Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/qay2trarxDhXDpUrWpr7vvap8-I.roa
File: qay2trarxDhXDpUrWpr7vvap8-I.roa (raw, json)
Hash identifier: jiTkxi5BE9+fgdgeYNn8mc2AZASVhxxRJg1+pa8QK7Q=
Subject key identifier: A9:AC:B6:B6:B6:AB:C4:38:57:0E:95:2B:5A:9A:FB:BE:F6:A9:F3:E2
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 01912C6CAA86B82E1BD5BAFD9081545D1C74
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/qay2trarxDhXDpUrWpr7vvap8-I.roa
Signing time: Wed 07 Aug 2024 10:40:04 +0000
ROA not before: Wed 07 Aug 2024 10:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
45.94.128.0/23 maxlen: 23
45.94.130.0/23 maxlen: 23
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.10.252.0/22 maxlen: 24
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2c:6c:aa:86:b8:2e:1b:d5:ba:fd:90:81:54:5d:1c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Aug 7 10:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9acb6b6b6abc438570e952b5a9afbbef6a9f3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b1:e5:38:77:0b:61:7b:47:b8:f3:ff:34:f8:
b0:db:2a:79:35:e7:35:b3:68:c9:e6:70:38:fa:09:
bb:33:a7:47:03:2b:53:4e:8d:bc:2a:07:3b:41:3d:
36:f6:89:3a:4d:96:d8:d2:36:2b:b7:05:6a:92:b8:
e8:bf:b3:ee:1f:04:1d:a8:07:42:d1:80:7c:69:1d:
6d:76:36:4b:b4:27:2b:19:ed:6c:54:b0:cf:2d:a5:
ed:2a:5b:81:e7:72:96:da:e3:ab:89:60:08:e7:27:
b8:24:87:5a:98:4a:28:3c:a0:96:5e:7c:97:01:f0:
31:ab:53:7a:a3:50:ac:8f:5a:73:a4:4d:11:05:d0:
68:fa:ec:19:98:ab:8a:9a:ca:cb:c1:f5:8f:83:fc:
c2:5a:e3:80:61:89:96:75:b2:6c:66:69:a8:29:fe:
aa:88:ed:52:7d:0a:86:3e:60:ec:54:78:82:6a:60:
68:1d:01:d3:53:a6:b2:21:24:05:0e:b8:0d:2c:63:
c2:93:86:d1:64:d7:c3:56:87:60:50:b4:34:e9:7f:
e9:71:0c:66:f9:36:3e:da:1d:48:88:00:c2:b9:62:
aa:a1:9a:bb:e0:f6:a3:ee:be:a2:0b:a0:46:6f:56:
5c:97:d3:05:1d:16:99:c9:8a:f2:c9:b7:24:50:bb:
75:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AC:B6:B6:B6:AB:C4:38:57:0E:95:2B:5A:9A:FB:BE:F6:A9:F3:E2
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/qay2trarxDhXDpUrWpr7vvap8-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0-45.10.226.255
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.10.252.0/22
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
38:2c:5d:c5:33:13:69:4d:61:f7:33:97:26:47:89:b7:db:63:
bb:67:54:fe:62:5f:10:45:5a:c2:6b:9d:e5:e7:92:47:05:68:
d8:f2:ea:a0:9e:ed:87:67:39:54:82:c6:d7:65:9a:75:74:ee:
79:e6:aa:24:c0:67:51:ea:62:bf:0a:72:d8:da:de:df:c7:f3:
75:2f:d5:80:ac:28:75:52:62:9c:9e:23:3a:69:29:25:2a:40:
bc:a9:ea:39:15:29:01:c7:14:e0:ec:1c:cc:66:5f:fe:5f:15:
97:79:3c:6a:51:0d:b4:5a:30:c7:fa:14:5b:63:01:bb:0e:61:
ac:e5:b1:0a:9e:bc:0d:e0:9a:43:88:a7:c4:b5:39:14:59:00:
5b:a6:5f:04:0d:1f:74:e2:18:fe:7e:54:df:6e:59:e1:f3:55:
bc:cb:c0:70:99:21:4d:5b:9e:51:63:92:2e:ed:5f:2c:ad:e0:
37:59:2d:22:70:34:36:f7:42:04:1b:15:53:d5:7d:d4:68:4a:
3f:f9:4d:40:df:e5:0a:da:c9:a5:90:07:98:0a:d6:70:13:8f:
6a:3f:ce:65:1e:27:db:76:a3:d2:eb:aa:c4:3e:7b:7f:70:65:
ec:a0:eb:f6:fe:d5:3c:ba:9a:42:29:9e:9d:ce:51:4a:fb:f7:
04:39:1a:c3
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZEsbKqGuC4b1br9kIFUXRx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwODA3MTA0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFjYjZiNmI2YWJjNDM4NTcwZTk1MmI1YTlhZmJiZWY2YTlmM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbHlOHcLYXtHuPP/NPiw2yp5Nec1
s2jJ5nA4+gm7M6dHAytTTo28Kgc7QT029ok6TZbY0jYrtwVqkrjov7PuHwQdqAdC
0YB8aR1tdjZLtCcrGe1sVLDPLaXtKluB53KW2uOriWAI5ye4JIdamEooPKCWXnyX
AfAxq1N6o1Csj1pzpE0RBdBo+uwZmKuKmsrLwfWPg/zCWuOAYYmWdbJsZmmoKf6q
iO1SfQqGPmDsVHiCamBoHQHTU6ayISQFDrgNLGPCk4bRZNfDVodgULQ06X/pcQxm
+TY+2h1IiADCuWKqoZq74Paj7r6iC6BGb1Zcl9MFHRaZyYryybckULt18QIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFKmstra2q8Q4Vw6VK1qa+772qfPiMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvcWF5MnRyYXJ4RGhYRHBVcldwcjd2dmFwOC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQFLQrg
AwQALQriMAwDBAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOy
FDADBAK5CvwDBAK5dgADBAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMF
ACoAG4gDBQMqAiF4MA0GCSqGSIb3DQEBCwUAA4IBAQA4LF3FMxNpTWH3M5cmR4m3
22O7Z1T+Yl8QRVrCa53l55JHBWjY8uqgnu2HZzlUgsbXZZp1dO555qokwGdR6mK/
CnLY2t7fx/N1L9WArCh1UmKcniM6aSklKkC8qeo5FSkBxxTg7BzMZl/+XxWXeTxq
UQ20WjDH+hRbYwG7DmGs5bEKnrwN4JpDiKfEtTkUWQBbpl8EDR904hj+flTfblnh
81W8y8BwmSFNW55RY5Iu7V8sreA3WS0icDQ290IEGxVT1X3UaEo/+U1A3+UK2sml
kAeYCtZwE49qP85lHifbdqPS66rEPnt/cGXsoOv2/tU8uppCKZ6dzlFK+/cEORrD
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:11 2024 by rpki-client on console-fra.rpki-client.org