Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qe8qWXEM1l0MY3TmOXZozKzNkVI.roa
File: Qe8qWXEM1l0MY3TmOXZozKzNkVI.roa (raw, json)
Hash identifier: vAFGp6DveNHScimev1p2dPBAS5G/EQs6uDIefd1xaNo=
Subject key identifier: 41:EF:2A:59:71:0C:D6:5D:0C:63:74:E6:39:76:68:CC:AC:CD:91:52
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A0BA9F071CCE987C93EB6E08DDBD6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qe8qWXEM1l0MY3TmOXZozKzNkVI.roa
Signing time: Tue 02 Jan 2024 12:33:22 +0000
ROA not before: Tue 02 Jan 2024 12:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50685
IP address blocks: 93.171.160.0/23 maxlen: 24
146.120.192.0/22 maxlen: 24
93.170.236.0/22 maxlen: 24
146.120.14.0/23 maxlen: 24
146.120.13.0/24 maxlen: 24
95.47.60.0/23 maxlen: 24
2a02:128:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0b:a9:f0:71:cc:e9:87:c9:3e:b6:e0:8d:db:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41ef2a59710cd65d0c6374e6397668ccaccd9152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:32:25:97:fa:db:69:b2:35:66:fd:8a:6d:
2a:65:a3:29:e1:fa:70:25:e8:4c:30:3d:53:78:a0:
bd:aa:2d:ef:81:d2:04:4e:a3:ed:ac:1a:8e:95:b8:
99:88:15:94:ee:e1:90:6c:98:92:45:79:c6:41:b2:
67:01:3b:e9:83:56:47:23:c2:7b:ac:7a:f6:b6:b5:
ad:a4:fc:03:30:c3:68:29:89:98:93:58:f6:0b:51:
8a:e5:d9:ed:52:a4:4d:57:6b:bf:76:67:de:ed:81:
7a:2f:03:bb:b1:3f:11:c0:ff:9f:2c:b0:06:45:14:
f2:78:45:2b:a5:5f:59:d8:42:7d:2c:b4:0b:f5:dd:
4d:22:95:b2:18:f7:f3:dc:7a:99:12:a6:a3:b8:fa:
a2:e7:c7:67:8c:fb:fd:df:2f:af:8c:48:d1:79:de:
f7:58:8a:1a:a9:34:26:77:1e:c0:43:2e:1e:29:86:
48:76:88:24:3d:b2:12:c1:2a:6d:84:a9:e2:50:99:
7a:9b:3d:f9:5f:cb:65:1d:94:3b:1a:7b:58:83:ce:
56:0f:74:f9:4c:2a:fc:11:ac:c2:93:ce:45:7b:c0:
a6:36:2b:b5:e3:dc:dc:9d:c0:56:08:ed:82:0c:2a:
83:50:b2:a0:7a:bb:9a:36:7c:16:96:48:23:c6:1b:
af:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:EF:2A:59:71:0C:D6:5D:0C:63:74:E6:39:76:68:CC:AC:CD:91:52
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Qe8qWXEM1l0MY3TmOXZozKzNkVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.236.0/22
93.171.160.0/23
95.47.60.0/23
146.120.13.0-146.120.15.255
146.120.192.0/22
IPv6:
2a02:128:9::/48
Signature Algorithm: sha256WithRSAEncryption
3c:cb:4b:f5:ff:9d:36:6e:96:df:0d:43:81:3b:84:e6:d0:f9:
6a:5f:f7:f4:37:22:8a:3e:eb:5c:39:05:76:99:0c:e1:2b:73:
cf:26:20:59:2d:1f:f3:e4:9d:3f:4e:12:9b:38:79:e6:15:24:
51:93:86:db:89:95:50:14:c2:ce:c5:c0:72:f9:b5:44:47:44:
2f:7f:71:e4:eb:02:1a:e7:c0:07:83:fe:fe:10:25:b2:4b:20:
17:eb:8b:f0:1a:ce:57:c6:fe:d2:2a:49:1a:71:69:52:93:f7:
23:93:31:e7:8a:85:75:5f:45:60:b2:2b:a3:e1:67:23:42:e2:
71:76:68:f6:49:4e:ea:48:63:50:48:79:2f:09:a6:b4:8c:d4:
cf:dc:79:27:a1:34:64:a8:3e:50:48:27:29:09:11:dd:6f:a0:
c8:40:40:e0:8f:47:f1:0f:0b:4f:3d:64:c1:d3:16:da:09:4c:
68:0b:6c:32:52:f3:0e:8b:f0:a2:f0:a0:36:14:ce:0b:c6:cb:
84:9c:d4:ca:6f:73:4f:0e:53:29:f0:b3:ca:cc:76:40:fe:58:
69:83:6f:e2:f3:65:ad:24:55:24:98:cf:09:e6:85:65:d8:5d:
4d:6b:97:7d:55:d8:16:57:e8:6c:e8:3c:ea:47:be:76:9a:7f:
75:5d:08:c4
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzKKgup8HHM6YfJPrbgjdvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWVmMmE1OTcxMGNkNjVkMGM2Mzc0ZTYzOTc2NjhjY2FjY2Q5MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9MyJZf622myNWb9im0qZaMp4fpw
JehMMD1TeKC9qi3vgdIETqPtrBqOlbiZiBWU7uGQbJiSRXnGQbJnATvpg1ZHI8J7
rHr2trWtpPwDMMNoKYmYk1j2C1GK5dntUqRNV2u/dmfe7YF6LwO7sT8RwP+fLLAG
RRTyeEUrpV9Z2EJ9LLQL9d1NIpWyGPfz3HqZEqajuPqi58dnjPv93y+vjEjRed73
WIoaqTQmdx7AQy4eKYZIdogkPbISwSpthKniUJl6mz35X8tlHZQ7GntYg85WD3T5
TCr8EazCk85Fe8CmNiu149zcncBWCO2CDCqDULKgeruaNnwWlkgjxhuvpQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFEHvKllxDNZdDGN05jl2aMyszZFSMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUWU4cVdYRU0xbDBNWTNUbU9YWm96S3pOa1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQCXarsAwQB
XaugAwQBXy88MAwDBACSeA0DBASSeAADBAKSeMAwDwQCAAIwCQMHACoCASgACTAN
BgkqhkiG9w0BAQsFAAOCAQEAPMtL9f+dNm6W3w1DgTuE5tD5al/39Dciij7rXDkF
dpkM4StzzyYgWS0f8+SdP04Smzh55hUkUZOG24mVUBTCzsXAcvm1REdEL39x5OsC
GufAB4P+/hAlsksgF+uL8BrOV8b+0ipJGnFpUpP3I5Mx54qFdV9FYLIro+FnI0Li
cXZo9klO6khjUEh5LwmmtIzUz9x5J6E0ZKg+UEgnKQkR3W+gyEBA4I9H8Q8LTz1k
wdMW2glMaAtsMlLzDovwovCgNhTOC8bLhJzUym9zTw5TKfCzysx2QP5YaYNv4vNl
rSRVJJjPCeaFZdhdTWuXfVXYFlfobOg86ke+dpp/dV0IxA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:12 2024 by rpki-client on console-fra.rpki-client.org