Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/0nQykjNHPLxrd9R9hOpS8SnPpY8.roa
File: 0nQykjNHPLxrd9R9hOpS8SnPpY8.roa (raw, json)
Hash identifier: rfw0uqVht1lOl/BEt7Tz/THtJZlzqBhBdtnpLeapZT4=
Subject key identifier: D2:74:32:92:33:47:3C:BC:6B:77:D4:7D:84:EA:52:F1:29:CF:A5:8F
Certificate issuer: /CN=82a4161acabf66d425ed878c5da96a7d5cb3ffe4
Certificate serial: 018CC80176287CF0F84D2491D1EC536EFB5E
Authority key identifier: 82:A4:16:1A:CA:BF:66:D4:25:ED:87:8C:5D:A9:6A:7D:5C:B3:FF:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/0nQykjNHPLxrd9R9hOpS8SnPpY8.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59959
IP address blocks: 185.243.124.0/22 maxlen: 22
2a0d:1380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:76:28:7c:f0:f8:4d:24:91:d1:ec:53:6e:fb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82a4161acabf66d425ed878c5da96a7d5cb3ffe4
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d274329233473cbc6b77d47d84ea52f129cfa58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:94:da:a3:09:ef:75:c1:bc:fc:39:83:2b:88:
00:06:39:bc:6d:fa:a5:cf:3d:be:ed:47:d0:a4:7b:
64:ea:93:7a:d7:a6:13:7f:7c:e1:6e:d2:ee:5f:ad:
92:b3:02:d7:53:34:b7:72:22:ce:67:22:98:c3:5b:
8b:d4:46:c4:8e:83:3a:c0:ef:26:c7:45:66:a8:f0:
8c:ab:0a:b6:4d:bb:b5:8a:31:09:f1:09:89:93:80:
f2:66:4e:b7:92:19:d8:fe:fb:8e:44:96:e4:18:43:
32:4a:c2:79:9a:fd:76:0f:49:2d:b5:8a:c6:6b:73:
8e:90:23:8d:f3:24:2a:49:1b:e9:77:07:b4:d2:7f:
ed:73:4e:4e:01:c6:62:0f:57:bf:7f:c5:31:a1:16:
bb:f6:d2:fd:6a:44:3c:f6:ae:2c:3e:04:cd:ed:ff:
f1:25:4c:91:e3:e3:72:19:0b:a2:1c:77:42:8f:46:
d7:95:b7:c2:22:ec:ec:71:67:a5:ca:c5:ca:7c:49:
f2:95:de:0f:48:5e:25:1a:24:42:eb:fc:f1:a3:17:
c9:72:ef:5e:95:80:4b:78:cb:0e:a9:b1:a2:19:d2:
f8:a8:2e:d3:9f:99:49:d7:b3:be:70:06:4f:40:fa:
a7:4e:88:c5:48:49:cd:75:9a:49:21:f2:91:ad:b3:
33:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:74:32:92:33:47:3C:BC:6B:77:D4:7D:84:EA:52:F1:29:CF:A5:8F
X509v3 Authority Key Identifier:
keyid:82:A4:16:1A:CA:BF:66:D4:25:ED:87:8C:5D:A9:6A:7D:5C:B3:FF:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/0nQykjNHPLxrd9R9hOpS8SnPpY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.124.0/22
IPv6:
2a0d:1380::/29
Signature Algorithm: sha256WithRSAEncryption
68:95:8c:e9:c1:36:12:6b:81:96:2f:02:6e:a9:a6:46:c5:cb:
74:fc:fe:67:52:29:d4:59:87:c8:75:b6:26:a9:23:97:96:66:
f7:2c:aa:f1:cd:7a:a1:3d:87:b6:ba:38:02:1d:3e:d7:e4:ca:
28:b5:6a:a7:60:0d:18:09:c7:1d:99:2b:47:51:95:e3:e7:ec:
3c:79:18:1c:b0:26:eb:1e:81:94:6d:56:53:3b:8e:d0:49:6f:
39:17:5d:fd:3d:32:a5:32:49:09:0d:6a:8b:fc:38:65:bf:3f:
18:33:fe:00:6b:3a:cc:46:da:84:c3:64:bf:85:eb:fc:f3:bc:
08:2c:03:8c:54:0c:32:4a:21:d1:9e:e4:fa:1c:20:0c:61:2e:
69:48:b4:78:9f:98:c0:5e:11:47:d6:74:57:a6:4d:bf:bd:2b:
a4:36:57:d2:ad:38:24:a7:4c:e9:b7:ab:4e:f2:cc:92:7d:fd:
d8:6e:62:6b:7a:c9:54:36:a4:0a:8a:c3:08:29:86:cc:56:b1:
72:a1:cc:21:04:7a:87:70:20:a7:ec:1e:37:f2:2e:c0:b4:4c:
66:83:c2:3b:cd:d1:03:24:64:85:e8:ef:bc:31:07:24:11:0b:
e4:01:ca:cc:09:a6:51:71:a4:09:a1:2e:6f:ae:e5:01:83:f3:
4b:57:bd:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAXYofPD4TSSR0exTbvteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYTQxNjFhY2FiZjY2ZDQyNWVkODc4YzVkYTk2YTdkNWNi
M2ZmZTQwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc0MzI5MjMzNDczY2JjNmI3N2Q0N2Q4NGVhNTJmMTI5Y2ZhNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpTaownvdcG8/DmDK4gABjm8bfql
zz2+7UfQpHtk6pN616YTf3zhbtLuX62SswLXUzS3ciLOZyKYw1uL1EbEjoM6wO8m
x0VmqPCMqwq2Tbu1ijEJ8QmJk4DyZk63khnY/vuORJbkGEMySsJ5mv12D0kttYrG
a3OOkCON8yQqSRvpdwe00n/tc05OAcZiD1e/f8UxoRa79tL9akQ89q4sPgTN7f/x
JUyR4+NyGQuiHHdCj0bXlbfCIuzscWelysXKfEnyld4PSF4lGiRC6/zxoxfJcu9e
lYBLeMsOqbGiGdL4qC7Tn5lJ17O+cAZPQPqnTojFSEnNdZpJIfKRrbMzjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNJ0MpIzRzy8a3fUfYTqUvEpz6WPMB8GA1UdIwQY
MBaAFIKkFhrKv2bUJe2HjF2pan1cs//kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3FRV0dzcV9adFFsN1llTVhhbHFmVnl6Xy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MjA5YjYtZDY0Yy00MzYwLThjMmIt
NmY3MGQ1M2NiZWY2LzEvMG5ReWtqTkhQTHhyZDlSOWhPcFM4U25QcFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MjA5YjYtZDY0Yy00MzYwLThjMmItNmY3MGQ1M2NiZWY2
LzEvZ3FRV0dzcV9adFFsN1llTVhhbHFmVnl6Xy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufN8MA0E
AgACMAcDBQMqDROAMA0GCSqGSIb3DQEBCwUAA4IBAQBolYzpwTYSa4GWLwJuqaZG
xct0/P5nUinUWYfIdbYmqSOXlmb3LKrxzXqhPYe2ujgCHT7X5MootWqnYA0YCccd
mStHUZXj5+w8eRgcsCbrHoGUbVZTO47QSW85F139PTKlMkkJDWqL/Dhlvz8YM/4A
azrMRtqEw2S/hev887wILAOMVAwySiHRnuT6HCAMYS5pSLR4n5jAXhFH1nRXpk2/
vSukNlfSrTgkp0zpt6tO8sySff3YbmJreslUNqQKisMIKYbMVrFyocwhBHqHcCCn
7B438i7AtExmg8I7zdEDJGSF6O+8MQckEQvkAcrMCaZRcaQJoS5vruUBg/NLV73t
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:01:25 2024 by rpki-client on console-ams.rpki-client.org