Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QjxY-zm0fSHZLRAWGzMxFHHCc2I.roa
File: QjxY-zm0fSHZLRAWGzMxFHHCc2I.roa (raw, json)
Hash identifier: NLXkhGYYczPj0jMwZ1XN2FRCwAhugwT8dlfvCT9vPyM=
Subject key identifier: 42:3C:58:FB:39:B4:7D:21:D9:2D:10:16:1B:33:31:14:71:C2:73:62
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018FAB19C1153E69C00144116192CACC3C19
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QjxY-zm0fSHZLRAWGzMxFHHCc2I.roa
Signing time: Fri 24 May 2024 14:55:42 +0000
ROA not before: Fri 24 May 2024 14:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56940
IP address blocks: 31.131.40.0/22 maxlen: 22
31.131.46.0/24 maxlen: 24
31.131.47.0/24 maxlen: 24
91.229.12.0/23 maxlen: 23
91.229.14.0/23 maxlen: 23
91.239.164.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
109.166.32.0/22 maxlen: 22
151.248.64.0/22 maxlen: 22
176.113.100.0/22 maxlen: 22
176.114.56.0/21 maxlen: 21
193.242.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:19:c1:15:3e:69:c0:01:44:11:61:92:ca:cc:3c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 24 14:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=423c58fb39b47d21d92d10161b33311471c27362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:19:6e:b1:7f:e2:78:50:43:e6:8c:3f:1d:
57:59:e8:87:5d:58:40:8a:4d:bc:03:d6:42:12:87:
3f:37:d9:b8:7d:3f:f9:e1:ef:99:f4:01:e0:71:ac:
9e:c2:31:69:66:0f:b0:a4:03:39:4e:57:fb:bf:d2:
1d:0d:92:29:82:5c:14:57:9d:f0:76:3d:5b:cc:ec:
55:16:1b:34:3b:02:10:15:ca:0f:5f:88:7b:af:4e:
64:c5:1b:1a:a0:ef:aa:dc:40:fd:00:db:3a:c1:04:
12:af:0b:41:7f:c1:e0:58:63:c2:e5:80:16:83:1d:
fc:e4:98:e0:29:4c:1d:b0:4e:3b:3e:67:d3:c4:03:
a0:61:ee:d0:d9:bf:e9:aa:9d:13:8a:d4:6b:e4:a3:
73:cd:91:b5:7e:d9:70:6c:a0:22:60:0a:7c:f3:18:
d0:f5:e0:20:d7:b2:58:51:21:42:ec:73:92:10:07:
ba:99:21:36:c6:3a:61:18:e5:f0:6d:75:87:c8:a9:
03:ce:65:64:37:8f:c9:04:24:29:71:07:14:5a:bc:
29:3b:d8:a1:33:63:45:4c:0b:e1:db:6f:f8:82:cb:
4c:81:0f:62:4e:1c:6e:3d:7f:3a:81:35:67:15:83:
33:40:8e:07:f3:5a:0a:23:6d:54:2e:db:80:fc:e9:
51:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3C:58:FB:39:B4:7D:21:D9:2D:10:16:1B:33:31:14:71:C2:73:62
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QjxY-zm0fSHZLRAWGzMxFHHCc2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.40.0/22
31.131.46.0/23
91.229.12.0/22
91.239.164.0/22
109.166.32.0/22
151.248.64.0/22
176.113.100.0/22
176.114.56.0/21
193.242.196.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:94:17:d3:9c:93:c6:2d:f4:79:02:84:6b:83:b8:24:fe:7f:
06:17:b1:5f:6c:7f:cb:db:06:67:24:c7:4e:42:17:85:23:c0:
5d:39:94:6b:77:6a:4f:ba:f3:5c:70:b7:8c:12:4d:21:3e:68:
ac:91:46:88:eb:0b:c3:7c:1c:36:99:98:6f:64:db:1b:4f:74:
02:d7:70:9b:54:d6:b6:d0:dc:ee:cf:81:cc:8f:4b:83:b1:df:
2d:34:60:12:f9:2e:5d:67:f5:14:b7:69:ce:25:c0:a8:dc:ac:
73:24:77:4b:13:82:77:bd:18:df:59:e2:8f:f6:70:f4:b0:d1:
f0:50:cf:56:15:a5:86:a5:ce:af:8f:13:f6:df:a6:4c:62:56:
a3:ef:57:5e:01:99:0e:69:47:1c:e6:b7:61:da:fa:1e:c3:c5:
76:5a:91:f5:5d:56:cc:cf:47:2c:be:9a:23:53:46:0b:1e:9a:
fc:f3:97:38:28:66:63:0a:59:9a:98:a5:d1:1c:40:75:a5:44:
d3:45:67:bf:49:6d:1b:a5:0e:e5:f8:78:fe:73:37:c8:21:27:
55:4e:8f:c4:11:c4:c3:67:79:c1:33:c7:fb:3f:ef:02:5d:22:
fc:1d:7f:a7:14:b6:b8:51:61:92:13:2a:31:5b:8c:56:64:cd:
41:63:88:63
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY+rGcEVPmnAAUQRYZLKzDwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwNTI0MTQ1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNjNThmYjM5YjQ3ZDIxZDkyZDEwMTYxYjMzMzExNDcxYzI3MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBoZbrF/4nhQQ+aMPx1XWeiHXVhA
ik28A9ZCEoc/N9m4fT/54e+Z9AHgcayewjFpZg+wpAM5Tlf7v9IdDZIpglwUV53w
dj1bzOxVFhs0OwIQFcoPX4h7r05kxRsaoO+q3ED9ANs6wQQSrwtBf8HgWGPC5YAW
gx385JjgKUwdsE47PmfTxAOgYe7Q2b/pqp0TitRr5KNzzZG1ftlwbKAiYAp88xjQ
9eAg17JYUSFC7HOSEAe6mSE2xjphGOXwbXWHyKkDzmVkN4/JBCQpcQcUWrwpO9ih
M2NFTAvh22/4gstMgQ9iThxuPX86gTVnFYMzQI4H81oKI21ULtuA/OlRSwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEI8WPs5tH0h2S0QFhszMRRxwnNiMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvUWp4WS16bTBmU0haTFJBV0d6TXhGSEhDYzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCH4MoAwQB
H4MuAwQCW+UMAwQCW++kAwQCbaYgAwQCl/hAAwQCsHFkAwQDsHI4AwQCwfLEMA0G
CSqGSIb3DQEBCwUAA4IBAQB9lBfTnJPGLfR5AoRrg7gk/n8GF7FfbH/L2wZnJMdO
QheFI8BdOZRrd2pPuvNccLeMEk0hPmiskUaI6wvDfBw2mZhvZNsbT3QC13CbVNa2
0Nzuz4HMj0uDsd8tNGAS+S5dZ/UUt2nOJcCo3KxzJHdLE4J3vRjfWeKP9nD0sNHw
UM9WFaWGpc6vjxP236ZMYlaj71deAZkOaUcc5rdh2voew8V2WpH1XVbMz0csvpoj
U0YLHpr885c4KGZjClmamKXRHEB1pUTTRWe/SW0bpQ7l+Hj+czfIISdVTo/EEcTD
Z3nBM8f7P+8CXSL8HX+nFLa4UWGSEyoxW4xWZM1BY4hj
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:55:59 2024 by rpki-client on console-fra.rpki-client.org