Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dqCfspEn8yrdqMXW1ZukNWIgbqM.roa
File: dqCfspEn8yrdqMXW1ZukNWIgbqM.roa (raw, json)
Hash identifier: oHCT/quGvp8IVC7CzC4u4VV266uou0DcTvOLlOf1NOg=
Subject key identifier: 76:A0:9F:B2:91:27:F3:2A:DD:A8:C5:D6:D5:9B:A4:35:62:20:6E:A3
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 018CC9BA5D6645F2CECB203233408209BB75
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dqCfspEn8yrdqMXW1ZukNWIgbqM.roa
Signing time: Tue 02 Jan 2024 10:31:23 +0000
ROA not before: Tue 02 Jan 2024 10:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13307
IP address blocks: 195.95.202.0/23 maxlen: 24
91.90.16.0/21 maxlen: 24
194.88.206.0/23 maxlen: 24
194.143.144.0/23 maxlen: 24
91.203.88.0/22 maxlen: 24
195.140.168.0/22 maxlen: 24
193.43.224.0/22 maxlen: 24
195.234.68.0/22 maxlen: 24
195.20.96.0/23 maxlen: 24
2a01:6d80::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:5d:66:45:f2:ce:cb:20:32:33:40:82:09:bb:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Jan 2 10:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76a09fb29127f32adda8c5d6d59ba43562206ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0a:54:2e:d3:86:df:2f:73:69:8d:a5:a3:17:
b9:57:a0:a9:6b:85:05:1f:22:f4:0e:5c:e2:e0:78:
ae:cb:4f:24:0b:c5:6e:54:dd:5f:32:d0:5e:9d:2d:
a2:1c:fc:ce:63:0f:2b:e7:d9:a5:87:5e:1c:76:7d:
0c:aa:36:5b:0c:d3:85:2e:1b:bd:2d:5d:b6:05:c4:
be:68:a2:9f:c2:50:66:c0:8b:f3:4d:31:a4:a4:12:
8b:ea:1b:82:21:cd:21:0b:4d:7f:a7:0f:fc:1f:81:
d4:30:df:84:80:f4:b4:d5:7e:68:0d:b5:75:b3:67:
03:a5:ff:56:f9:cb:2c:20:ed:9c:fa:b6:af:c6:1c:
48:62:d3:6c:2f:e3:05:f8:5d:a5:09:bf:1d:57:0c:
04:29:03:4b:56:a9:98:e6:b7:d6:44:75:ef:3a:5a:
fe:c2:c4:9d:b2:5e:1a:86:93:46:83:90:e6:1e:3c:
9b:f6:cc:8b:e4:da:4d:d3:ef:a5:6b:1e:3c:4d:1e:
9e:6e:d6:b7:a7:07:e8:6c:15:7d:a9:71:07:37:18:
a2:33:06:87:57:77:01:db:03:86:95:6e:9c:4a:35:
38:6e:cf:cb:4a:72:29:10:8a:f7:d7:48:bc:30:af:
9d:9e:b9:bd:30:a5:cf:0c:c0:06:8b:08:bb:be:1f:
4a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A0:9F:B2:91:27:F3:2A:DD:A8:C5:D6:D5:9B:A4:35:62:20:6E:A3
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dqCfspEn8yrdqMXW1ZukNWIgbqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.16.0/21
91.203.88.0/22
193.43.224.0/22
194.88.206.0/23
194.143.144.0/23
195.20.96.0/23
195.95.202.0/23
195.140.168.0/22
195.234.68.0/22
IPv6:
2a01:6d80::/36
Signature Algorithm: sha256WithRSAEncryption
90:eb:a7:20:60:90:6e:2b:0c:8f:8e:61:da:4f:13:f7:01:30:
2e:49:f8:1b:6d:84:ae:6b:ab:1b:ce:d3:fc:e9:db:1e:94:42:
f0:75:e3:07:6a:c0:ea:07:a2:60:9e:4f:bd:dd:ad:15:9a:d8:
38:85:7f:fe:f3:fd:81:22:56:28:cf:6b:45:4b:22:78:c8:21:
aa:e3:4a:db:76:0e:c9:58:1f:77:d6:30:d5:6d:bf:0c:f9:fa:
b0:9e:c2:ee:67:4e:0f:f7:86:fb:a1:68:e7:33:e3:3e:8f:c4:
52:76:6b:6c:b6:c8:6a:1c:33:03:6f:d1:ee:10:3e:55:c1:18:
b6:8b:19:bc:84:df:ed:d7:44:7a:ba:e6:25:8f:42:75:59:19:
9e:f7:51:14:5f:c6:44:0e:a3:15:b8:32:17:af:55:e4:29:64:
7d:ed:d1:6e:a7:7a:64:d4:ea:f6:d0:54:be:f3:19:47:7f:79:
7d:37:66:d8:b3:a3:91:07:a2:e9:44:c4:82:8a:97:67:b6:c3:
89:eb:94:4b:1c:6d:80:58:9d:60:04:07:dc:9c:82:9a:c7:c9:
ee:29:7c:c3:d5:f7:4e:00:32:82:3d:7b:16:28:e2:9f:45:53:
3b:79:b7:53:27:49:a5:13:59:bc:4c:78:79:c9:f8:52:a5:ca:
41:b2:35:17
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzJul1mRfLOyyAyM0CCCbt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjQwMTAyMTAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmEwOWZiMjkxMjdmMzJhZGRhOGM1ZDZkNTliYTQzNTYyMjA2ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgApULtOG3y9zaY2loxe5V6Cpa4UF
HyL0Dlzi4Hiuy08kC8VuVN1fMtBenS2iHPzOYw8r59mlh14cdn0MqjZbDNOFLhu9
LV22BcS+aKKfwlBmwIvzTTGkpBKL6huCIc0hC01/pw/8H4HUMN+EgPS01X5oDbV1
s2cDpf9W+cssIO2c+ravxhxIYtNsL+MF+F2lCb8dVwwEKQNLVqmY5rfWRHXvOlr+
wsSdsl4ahpNGg5DmHjyb9syL5NpN0++lax48TR6ebta3pwfobBV9qXEHNxiiMwaH
V3cB2wOGlW6cSjU4bs/LSnIpEIr310i8MK+dnrm9MKXPDMAGiwi7vh9KewIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHagn7KRJ/Mq3ajF1tWbpDViIG6jMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvZHFDZnNwRW44eXJkcU1YVzFadWtOV0lnYnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA8BAIAATA2AwQDW1oQAwQC
W8tYAwQCwSvgAwQBwljOAwQBwo+QAwQBwxRgAwQBw1/KAwQCw4yoAwQCw+pEMA4E
AgACMAgDBgQqAW2AADANBgkqhkiG9w0BAQsFAAOCAQEAkOunIGCQbisMj45h2k8T
9wEwLkn4G22ErmurG87T/OnbHpRC8HXjB2rA6geiYJ5Pvd2tFZrYOIV//vP9gSJW
KM9rRUsieMghquNK23YOyVgfd9Yw1W2/DPn6sJ7C7mdOD/eG+6Fo5zPjPo/EUnZr
bLbIahwzA2/R7hA+VcEYtosZvITf7ddEerrmJY9CdVkZnvdRFF/GRA6jFbgyF69V
5Clkfe3Rbqd6ZNTq9tBUvvMZR395fTdm2LOjkQei6UTEgoqXZ7bDieuUSxxtgFid
YAQH3JyCmsfJ7il8w9X3TgAygj17Fijin0VTO3m3UydJpRNZvEx4ecn4UqXKQbI1
Fw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:01 2024 by rpki-client on console-ams.rpki-client.org