Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/q95tWoI4bILEAVmRGy8nKKtQNLk.roa
File: q95tWoI4bILEAVmRGy8nKKtQNLk.roa (raw, json)
Hash identifier: 0g6vaJKkQfl8tLgxzZfZcq7kvgkr/MrVPrJozGIQzqc=
Subject key identifier: AB:DE:6D:5A:82:38:6C:82:C4:01:59:91:1B:2F:27:28:AB:50:34:B9
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 018CC3494F0D62AC02FF4D6C6DA08D288D41
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/q95tWoI4bILEAVmRGy8nKKtQNLk.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24768
IP address blocks: 176.111.108.0/24 maxlen: 24
176.111.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4f:0d:62:ac:02:ff:4d:6c:6d:a0:8d:28:8d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abde6d5a82386c82c40159911b2f2728ab5034b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:62:e4:67:8f:eb:b8:67:a4:bd:79:3e:07:
41:eb:4d:8b:f6:0d:2c:38:ef:68:df:21:d2:51:33:
85:49:00:25:95:9b:c3:8f:14:80:1f:59:bf:34:5d:
64:89:fc:9d:f7:46:b2:9a:6c:97:55:75:60:dd:39:
e8:c3:08:08:28:c1:3e:ba:dd:6a:16:1c:b3:2a:87:
cc:ee:56:8c:50:ce:f7:6f:45:ff:f0:ca:d0:71:3d:
a8:17:8a:ba:bb:40:10:12:9e:37:73:8d:60:3e:a1:
a6:8c:06:b1:6d:ce:c2:60:6c:0c:e2:4b:0c:3e:24:
a4:a7:1e:73:41:48:b4:a8:7e:c4:db:71:04:f7:fa:
76:ff:b5:26:1d:8b:fd:94:86:a4:f7:48:7e:a0:cd:
65:7a:8e:0e:dd:ee:b5:28:e0:a0:57:7a:7c:19:d5:
1b:14:66:0e:df:2f:5c:cc:e5:ff:f6:fd:12:68:99:
87:af:b4:01:62:a8:89:a7:6a:db:62:0a:64:c5:09:
fa:58:02:d7:dc:27:6c:a5:ff:ad:64:1f:80:13:a3:
bf:b3:ed:cc:3f:85:8a:26:fa:18:c6:cc:5f:4a:51:
68:fb:05:27:eb:80:e3:02:07:39:a1:56:f5:f9:4b:
b3:23:9d:c2:8c:1c:25:e2:67:8c:82:96:e6:30:5a:
8c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DE:6D:5A:82:38:6C:82:C4:01:59:91:1B:2F:27:28:AB:50:34:B9
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/q95tWoI4bILEAVmRGy8nKKtQNLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.108.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:6f:72:59:99:b7:09:d5:fb:a3:9b:bb:2c:31:40:0e:44:5f:
4b:ab:06:53:27:80:19:7b:ea:27:2d:f3:8d:7a:99:4f:41:29:
91:1f:62:19:ac:3e:6e:b9:26:07:6c:22:35:ec:76:1e:0f:61:
19:6a:36:c4:f4:61:ac:69:e8:21:f2:54:3e:84:23:ca:de:de:
63:89:2a:72:0a:6c:d8:37:45:d3:bb:73:70:5b:2e:c3:ae:c4:
e8:f5:b9:76:a6:f6:af:5d:52:4c:f8:d7:66:66:c2:e9:d1:ac:
59:03:8c:9d:86:55:f7:3f:e1:9b:55:ab:6f:bd:12:39:bc:f4:
cd:b5:b3:92:93:c0:60:eb:d5:be:18:00:94:c2:cd:fc:5d:93:
ae:5e:2a:d8:65:88:90:c3:50:35:fd:71:5b:6e:05:ab:d4:c1:
76:29:24:31:93:9a:d3:f5:71:03:a5:fd:29:40:dc:53:dd:e6:
00:d4:4a:cc:b9:ac:cf:a8:92:2f:80:2c:e8:92:76:e0:89:65:
38:7b:ef:a3:c6:fa:1b:b7:04:b8:fb:ad:e3:e9:20:b8:d6:2f:
fc:77:53:ae:58:2f:7b:15:a6:f9:98:ac:45:f9:e7:dc:8f:91:
f7:bb:df:be:cc:d0:6c:08:b4:78:90:ef:d1:38:9d:e2:a8:43:
92:94:65:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSU8NYqwC/01sbaCNKI1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4
ZWEzYjEwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRlNmQ1YTgyMzg2YzgyYzQwMTU5OTExYjJmMjcyOGFiNTAzNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZdi5GeP67hnpL15PgdB602L9g0s
OO9o3yHSUTOFSQAllZvDjxSAH1m/NF1kifyd90aymmyXVXVg3TnowwgIKME+ut1q
FhyzKofM7laMUM73b0X/8MrQcT2oF4q6u0AQEp43c41gPqGmjAaxbc7CYGwM4ksM
PiSkpx5zQUi0qH7E23EE9/p2/7UmHYv9lIak90h+oM1leo4O3e61KOCgV3p8GdUb
FGYO3y9czOX/9v0SaJmHr7QBYqiJp2rbYgpkxQn6WALX3Cdspf+tZB+AE6O/s+3M
P4WKJvoYxsxfSlFo+wUn64DjAgc5oVb1+UuzI53CjBwl4meMgpbmMFqM/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvebVqCOGyCxAFZkRsvJyirUDS5MB8GA1UdIwQY
MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt
ZTMzYWUxMDZiNTRkLzEvcTk1dFdvSTRiSUxFQVZtUkd5OG5LS3RRTkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk
LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsG9sMA0G
CSqGSIb3DQEBCwUAA4IBAQAOb3JZmbcJ1fujm7ssMUAORF9LqwZTJ4AZe+onLfON
eplPQSmRH2IZrD5uuSYHbCI17HYeD2EZajbE9GGsaegh8lQ+hCPK3t5jiSpyCmzY
N0XTu3NwWy7DrsTo9bl2pvavXVJM+NdmZsLp0axZA4ydhlX3P+GbVatvvRI5vPTN
tbOSk8Bg69W+GACUws38XZOuXirYZYiQw1A1/XFbbgWr1MF2KSQxk5rT9XEDpf0p
QNxT3eYA1ErMuazPqJIvgCzoknbgiWU4e++jxvobtwS4+63j6SC41i/8d1OuWC97
Fab5mKxF+efcj5H3u9++zNBsCLR4kO/ROJ3iqEOSlGWm
-----END CERTIFICATE-----
Generated at Fri May 24 09:06:54 2024 by rpki-client on console-ams.rpki-client.org