Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/qXy4vllmoKYrASy-nsftvos3NYc.roa
File: qXy4vllmoKYrASy-nsftvos3NYc.roa (raw, json)
Hash identifier: 0LgiH65khRVirWvLQlAY8gjNN2r3RfP6GWZqMEr50uE=
Subject key identifier: A9:7C:B8:BE:59:66:A0:A6:2B:01:2C:BE:9E:C7:ED:BE:8B:37:35:87
Certificate issuer: /CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Certificate serial: 018CC9BB98F71C58E767C3DB9B2E01985785
Authority key identifier: CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/qXy4vllmoKYrASy-nsftvos3NYc.roa
Signing time: Tue 02 Jan 2024 10:32:43 +0000
ROA not before: Tue 02 Jan 2024 10:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1103
IP address blocks: 137.224.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:98:f7:1c:58:e7:67:c3:db:9b:2e:01:98:57:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Validity
Not Before: Jan 2 10:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a97cb8be5966a0a62b012cbe9ec7edbe8b373587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:5a:5a:f9:40:10:5a:c8:45:c5:61:e2:6c:
af:bb:2e:86:43:23:f4:4d:55:cb:3d:c1:e1:93:4f:
ac:26:eb:33:8f:01:d6:f3:5a:80:0c:47:3c:12:7b:
75:b5:44:81:ae:ca:99:1f:9f:83:f9:05:90:2b:06:
da:f9:f6:b5:0d:62:50:a5:44:fe:40:8a:ce:19:be:
c5:68:70:f3:0d:72:3b:17:a4:20:71:16:59:99:d4:
ae:37:e6:b7:f2:d7:63:45:1d:86:b0:f9:71:67:6e:
42:08:d1:b0:05:f5:af:a4:aa:9a:7a:3e:62:66:d0:
ad:ab:1b:b7:b2:f3:eb:a6:2f:4b:d3:b2:c2:38:63:
a0:9a:58:b5:b9:d1:34:e9:78:83:da:81:f5:91:be:
d8:09:3f:32:18:fc:1f:90:84:55:68:c3:13:27:ff:
d7:e4:40:4d:4b:86:c3:c6:54:2c:95:c2:9b:0d:58:
f0:83:0c:e8:a1:5f:4c:85:96:fe:d1:f6:93:23:fa:
f5:4a:ee:8f:97:c0:d7:30:fd:c1:9b:91:2d:45:10:
b7:f8:fb:ff:33:56:28:d4:f7:1e:ce:14:46:42:ee:
28:92:4b:2b:02:32:cf:33:77:c9:6b:9b:43:bf:0a:
28:06:0b:39:5d:1c:f2:97:d5:c2:93:0b:83:59:b9:
d5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7C:B8:BE:59:66:A0:A6:2B:01:2C:BE:9E:C7:ED:BE:8B:37:35:87
X509v3 Authority Key Identifier:
keyid:CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/qXy4vllmoKYrASy-nsftvos3NYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:cc:56:cb:a9:2a:56:08:bd:08:0f:8c:09:01:47:da:9f:a6:
13:47:e3:af:f1:b0:ef:ff:d0:1d:48:e8:63:42:50:73:8a:fd:
e6:85:5a:30:31:39:21:34:37:9a:e0:d6:97:79:9b:f0:33:2d:
ae:d0:f6:df:cc:5f:38:ed:16:b2:f4:3e:fd:78:7e:e9:32:49:
9d:2f:88:19:df:89:9c:4b:1e:19:1e:f6:1a:ea:1b:eb:27:f3:
c6:1e:d2:db:5c:f7:a8:0c:ac:22:3a:9d:df:ea:2e:8f:70:31:
b3:4e:36:02:91:b3:19:42:ad:9d:a0:5b:50:bd:f0:98:38:63:
1c:12:a2:60:f8:ed:28:e4:25:9c:32:bc:39:90:a8:0c:2a:45:
59:46:2d:36:e4:de:5f:52:0e:f9:39:78:5a:76:d2:c7:a1:f8:
ef:ac:57:8b:71:cc:08:29:7d:03:37:13:94:11:f5:1f:df:48:
fd:6e:e6:3a:19:e1:4d:fb:e1:8d:81:4d:3a:7b:83:77:2c:68:
b7:50:1a:e6:38:58:35:7b:47:d2:41:a0:b6:d5:b0:33:a2:23:
8d:4c:1c:49:ea:32:d0:91:29:f2:27:63:1f:1d:7e:80:01:1f:
b0:0c:6d:b3:00:86:1f:07:e9:5d:69:d5:65:57:44:4c:fd:51:
46:a1:5d:23
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJu5j3HFjnZ8Pbmy4BmFeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTZhYTBlMjE1NThjOTJhNDg2NTQyNDRlMDU5NjFhMWZj
ZmEwZjIwHhcNMjQwMTAyMTAzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTdjYjhiZTU5NjZhMGE2MmIwMTJjYmU5ZWM3ZWRiZThiMzczNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVpaWvlAEFrIRcVh4myvuy6GQyP0
TVXLPcHhk0+sJuszjwHW81qADEc8Ent1tUSBrsqZH5+D+QWQKwba+fa1DWJQpUT+
QIrOGb7FaHDzDXI7F6QgcRZZmdSuN+a38tdjRR2GsPlxZ25CCNGwBfWvpKqaej5i
ZtCtqxu3svPrpi9L07LCOGOgmli1udE06XiD2oH1kb7YCT8yGPwfkIRVaMMTJ//X
5EBNS4bDxlQslcKbDVjwgwzooV9MhZb+0faTI/r1Su6Pl8DXMP3Bm5EtRRC3+Pv/
M1Yo1PcezhRGQu4okksrAjLPM3fJa5tDvwooBgs5XRzyl9XCkwuDWbnVUQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKl8uL5ZZqCmKwEsvp7H7b6LNzWHMB8GA1UdIwQY
MBaAFM5Wqg4hVYySpIZUJE4Flhofz6DyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjIt
NTRmYTMwODY0YzIxLzEvcVh5NHZsbG1vS1lyQVN5LW5zZnR2b3MzTlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjItNTRmYTMwODY0YzIx
LzEvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAieAwDQYJ
KoZIhvcNAQELBQADggEBACPMVsupKlYIvQgPjAkBR9qfphNH46/xsO//0B1I6GNC
UHOK/eaFWjAxOSE0N5rg1pd5m/AzLa7Q9t/MXzjtFrL0Pv14fukySZ0viBnfiZxL
Hhke9hrqG+sn88Ye0ttc96gMrCI6nd/qLo9wMbNONgKRsxlCrZ2gW1C98Jg4YxwS
omD47SjkJZwyvDmQqAwqRVlGLTbk3l9SDvk5eFp20seh+O+sV4txzAgpfQM3E5QR
9R/fSP1u5joZ4U374Y2BTTp7g3csaLdQGuY4WDV7R9JBoLbVsDOiI41MHEnqMtCR
KfInYx8dfoABH7AMbbMAhh8H6V1p1WVXREz9UUahXSM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:18 2024 by rpki-client on console-ams.rpki-client.org