Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/qDUl3BA8t0sfMuVVcys04K0EwcA.roa
File: qDUl3BA8t0sfMuVVcys04K0EwcA.roa (raw, json)
Hash identifier: o4D79kAPASX5XPdpvVDV5tALiGIJeCuvj5HADRz0rYg=
Subject key identifier: A8:35:25:DC:10:3C:B7:4B:1F:32:E5:55:73:2B:34:E0:AD:04:C1:C0
Certificate issuer: /CN=946733318c62c47920fe375ad99cb729ee90a1ad
Certificate serial: 018CC26D2250B4BF20F5C9E8332A9024DDCB
Authority key identifier: 94:67:33:31:8C:62:C4:79:20:FE:37:5A:D9:9C:B7:29:EE:90:A1:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lGczMYxixHkg_jda2Zy3Ke6Qoa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/qDUl3BA8t0sfMuVVcys04K0EwcA.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203474
IP address blocks: 185.114.196.0/22 maxlen: 22
185.114.196.0/24 maxlen: 24
2a03:3780::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/lGczMYxixHkg_jda2Zy3Ke6Qoa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/lGczMYxixHkg_jda2Zy3Ke6Qoa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lGczMYxixHkg_jda2Zy3Ke6Qoa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:22:50:b4:bf:20:f5:c9:e8:33:2a:90:24:dd:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=946733318c62c47920fe375ad99cb729ee90a1ad
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a83525dc103cb74b1f32e555732b34e0ad04c1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:be:f7:af:00:6e:78:e4:fd:70:00:e1:e3:63:
15:54:2c:34:2c:ce:ba:3a:f0:fb:14:c1:11:58:a4:
72:f7:11:8f:42:f9:89:22:2c:5d:47:a7:7a:39:ac:
7a:55:38:65:e5:ec:c4:c8:b0:8d:8e:6c:c6:58:af:
15:a5:47:a2:52:5f:ff:08:a6:b1:b0:9c:06:53:45:
13:e8:86:90:b9:fb:3f:d2:b6:ab:44:97:64:1f:86:
ff:4a:ef:c5:ca:6f:34:98:e0:fc:73:50:e8:0e:73:
21:d0:07:ed:40:a8:66:f9:a0:02:50:d4:83:68:44:
18:4b:d8:d2:0c:73:4f:4b:fd:59:09:4a:93:22:e8:
30:1a:68:df:bf:59:1f:2d:05:1a:d5:cd:6d:a0:d4:
99:b2:be:8a:5f:28:8d:b6:58:33:8c:ed:ae:ef:f7:
61:90:57:5d:6b:18:10:be:97:71:6d:52:b2:d9:8a:
a9:f7:05:e9:61:f9:4b:be:6d:45:c6:ed:2d:e4:1c:
e4:3a:da:1f:d6:db:44:48:64:55:0d:cd:3d:03:2c:
28:4a:0d:25:e6:33:b5:c9:3e:a4:6a:fd:1a:af:21:
3f:aa:7a:cd:ed:6b:b7:10:0b:35:3c:8a:42:79:76:
c9:9e:41:44:96:a3:0c:36:2c:ed:81:d3:b0:4a:f5:
ec:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:35:25:DC:10:3C:B7:4B:1F:32:E5:55:73:2B:34:E0:AD:04:C1:C0
X509v3 Authority Key Identifier:
keyid:94:67:33:31:8C:62:C4:79:20:FE:37:5A:D9:9C:B7:29:EE:90:A1:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGczMYxixHkg_jda2Zy3Ke6Qoa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/qDUl3BA8t0sfMuVVcys04K0EwcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d7609e-6396-4155-ad35-b74089d8e59e/1/lGczMYxixHkg_jda2Zy3Ke6Qoa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.196.0/22
IPv6:
2a03:3780::/48
Signature Algorithm: sha256WithRSAEncryption
85:bd:1e:b1:49:28:94:74:7e:fb:59:ee:5f:14:61:03:66:54:
fe:24:85:6d:22:db:b7:03:e1:32:b3:38:41:66:9f:47:7b:10:
96:23:50:fe:eb:a8:68:ac:4f:7c:b9:bc:09:30:e3:93:86:c8:
31:b6:8f:26:7e:35:0c:30:9c:ce:b0:47:03:a6:60:b5:e5:7f:
6b:13:e9:e9:8b:a4:89:6e:f5:19:eb:5c:83:30:5c:26:72:4a:
13:57:4d:78:77:51:f0:00:80:52:d0:20:e1:91:e4:bc:f4:9e:
32:7f:57:ec:08:fb:fb:7c:34:63:61:c2:8d:04:b3:04:9d:74:
01:46:06:f9:32:3c:62:88:b8:68:ec:cd:e0:84:f0:e4:89:f4:
4d:5a:05:1e:7a:fd:4e:6d:a7:34:eb:a7:26:52:b8:23:3a:13:
9f:a0:52:8c:fb:5e:0f:c7:30:1e:65:a7:ef:ba:ff:5d:93:51:
94:74:88:cb:3e:49:7e:58:28:38:8b:15:a2:6b:11:d8:68:01:
3c:db:f2:25:b1:9a:bc:31:fb:ce:43:50:4e:3d:fd:88:76:35:
a9:bb:fd:f2:1b:cc:4a:d5:5e:4d:be:d1:33:1a:43:ec:61:b1:
4c:23:1e:06:4e:60:bf:cf:45:bf:2f:aa:dc:e9:7c:a7:20:3e:
47:cc:9f:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbSJQtL8g9cnoMyqQJN3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjczMzMxOGM2MmM0NzkyMGZlMzc1YWQ5OWNiNzI5ZWU5
MGExYWQwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM1MjVkYzEwM2NiNzRiMWYzMmU1NTU3MzJiMzRlMGFkMDRjMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr73rwBueOT9cADh42MVVCw0LM66
OvD7FMERWKRy9xGPQvmJIixdR6d6Oax6VThl5ezEyLCNjmzGWK8VpUeiUl//CKax
sJwGU0UT6IaQufs/0rarRJdkH4b/Su/Fym80mOD8c1DoDnMh0AftQKhm+aACUNSD
aEQYS9jSDHNPS/1ZCUqTIugwGmjfv1kfLQUa1c1toNSZsr6KXyiNtlgzjO2u7/dh
kFddaxgQvpdxbVKy2Yqp9wXpYflLvm1Fxu0t5BzkOtof1ttESGRVDc09AywoSg0l
5jO1yT6kav0aryE/qnrN7Wu3EAs1PIpCeXbJnkFElqMMNiztgdOwSvXscQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKg1JdwQPLdLHzLlVXMrNOCtBMHAMB8GA1UdIwQY
MBaAFJRnMzGMYsR5IP43WtmctynukKGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdjek1ZeGl4SGtnX2pkYTJaeTNLZTZRb2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kNzYwOWUtNjM5Ni00MTU1LWFkMzUt
Yjc0MDg5ZDhlNTllLzEvcURVbDNCQTh0MHNmTXVWVmN5czA0SzBFd2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kNzYwOWUtNjM5Ni00MTU1LWFkMzUtYjc0MDg5ZDhlNTll
LzEvbEdjek1ZeGl4SGtnX2pkYTJaeTNLZTZRb2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuXLEMA8E
AgACMAkDBwAqAzeAAAAwDQYJKoZIhvcNAQELBQADggEBAIW9HrFJKJR0fvtZ7l8U
YQNmVP4khW0i27cD4TKzOEFmn0d7EJYjUP7rqGisT3y5vAkw45OGyDG2jyZ+NQww
nM6wRwOmYLXlf2sT6emLpIlu9RnrXIMwXCZyShNXTXh3UfAAgFLQIOGR5Lz0njJ/
V+wI+/t8NGNhwo0EswSddAFGBvkyPGKIuGjszeCE8OSJ9E1aBR56/U5tpzTrpyZS
uCM6E5+gUoz7Xg/HMB5lp++6/12TUZR0iMs+SX5YKDiLFaJrEdhoATzb8iWxmrwx
+85DUE49/Yh2Nam7/fIbzErVXk2+0TMaQ+xhsUwjHgZOYL/PRb8vqtzpfKcgPkfM
n3c=
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:34:14 2024 by rpki-client on console-ams.rpki-client.org