Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/2qsguptR-ndPaWj7GfmE0OfU4uU.roa
File: 2qsguptR-ndPaWj7GfmE0OfU4uU.roa (raw, json)
Hash identifier: EMspGoX446vR1n945XxiXBzhA31zzIwL9hIoUXAUO4c=
Subject key identifier: DA:AB:20:BA:9B:51:FA:77:4F:69:68:FB:19:F9:84:D0:E7:D4:E2:E5
Certificate issuer: /CN=16ea37a8e73e7679a933d70f7b9c872081024455
Certificate serial: 018CC451B509C8F448C81543742C48F5EF51
Authority key identifier: 16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/2qsguptR-ndPaWj7GfmE0OfU4uU.roa
Signing time: Mon 01 Jan 2024 09:18:58 +0000
ROA not before: Mon 01 Jan 2024 09:18:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201227
IP address blocks: 194.59.171.0/24 maxlen: 24
185.81.96.0/24 maxlen: 24
185.81.99.0/24 maxlen: 24
2a05:8642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:51:b5:09:c8:f4:48:c8:15:43:74:2c:48:f5:ef:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16ea37a8e73e7679a933d70f7b9c872081024455
Validity
Not Before: Jan 1 09:18:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daab20ba9b51fa774f6968fb19f984d0e7d4e2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:64:72:b2:1d:46:75:05:5c:c6:cb:c8:17:bf:
5d:59:d2:d2:51:29:93:8e:51:2a:0c:54:c0:ec:3c:
e2:fa:01:33:88:15:5e:b6:53:ec:8d:42:8f:f2:7f:
56:83:7c:f3:60:7b:0c:7e:7e:48:60:6a:45:1a:37:
1a:96:bb:b1:f7:6f:f9:8a:6b:b5:4d:da:f2:d6:91:
f1:5b:89:8b:b1:6e:46:a7:74:1a:93:23:26:5f:a7:
9b:e8:40:f4:cb:47:8e:af:2f:62:10:f7:14:f0:73:
ce:13:c6:60:96:23:a9:9a:1f:56:21:d7:20:48:55:
8a:dd:15:c4:9b:f8:e9:22:f1:96:58:88:13:a3:33:
07:2f:08:c2:56:e6:72:b2:ef:45:ae:8e:0b:53:41:
8e:88:7e:93:62:bc:3c:29:ed:87:51:f4:c5:6a:17:
e7:2f:36:12:6b:ba:b6:56:30:e8:42:ce:68:44:c7:
f0:7d:0b:88:a8:49:c6:8c:0c:86:dc:20:6c:fa:84:
30:1f:21:ea:c9:f5:3a:f2:44:28:47:96:3c:d9:c1:
43:ea:2b:2f:b7:45:d7:e2:b8:59:21:44:b3:fd:3c:
ea:ab:10:50:0f:a3:80:5d:db:cf:24:a0:82:6a:8a:
3b:e0:eb:f1:0c:a1:cd:18:cf:e7:13:fc:bc:db:93:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AB:20:BA:9B:51:FA:77:4F:69:68:FB:19:F9:84:D0:E7:D4:E2:E5
X509v3 Authority Key Identifier:
keyid:16:EA:37:A8:E7:3E:76:79:A9:33:D7:0F:7B:9C:87:20:81:02:44:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fuo3qOc-dnmpM9cPe5yHIIECRFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/2qsguptR-ndPaWj7GfmE0OfU4uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/51cd94-a055-43ee-a09b-472b0d072e83/1/Fuo3qOc-dnmpM9cPe5yHIIECRFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.96.0/24
185.81.99.0/24
194.59.171.0/24
IPv6:
2a05:8642::/32
Signature Algorithm: sha256WithRSAEncryption
21:4c:37:34:75:5e:da:5f:ca:4c:0a:21:14:e2:9a:c9:72:14:
84:65:36:96:8c:60:76:39:d9:b6:11:f1:34:0d:02:2d:22:03:
55:19:8b:ac:7b:8c:f1:32:d6:50:ac:36:bd:eb:84:8d:77:b6:
95:a6:f2:a2:cd:99:b4:50:8e:55:44:a4:41:1b:f5:82:cc:86:
90:e8:69:2d:87:86:5c:ef:d4:7b:10:23:9e:a9:35:be:04:f7:
d5:96:72:38:ee:62:be:8f:30:1f:06:86:1f:f0:d8:65:68:82:
df:31:49:69:97:4c:cd:9b:d1:1a:cf:50:bc:d6:9a:63:00:47:
0d:be:bb:d4:a4:fd:50:b1:63:90:47:0d:55:eb:33:8f:ae:f8:
8d:90:66:56:10:80:9d:94:da:e2:50:bf:e6:73:da:45:31:ad:
c1:10:a9:9f:f0:25:7c:b9:4f:35:15:41:9c:2b:ee:f8:fe:9d:
bc:c6:f4:95:5b:f3:cb:e6:6a:01:8f:bf:18:19:4b:5d:e6:d1:
62:2a:4a:89:9b:13:e0:d2:8b:1e:23:5b:b7:74:f4:cf:60:c4:
c1:b9:db:ce:b6:d0:fb:75:93:af:1f:10:dc:69:d6:6a:c1:99:
36:ca:23:75:34:89:e8:8e:77:cb:7d:c3:95:a3:88:cb:ab:0e:
5c:dc:27:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEUbUJyPRIyBVDdCxI9e9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZWEzN2E4ZTczZTc2NzlhOTMzZDcwZjdiOWM4NzIwODEw
MjQ0NTUwHhcNMjQwMTAxMDkxODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFiMjBiYTliNTFmYTc3NGY2OTY4ZmIxOWY5ODRkMGU3ZDRlMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mRysh1GdQVcxsvIF79dWdLSUSmT
jlEqDFTA7Dzi+gEziBVetlPsjUKP8n9Wg3zzYHsMfn5IYGpFGjcalrux92/5imu1
Tdry1pHxW4mLsW5Gp3QakyMmX6eb6ED0y0eOry9iEPcU8HPOE8ZgliOpmh9WIdcg
SFWK3RXEm/jpIvGWWIgTozMHLwjCVuZysu9Fro4LU0GOiH6TYrw8Ke2HUfTFahfn
LzYSa7q2VjDoQs5oRMfwfQuIqEnGjAyG3CBs+oQwHyHqyfU68kQoR5Y82cFD6isv
t0XX4rhZIUSz/TzqqxBQD6OAXdvPJKCCaoo74OvxDKHNGM/nE/y825MvZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNqrILqbUfp3T2lo+xn5hNDn1OLlMB8GA1UdIwQY
MBaAFBbqN6jnPnZ5qTPXD3uchyCBAkRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWIt
NDcyYjBkMDcyZTgzLzEvMnFzZ3VwdFItbmRQYVdqN0dmbUUwT2ZVNHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My81MWNkOTQtYTA1NS00M2VlLWEwOWItNDcyYjBkMDcyZTgz
LzEvRnVvM3FPYy1kbm1wTTljUGU1eUhJSUVDUkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuVFgAwQA
uVFjAwQAwjurMA0EAgACMAcDBQAqBYZCMA0GCSqGSIb3DQEBCwUAA4IBAQAhTDc0
dV7aX8pMCiEU4prJchSEZTaWjGB2Odm2EfE0DQItIgNVGYuse4zxMtZQrDa964SN
d7aVpvKizZm0UI5VRKRBG/WCzIaQ6Gkth4Zc79R7ECOeqTW+BPfVlnI47mK+jzAf
BoYf8NhlaILfMUlpl0zNm9Eaz1C81ppjAEcNvrvUpP1QsWOQRw1V6zOPrviNkGZW
EICdlNriUL/mc9pFMa3BEKmf8CV8uU81FUGcK+74/p28xvSVW/PL5moBj78YGUtd
5tFiKkqJmxPg0oseI1u3dPTPYMTBudvOttD7dZOvHxDcadZqwZk2yiN1NInojnfL
fcOVo4jLqw5c3Cdy
-----END CERTIFICATE-----
Generated at Sun May 19 06:37:27 2024 by rpki-client on console-ams.rpki-client.org