Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/SqCIHYP5ems2d5PJHJAsfujzhm4.roa
File: SqCIHYP5ems2d5PJHJAsfujzhm4.roa (raw, json)
Hash identifier: aQsgTdHy1z8USbIZAFM5SnWujiBHz7aOBACbs+7RWQE=
Subject key identifier: 4A:A0:88:1D:83:F9:7A:6B:36:77:93:C9:1C:90:2C:7E:E8:F3:86:6E
Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial: 018CC348B65869D2C524A1F7E2097E3710A4
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/SqCIHYP5ems2d5PJHJAsfujzhm4.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42512
IP address blocks: 91.208.65.0/24 maxlen: 24
193.110.79.0/24 maxlen: 24
194.110.126.0/24 maxlen: 24
91.225.120.0/22 maxlen: 22
91.225.120.0/24 maxlen: 24
91.225.123.0/24 maxlen: 24
91.225.122.0/24 maxlen: 24
91.225.121.0/24 maxlen: 24
31.43.168.0/24 maxlen: 24
31.43.168.0/22 maxlen: 22
31.43.171.0/24 maxlen: 24
31.43.170.0/24 maxlen: 24
31.43.169.0/24 maxlen: 24
31.43.182.0/24 maxlen: 24
31.43.181.0/24 maxlen: 24
31.43.180.0/22 maxlen: 22
31.43.180.0/24 maxlen: 24
31.43.183.0/24 maxlen: 24
193.110.78.0/24 maxlen: 24
193.110.77.0/24 maxlen: 24
193.110.76.0/22 maxlen: 22
193.110.76.0/24 maxlen: 24
2001:67c:a28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b6:58:69:d2:c5:24:a1:f7:e2:09:7e:37:10:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aa0881d83f97a6b367793c91c902c7ee8f3866e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:a4:5a:16:1a:c3:ba:8c:93:15:d2:c4:cd:
77:9a:48:6e:73:ac:9a:1f:3f:b0:5b:80:34:ec:d4:
6e:97:0e:fb:da:3a:8c:4d:92:a2:e2:31:20:63:81:
ec:e6:f5:a3:d7:1d:38:fa:1a:6d:88:13:6b:2b:58:
14:2d:0a:93:44:ac:e7:7d:3d:93:57:90:cb:58:e1:
3d:1a:54:3d:b1:74:97:72:79:07:87:70:e7:4e:01:
5c:73:24:19:8a:1d:26:9d:a3:0c:9d:16:c0:ee:68:
1a:48:5c:f1:c7:88:f6:61:48:aa:64:34:4f:89:1f:
94:34:0a:53:9f:f7:e7:3c:df:5d:e8:c0:63:79:da:
81:d3:60:41:35:a7:4d:c1:fe:22:86:a2:2b:47:6b:
6f:6f:f9:d6:cc:80:25:ae:a7:89:b2:c6:52:39:11:
fa:37:be:f3:23:44:39:96:9c:90:93:8f:9a:19:a3:
15:2e:e1:18:ee:e4:69:d0:e8:aa:41:bc:1e:2e:22:
46:73:0f:7a:3f:38:aa:3c:b6:43:fc:91:1b:69:bc:
04:24:fc:ab:88:b8:1e:ec:d3:52:d3:4b:57:ed:ce:
24:72:d9:cc:5c:2d:81:c9:17:45:44:60:5b:e2:6b:
6f:9b:e5:48:a1:cb:42:9e:58:2a:9b:66:48:be:ce:
9c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A0:88:1D:83:F9:7A:6B:36:77:93:C9:1C:90:2C:7E:E8:F3:86:6E
X509v3 Authority Key Identifier:
keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/SqCIHYP5ems2d5PJHJAsfujzhm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.168.0/22
31.43.180.0/22
91.208.65.0/24
91.225.120.0/22
193.110.76.0/22
194.110.126.0/24
IPv6:
2001:67c:a28::/48
Signature Algorithm: sha256WithRSAEncryption
83:8d:36:d8:b2:9c:3e:f1:cb:2c:4d:9f:da:ce:2b:ca:db:6a:
05:46:ba:ca:8d:a2:22:d9:bc:30:71:ff:f8:0e:6d:6f:a0:b0:
3b:4d:ff:9b:72:32:6b:53:6b:e7:ce:97:90:83:2e:a9:3f:48:
6c:06:30:2b:6b:f2:21:69:c1:11:c9:77:c8:b1:6e:fa:64:44:
0a:e4:f6:ee:6b:5a:f7:a1:a4:7f:a1:4d:73:5e:34:9d:7d:93:
b3:b5:79:54:bd:12:b5:d3:69:96:b9:f5:1e:cf:fc:38:62:57:
18:01:fa:f9:af:c7:c8:98:7a:87:3b:4a:d7:be:cf:69:9a:17:
1b:f7:f5:8e:78:69:cb:11:a3:88:22:2a:00:d2:5c:47:36:08:
fa:19:79:c0:3d:a8:36:f3:f6:2a:70:54:cc:c7:c4:71:fa:8f:
b2:18:2d:8b:12:fd:cb:e2:96:48:41:dd:51:d9:04:c8:82:3a:
d4:ce:4f:ad:64:4d:b8:71:b2:7d:af:35:ec:a9:18:4b:97:b7:
23:c2:7c:ea:5f:9b:c1:45:ec:c2:c5:76:06:d1:1f:d7:2e:d6:
4c:4e:65:63:a3:76:e9:97:c9:6d:96:70:c2:72:75:e2:d8:8c:
21:21:9a:1f:93:73:98:c2:c2:b9:5d:85:4e:dc:65:9b:44:73:
39:fb:c1:23
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzDSLZYadLFJKH34gl+NxCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY3NjI4MmRmNTMyMDlhNThjMDMwMmU3NGY4YTk3Y2Ez
YWZmMDUwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWEwODgxZDgzZjk3YTZiMzY3NzkzYzkxYzkwMmM3ZWU4ZjM4NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvqkWhYaw7qMkxXSxM13mkhuc6ya
Hz+wW4A07NRulw772jqMTZKi4jEgY4Hs5vWj1x04+hptiBNrK1gULQqTRKznfT2T
V5DLWOE9GlQ9sXSXcnkHh3DnTgFccyQZih0mnaMMnRbA7mgaSFzxx4j2YUiqZDRP
iR+UNApTn/fnPN9d6MBjedqB02BBNadNwf4ihqIrR2tvb/nWzIAlrqeJssZSORH6
N77zI0Q5lpyQk4+aGaMVLuEY7uRp0OiqQbweLiJGcw96PziqPLZD/JEbabwEJPyr
iLge7NNS00tX7c4kctnMXC2ByRdFRGBb4mtvm+VIoctCnlgqm2ZIvs6cewIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEqgiB2D+XprNneTyRyQLH7o84ZuMB8GA1UdIwQY
MBaAFOoPdigt9TIJpYwDAudPipfKOv8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgt
YmU3YzgxOTQ4MzI0LzEvU3FDSUhZUDVlbXMyZDVQSkhKQXNmdWp6aG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgtYmU3YzgxOTQ4MzI0
LzEvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCHyuoAwQC
Hyu0AwQAW9BBAwQCW+F4AwQCwW5MAwQAwm5+MA8EAgACMAkDBwAgAQZ8CigwDQYJ
KoZIhvcNAQELBQADggEBAIONNtiynD7xyyxNn9rOK8rbagVGusqNoiLZvDBx//gO
bW+gsDtN/5tyMmtTa+fOl5CDLqk/SGwGMCtr8iFpwRHJd8ixbvpkRArk9u5rWveh
pH+hTXNeNJ19k7O1eVS9ErXTaZa59R7P/DhiVxgB+vmvx8iYeoc7Ste+z2maFxv3
9Y54acsRo4giKgDSXEc2CPoZecA9qDbz9ipwVMzHxHH6j7IYLYsS/cvilkhB3VHZ
BMiCOtTOT61kTbhxsn2vNeypGEuXtyPCfOpfm8FF7MLFdgbRH9cu1kxOZWOjdumX
yW2WcMJydeLYjCEhmh+Tc5jCwrldhU7cZZtEczn7wSM=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:27 2024 by rpki-client on console-fra.rpki-client.org