Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/qtWN1bsQegefvSc3xpfoMLgl4Kc.roa
File: qtWN1bsQegefvSc3xpfoMLgl4Kc.roa (raw, json)
Hash identifier: xU+QDmBfD5f6egY0e5NXA6s+PbpK2oEoORq0Zg/u51M=
Subject key identifier: AA:D5:8D:D5:BB:10:7A:07:9F:BD:27:37:C6:97:E8:30:B8:25:E0:A7
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0190BF950B27BE9FBC9DCF331008AF0F1127
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/qtWN1bsQegefvSc3xpfoMLgl4Kc.roa
Signing time: Wed 17 Jul 2024 07:25:34 +0000
ROA not before: Wed 17 Jul 2024 07:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21107
IP address blocks: 62.101.144.0/21 maxlen: 21
81.93.92.0/24 maxlen: 24
89.111.225.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.38.0/24 maxlen: 24
94.250.40.0/22 maxlen: 22
94.250.44.0/22 maxlen: 22
94.250.48.0/21 maxlen: 24
94.250.56.0/22 maxlen: 24
94.250.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:95:0b:27:be:9f:bc:9d:cf:33:10:08:af:0f:11:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jul 17 07:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aad58dd5bb107a079fbd2737c697e830b825e0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:b2:9a:5b:2f:27:e3:3d:d2:54:d1:6e:bc:
35:3d:e3:aa:c5:7e:ee:d9:ea:09:bd:e5:9b:08:80:
cb:8c:e2:01:d8:11:9d:1d:41:74:e7:61:d7:20:1a:
77:71:09:37:4a:d5:00:ee:82:65:65:db:75:cc:7a:
5f:88:a5:30:2d:25:d5:7c:92:97:e1:bf:2c:f3:1c:
28:d4:df:df:83:b3:aa:e6:8b:a8:1c:b0:a3:6a:ff:
0c:0e:cd:d9:28:72:c4:63:b9:3c:cd:db:78:20:0f:
63:58:a0:49:df:e7:34:0d:65:ba:38:26:db:bb:ab:
29:6a:67:76:f3:71:b4:90:10:cf:ef:60:5f:14:2e:
6d:82:bd:76:67:3b:42:f0:ae:14:86:17:3a:f0:54:
07:f0:1f:07:1b:84:dc:a4:a1:92:b8:29:44:95:12:
29:33:1a:a5:80:0e:49:7f:0b:83:d2:29:36:3b:01:
ec:15:59:f7:50:db:62:d8:db:87:bd:81:9b:0c:e9:
83:c1:f6:2f:53:a8:04:98:d1:29:e6:8b:f2:a3:d3:
ec:a5:e1:29:da:1e:91:6d:89:ee:8e:75:a3:d7:cf:
5e:4b:c3:40:65:2e:48:2e:c1:b3:a9:27:ee:e3:5e:
22:3f:73:52:01:83:53:2c:ee:43:88:2b:95:6a:e1:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D5:8D:D5:BB:10:7A:07:9F:BD:27:37:C6:97:E8:30:B8:25:E0:A7
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/qtWN1bsQegefvSc3xpfoMLgl4Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.101.144.0/21
81.93.92.0/24
89.111.225.0/24
94.250.37.0-94.250.38.255
94.250.40.0-94.250.59.255
94.250.88.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:00:28:66:35:22:97:d6:a0:f5:36:d4:a5:2e:43:24:3f:8c:
13:c8:1d:60:2d:22:36:00:e3:9d:05:bf:88:7b:16:21:76:d9:
ca:5b:7e:76:e0:ee:ef:17:5d:fe:ad:6d:c5:26:27:dd:6e:ed:
a2:9b:4b:2c:a7:a4:cc:c5:79:87:53:bc:de:76:cb:42:54:46:
0c:00:66:37:bd:2a:b4:30:55:5f:55:63:ea:80:c2:e3:ee:20:
c9:85:64:0a:16:6a:dd:e7:3e:97:a0:fb:a3:0e:6f:c3:ad:d6:
db:0e:7b:24:3c:c1:d4:7b:9f:ed:fd:3e:b4:98:11:23:a0:ff:
62:c7:d8:ed:bd:80:7e:dd:0a:ca:2d:7e:b9:f3:92:19:da:37:
d4:5a:19:14:73:e0:c2:f6:e6:d5:ca:29:7e:9c:28:24:ab:a7:
1e:5a:ff:56:02:53:ad:6e:0f:a6:f6:f7:f3:90:37:48:5c:b0:
bc:dc:4c:b8:24:d0:38:bf:cc:56:24:4e:06:76:34:85:8e:07:
be:b5:ea:2c:56:cc:3d:4e:75:68:97:f0:16:af:09:14:2a:9d:
f4:41:06:d7:92:eb:be:b1:52:7e:06:3f:fd:6c:ab:8e:f9:55:
f0:c7:5f:fa:54:e8:39:03:1a:e4:cf:77:f8:c8:06:0c:52:f8:
59:39:a7:49
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZC/lQsnvp+8nc8zEAivDxEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwNzE3MDcyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ1OGRkNWJiMTA3YTA3OWZiZDI3MzdjNjk3ZTgzMGI4MjVlMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0OymlsvJ+M90lTRbrw1PeOqxX7u
2eoJveWbCIDLjOIB2BGdHUF052HXIBp3cQk3StUA7oJlZdt1zHpfiKUwLSXVfJKX
4b8s8xwo1N/fg7Oq5ouoHLCjav8MDs3ZKHLEY7k8zdt4IA9jWKBJ3+c0DWW6OCbb
u6spamd283G0kBDP72BfFC5tgr12ZztC8K4Uhhc68FQH8B8HG4TcpKGSuClElRIp
MxqlgA5JfwuD0ik2OwHsFVn3UNti2NuHvYGbDOmDwfYvU6gEmNEp5ovyo9PspeEp
2h6RbYnujnWj189eS8NAZS5ILsGzqSfu414iP3NSAYNTLO5DiCuVauGBjQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKrVjdW7EHoHn70nN8aX6DC4JeCnMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvcXRXTjFic1FlZ2VmdlNjM3hwZm9NTGdsNEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQDPmWQAwQA
UV1cAwQAWW/hMAwDBABe+iUDBABe+iYwDAMEA176KAMEAl76OAMEA176WDANBgkq
hkiG9w0BAQsFAAOCAQEAbQAoZjUil9ag9TbUpS5DJD+ME8gdYC0iNgDjnQW/iHsW
IXbZylt+duDu7xdd/q1txSYn3W7toptLLKekzMV5h1O83nbLQlRGDABmN70qtDBV
X1Vj6oDC4+4gyYVkChZq3ec+l6D7ow5vw63W2w57JDzB1Huf7f0+tJgRI6D/YsfY
7b2Aft0Kyi1+ufOSGdo31FoZFHPgwvbm1copfpwoJKunHlr/VgJTrW4Ppvb385A3
SFywvNxMuCTQOL/MViROBnY0hY4HvrXqLFbMPU51aJfwFq8JFCqd9EEG15LrvrFS
fgY//WyrjvlV8Mdf+lToOQMa5M93+MgGDFL4WTmnSQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:17 2024 by rpki-client on console-fra.rpki-client.org