Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/1-dqFh1YsaZPjNe0IOZh3u6nVC8U.roa
File: 1-dqFh1YsaZPjNe0IOZh3u6nVC8U.roa (raw, json)
Hash identifier: 1rcAoJcK4+eGde30IVdRHKUhsjNnMerIkEnXW6S3+CQ=
Subject key identifier: F9:DA:85:87:56:2C:69:93:E3:35:ED:08:39:98:77:BB:A9:D5:0B:C5
Certificate issuer: /CN=2ea29158d43aebab90331e317bb0cb35fa4dfd8f
Certificate serial: 018CC8DF02DE220E545734E7DA2500074908
Authority key identifier: 2E:A2:91:58:D4:3A:EB:AB:90:33:1E:31:7B:B0:CB:35:FA:4D:FD:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LqKRWNQ666uQMx4xe7DLNfpN_Y8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/1-dqFh1YsaZPjNe0IOZh3u6nVC8U.roa
Signing time: Tue 02 Jan 2024 06:31:47 +0000
ROA not before: Tue 02 Jan 2024 06:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52052
IP address blocks: 193.37.224.0/24 maxlen: 24
193.37.229.0/24 maxlen: 24
193.37.134.0/24 maxlen: 24
193.37.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/LqKRWNQ666uQMx4xe7DLNfpN_Y8.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/LqKRWNQ666uQMx4xe7DLNfpN_Y8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LqKRWNQ666uQMx4xe7DLNfpN_Y8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:02:de:22:0e:54:57:34:e7:da:25:00:07:49:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ea29158d43aebab90331e317bb0cb35fa4dfd8f
Validity
Not Before: Jan 2 06:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9da8587562c6993e335ed08399877bba9d50bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:f1:f2:52:68:1e:61:e1:21:93:b1:1d:9a:
3c:85:4f:bd:2f:e8:0d:14:a2:9c:7b:94:56:ed:41:
55:1d:16:3a:80:0b:91:20:10:4b:d8:d6:4b:2a:6c:
3f:09:59:3a:07:e2:15:76:b6:d7:99:02:5c:91:60:
78:66:1e:a8:83:f0:20:f4:53:32:0d:47:e0:75:f9:
ad:41:22:9a:01:e0:30:6c:72:98:7c:6c:c3:ff:28:
93:06:af:5c:ee:31:45:d4:b6:d3:6d:dc:37:ee:b7:
3a:51:4c:ef:91:7d:25:09:ef:56:b4:a7:69:b4:69:
f9:6f:26:79:11:4b:6f:9c:0d:c8:83:4b:c3:ea:13:
31:b9:4e:39:ea:ed:c4:0c:b0:a3:da:33:c4:ba:3d:
23:97:24:aa:9f:61:09:6e:8e:24:ce:51:89:8e:2c:
29:29:fe:e0:b9:e4:5f:81:b1:53:c5:d8:ca:45:59:
b3:2c:74:82:06:4e:d4:c8:ba:a7:98:75:fa:79:61:
07:4c:96:f8:d6:1a:f4:b0:b5:50:a0:2b:b8:cd:9d:
ea:b8:97:70:53:f6:35:4b:55:27:72:3c:b0:86:b9:
13:ce:a7:35:a5:fb:a9:c1:40:a1:98:8e:e6:2a:72:
23:d4:ff:0b:58:de:5c:e0:3b:1a:22:6b:dc:0f:b9:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DA:85:87:56:2C:69:93:E3:35:ED:08:39:98:77:BB:A9:D5:0B:C5
X509v3 Authority Key Identifier:
keyid:2E:A2:91:58:D4:3A:EB:AB:90:33:1E:31:7B:B0:CB:35:FA:4D:FD:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LqKRWNQ666uQMx4xe7DLNfpN_Y8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/1-dqFh1YsaZPjNe0IOZh3u6nVC8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/61f826-2e60-4494-b190-365d86838b36/1/LqKRWNQ666uQMx4xe7DLNfpN_Y8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.134.0/24
193.37.155.0/24
193.37.224.0/24
193.37.229.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:61:00:eb:62:a7:db:2f:e2:a7:3b:f9:b5:24:de:7b:ca:d2:
17:7b:2e:25:39:04:06:e1:94:f9:87:a0:ed:a9:94:42:c7:90:
be:1b:3a:a1:bd:cd:95:f7:b3:4f:08:d9:2f:30:b3:dc:9a:d3:
e0:2c:6e:72:9f:ce:98:0c:dd:7b:1f:6d:08:f7:45:e0:d5:03:
eb:22:e5:ba:b4:76:b4:6f:b1:35:45:ab:8e:23:27:9c:56:b6:
bb:b8:85:fd:8f:ca:4c:0e:82:24:ca:89:e2:13:2b:38:47:5e:
2c:e6:02:f8:4d:ed:f4:ba:f9:f6:9a:88:62:8d:8d:2f:85:09:
dc:1a:05:84:e5:df:ee:e0:d9:04:c3:d9:f0:4c:27:36:ad:46:
ad:df:0c:d8:3c:68:16:b6:b2:c1:fa:94:58:92:f6:f5:24:3e:
84:c0:c6:d4:30:04:5a:0c:95:2c:bf:24:66:5f:4e:f2:1c:ce:
95:0a:e1:cb:13:10:37:0e:49:34:52:1b:97:24:f7:f1:e4:c4:
82:9f:8c:22:b3:bc:c7:ee:69:76:a3:48:24:0c:4d:d0:1f:a4:
51:58:b0:66:37:45:32:51:87:1e:c0:26:49:1d:9a:07:13:f7:
e1:35:43:86:2f:45:ac:9f:c4:90:73:f7:70:83:22:02:d3:12:
f8:cb:30:9e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzI3wLeIg5UVzTn2iUAB0kIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYTI5MTU4ZDQzYWViYWI5MDMzMWUzMTdiYjBjYjM1ZmE0
ZGZkOGYwHhcNMjQwMTAyMDYzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRhODU4NzU2MmM2OTkzZTMzNWVkMDgzOTk4NzdiYmE5ZDUwYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD3x8lJoHmHhIZOxHZo8hU+9L+gN
FKKce5RW7UFVHRY6gAuRIBBL2NZLKmw/CVk6B+IVdrbXmQJckWB4Zh6og/Ag9FMy
DUfgdfmtQSKaAeAwbHKYfGzD/yiTBq9c7jFF1LbTbdw37rc6UUzvkX0lCe9WtKdp
tGn5byZ5EUtvnA3Ig0vD6hMxuU456u3EDLCj2jPEuj0jlySqn2EJbo4kzlGJjiwp
Kf7gueRfgbFTxdjKRVmzLHSCBk7UyLqnmHX6eWEHTJb41hr0sLVQoCu4zZ3quJdw
U/Y1S1UncjywhrkTzqc1pfupwUChmI7mKnIj1P8LWN5c4DsaImvcD7nisQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPnahYdWLGmT4zXtCDmYd7up1QvFMB8GA1UdIwQY
MBaAFC6ikVjUOuurkDMeMXuwyzX6Tf2PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHFLUldOUTY2NnVRTXg0eGU3RExOZnBOX1k4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MWY4MjYtMmU2MC00NDk0LWIxOTAt
MzY1ZDg2ODM4YjM2LzEvMS1kcUZoMVlzYVpQak5lMElPWmgzdTZuVkM4VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvNjFmODI2LTJlNjAtNDQ5NC1iMTkwLTM2NWQ4NjgzOGIz
Ni8xL0xxS1JXTlE2NjZ1UU14NHhlN0RMTmZwTl9ZOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMElhgME
AMElmwMEAMEl4AMEAMEl5TANBgkqhkiG9w0BAQsFAAOCAQEAm2EA62Kn2y/ipzv5
tSTee8rSF3suJTkEBuGU+Yeg7amUQseQvhs6ob3NlfezTwjZLzCz3JrT4Cxucp/O
mAzdex9tCPdF4NUD6yLlurR2tG+xNUWrjiMnnFa2u7iF/Y/KTA6CJMqJ4hMrOEde
LOYC+E3t9Lr59pqIYo2NL4UJ3BoFhOXf7uDZBMPZ8EwnNq1Grd8M2DxoFraywfqU
WJL29SQ+hMDG1DAEWgyVLL8kZl9O8hzOlQrhyxMQNw5JNFIblyT38eTEgp+MIrO8
x+5pdqNIJAxN0B+kUViwZjdFMlGHHsAmSR2aBxP34TVDhi9FrJ/EkHP3cIMiAtMS
+Mswng==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:18:43 2024 by rpki-client on console-ams.rpki-client.org