Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/Q0ks4-VeVkAFeBCBvOpYcer3xyc.roa
File: Q0ks4-VeVkAFeBCBvOpYcer3xyc.roa (raw, json)
Hash identifier: rrXd8rf/QDPe2hkyaeyCO3MjFfBkRVMlvapHAANSBMM=
Subject key identifier: 43:49:2C:E3:E5:5E:56:40:05:78:10:81:BC:EA:58:71:EA:F7:C7:27
Certificate issuer: /CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Certificate serial: 01904E9177257A1FEDEC016EEE44BD45FBD1
Authority key identifier: 9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/Q0ks4-VeVkAFeBCBvOpYcer3xyc.roa
Signing time: Tue 25 Jun 2024 08:44:34 +0000
ROA not before: Tue 25 Jun 2024 08:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202020
IP address blocks: 37.130.232.0/21 maxlen: 21
46.17.180.0/22 maxlen: 22
46.229.244.0/23 maxlen: 23
46.229.248.0/23 maxlen: 23
92.246.72.0/22 maxlen: 22
185.56.68.0/22 maxlen: 22
185.219.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.mft
rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:91:77:25:7a:1f:ed:ec:01:6e:ee:44:bd:45:fb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e25f8763aa351689b6ba336269ab21c4e0120b3
Validity
Not Before: Jun 25 08:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43492ce3e55e564005781081bcea5871eaf7c727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d5:a4:c1:8a:4e:c8:f1:b0:7b:29:f3:df:7c:
c6:62:74:81:d2:8a:60:e2:ba:10:a7:34:e5:e8:1b:
3e:e1:a6:88:9d:2e:96:db:e8:c4:4f:43:c4:b8:29:
2f:63:0a:0e:29:ed:93:a4:27:88:6e:4b:91:5b:05:
e3:59:9a:3f:10:b6:94:e1:6b:53:0e:02:c6:6b:76:
97:c6:48:a1:82:be:09:6b:bc:b6:2c:5c:e4:db:13:
1b:1f:84:f8:e9:06:fc:dc:02:13:f0:e9:90:7f:ad:
cf:49:cf:4f:d1:10:7a:2b:7e:16:ec:97:f5:c4:c4:
0b:0f:01:68:11:2f:3c:95:bf:92:78:10:e1:a7:2c:
47:18:bd:aa:3a:04:7b:ef:ea:48:0a:c5:64:95:6b:
d1:b3:d4:a1:ee:e0:00:14:5a:f2:db:f2:71:8e:1a:
17:98:4b:45:44:b0:16:41:a8:e0:64:10:f0:94:1e:
ff:6a:1a:c6:04:03:6c:1e:8f:0f:8a:30:69:d9:bb:
2c:c2:d6:50:31:1c:87:7d:26:01:01:25:83:7c:f1:
14:c5:73:cd:6d:30:d2:ef:62:63:3b:a5:62:a8:5c:
3e:54:c1:82:92:4a:a1:56:6c:34:22:7d:a0:48:4f:
b9:34:58:48:74:b9:23:94:c1:e3:85:8b:91:31:80:
f3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:49:2C:E3:E5:5E:56:40:05:78:10:81:BC:EA:58:71:EA:F7:C7:27
X509v3 Authority Key Identifier:
keyid:9E:25:F8:76:3A:A3:51:68:9B:6B:A3:36:26:9A:B2:1C:4E:01:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niX4djqjUWiba6M2JpqyHE4BILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/Q0ks4-VeVkAFeBCBvOpYcer3xyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/0a4564-a525-4615-9a3a-8930ebb83e31/1/niX4djqjUWiba6M2JpqyHE4BILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.232.0/21
46.17.180.0/22
46.229.244.0/23
46.229.248.0/23
92.246.72.0/22
185.56.68.0/22
185.219.64.0/22
Signature Algorithm: sha256WithRSAEncryption
59:78:3a:2b:05:0b:ac:c9:46:f4:8f:d3:da:aa:4e:66:ff:e2:
b4:fb:25:3c:71:7a:be:65:c9:96:d4:3c:62:f3:ae:e0:6e:b8:
67:e5:63:a4:01:46:dc:9d:2c:b2:94:96:3f:d8:0f:6a:87:c6:
b9:64:54:f9:ff:bb:a5:b5:78:9f:ea:00:9c:ea:65:ef:90:1a:
fe:fa:27:de:7f:9e:16:c4:34:2f:2a:a2:bb:65:b9:32:e0:aa:
0e:13:f7:29:4c:7b:81:ed:eb:03:e6:a2:a4:16:04:5c:d8:fc:
b7:bf:b0:ce:e9:72:d5:91:17:65:91:4d:7e:6b:ab:fb:e6:37:
8d:b1:6a:41:09:59:68:b9:3d:c0:3a:b1:9e:a6:67:94:7b:56:
51:44:f7:01:74:a6:12:18:81:d3:51:e5:db:47:9a:f9:5a:cb:
80:fc:30:af:69:70:3a:90:7e:43:37:46:55:f8:a8:18:f4:82:
25:0b:3d:1c:71:f8:52:08:68:01:a0:66:57:e9:35:61:2a:fd:
c0:56:4f:b8:cb:8a:ce:97:be:22:b9:9f:38:30:e3:9d:37:3e:
38:29:11:3f:86:13:b7:d7:5f:d6:67:83:64:8a:5d:b3:df:c5:
e7:5b:ce:c6:b3:90:e8:a8:27:53:c4:7f:0e:72:75:9e:59:e5:
d3:8c:e5:5d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZBOkXcleh/t7AFu7kS9RfvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjVmODc2M2FhMzUxNjg5YjZiYTMzNjI2OWFiMjFjNGUw
MTIwYjMwHhcNMjQwNjI1MDg0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ5MmNlM2U1NWU1NjQwMDU3ODEwODFiY2VhNTg3MWVhZjdjNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9WkwYpOyPGweynz33zGYnSB0opg
4roQpzTl6Bs+4aaInS6W2+jET0PEuCkvYwoOKe2TpCeIbkuRWwXjWZo/ELaU4WtT
DgLGa3aXxkihgr4Ja7y2LFzk2xMbH4T46Qb83AIT8OmQf63PSc9P0RB6K34W7Jf1
xMQLDwFoES88lb+SeBDhpyxHGL2qOgR77+pICsVklWvRs9Sh7uAAFFry2/JxjhoX
mEtFRLAWQajgZBDwlB7/ahrGBANsHo8PijBp2bsswtZQMRyHfSYBASWDfPEUxXPN
bTDS72JjO6ViqFw+VMGCkkqhVmw0In2gSE+5NFhIdLkjlMHjhYuRMYDzbQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFENJLOPlXlZABXgQgbzqWHHq98cnMB8GA1UdIwQY
MBaAFJ4l+HY6o1Fom2ujNiaashxOASCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2Et
ODkzMGViYjgzZTMxLzEvUTBrczQtVmVWa0FGZUJDQnZPcFljZXIzeHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wYTQ1NjQtYTUyNS00NjE1LTlhM2EtODkzMGViYjgzZTMx
LzEvbmlYNGRqcWpVV2liYTZNMkpwcXlIRTRCSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJYLoAwQC
LhG0AwQBLuX0AwQBLuX4AwQCXPZIAwQCuThEAwQCudtAMA0GCSqGSIb3DQEBCwUA
A4IBAQBZeDorBQusyUb0j9Paqk5m/+K0+yU8cXq+ZcmW1Dxi867gbrhn5WOkAUbc
nSyylJY/2A9qh8a5ZFT5/7ultXif6gCc6mXvkBr++ifef54WxDQvKqK7Zbky4KoO
E/cpTHuB7esD5qKkFgRc2Py3v7DO6XLVkRdlkU1+a6v75jeNsWpBCVlouT3AOrGe
pmeUe1ZRRPcBdKYSGIHTUeXbR5r5WsuA/DCvaXA6kH5DN0ZV+KgY9IIlCz0ccfhS
CGgBoGZX6TVhKv3AVk+4y4rOl74iuZ84MOOdNz44KRE/hhO311/WZ4Nkil2z38Xn
W87Gs5DoqCdTxH8OcnWeWeXTjOVd
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:16:25 2024 by rpki-client on console-ams.rpki-client.org