklgSqG09XMDEj4I7Ppv
uHMsr6sehmhKXjPhkpA+lJP3CG+4/YBlsALrgblbJr/VClxbxwmt3W7nw59IfAE3
wBEMdFZ9fB8k52b/0LxJctXfNxIOg9ZnSAPymDmBoaGyrWTdtaZ8vmOcs0AiQvOK
eBV1ZF/reCINS6/Ad2Bisu5lJqivclhsZEsFk+k6b1tt638lyU6FOPhJtX5/Ll0k
Vkz0p5Yv4oJ5UBt1WqIAXzlR79g9GoeSqnwf8+OICT3jO4BrY6xpK9HOG/jMo+Pl
0mGP/xOUwQ2x
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:39 2024 by rpki-client on console-fra.rpki-client.org