Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/qMagO8BGiVwmg2gzdbvIk9n2SNU.roa
File: qMagO8BGiVwmg2gzdbvIk9n2SNU.roa (raw, json)
Hash identifier: rT4H0kYn7vmFYo+k0IcsziZIg89ISgg772v1uEFu8iM=
Subject key identifier: A8:C6:A0:3B:C0:46:89:5C:26:83:68:33:75:BB:C8:93:D9:F6:48:D5
Certificate issuer: /CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Certificate serial: 018CC64B302C98343CD443333BF31E458A46
Authority key identifier: 20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/qMagO8BGiVwmg2gzdbvIk9n2SNU.roa
Signing time: Mon 01 Jan 2024 18:31:05 +0000
ROA not before: Mon 01 Jan 2024 18:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208365
IP address blocks: 81.22.33.0/24 maxlen: 24
81.22.35.0/24 maxlen: 24
81.22.32.0/24 maxlen: 24
81.22.34.0/24 maxlen: 24
45.151.76.0/24 maxlen: 24
31.223.186.0/24 maxlen: 24
45.151.78.0/24 maxlen: 24
45.151.77.0/24 maxlen: 24
45.151.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:30:2c:98:34:3c:d4:43:33:3b:f3:1e:45:8a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Validity
Not Before: Jan 1 18:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8c6a03bc046895c2683683375bbc893d9f648d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:89:eb:b5:0c:f7:df:c3:1f:ba:cb:ce:2c:e7:
4c:8c:9b:06:83:fa:8c:e4:0e:aa:05:30:1c:4c:62:
a6:fb:2b:a1:ce:dd:71:f1:cc:b6:0a:c5:8d:a8:75:
b9:31:f5:eb:00:53:5b:0a:a8:9c:f7:fc:2f:fc:6d:
c2:45:55:02:2b:15:12:fa:e5:a7:b3:c4:ab:7f:b4:
34:51:0d:08:4a:54:ff:3d:21:34:2e:e6:86:ad:2e:
31:ba:36:db:50:ce:82:8e:cc:47:4c:d8:9b:a4:af:
cb:dc:5e:ee:33:54:c1:45:1a:16:25:44:31:98:c4:
93:67:81:30:d3:43:b3:bf:6c:cc:ce:cb:21:28:5b:
a3:08:7e:3a:62:d7:69:51:6a:23:72:b3:49:72:80:
47:80:63:4d:be:37:93:ba:26:9c:10:44:a8:c3:78:
d4:24:26:9a:d0:1e:d7:1a:c1:04:a9:56:05:12:e1:
c7:5e:d3:6e:df:74:e9:22:d0:e5:63:f6:c7:06:02:
92:2a:99:0d:71:4d:3e:5f:72:19:2c:49:c3:e1:cd:
7d:52:af:dc:5b:59:fb:dd:40:14:f4:ab:8b:a5:3c:
53:86:45:8e:ae:20:bb:41:b2:c4:ca:86:e1:d5:0c:
1c:d1:c8:2b:1a:84:eb:de:89:0e:16:b7:66:15:2c:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C6:A0:3B:C0:46:89:5C:26:83:68:33:75:BB:C8:93:D9:F6:48:D5
X509v3 Authority Key Identifier:
keyid:20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/qMagO8BGiVwmg2gzdbvIk9n2SNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.186.0/24
45.151.76.0/22
81.22.32.0/22
Signature Algorithm: sha256WithRSAEncryption
51:f5:0a:5c:65:eb:96:ad:4a:f0:00:87:2d:c3:81:d8:3a:7b:
6b:93:5f:fa:33:f1:2e:8a:92:1d:87:a0:7a:e6:36:13:2f:b2:
c9:28:fd:6f:8a:5a:48:6b:07:f1:3c:0f:98:55:44:50:4f:48:
f3:1c:e0:60:e3:5b:f1:8f:7d:a7:b8:b0:77:48:c3:4a:a3:ab:
e1:79:0f:16:7a:c8:ae:04:31:23:cb:2e:23:6f:35:2d:0d:d6:
b3:9e:a0:ff:0d:79:0b:68:8c:9e:86:d7:48:70:6e:9a:2c:65:
50:6a:8f:11:90:51:43:d5:c0:20:fa:0b:74:c2:db:b8:66:c9:
c1:6c:e2:7b:8f:cb:f0:6f:1d:47:9b:db:92:23:14:0d:a2:3c:
df:10:a6:ac:76:1b:59:c0:f7:4d:5d:44:51:fc:d5:66:97:7c:
d5:13:72:e9:f4:03:95:84:7c:cd:44:99:d9:dd:90:e1:2e:7c:
86:0e:34:82:d9:6d:a5:6b:a6:b7:08:be:bf:d6:5a:e9:15:44:
bf:c4:75:6c:e1:8c:94:7d:3b:4e:b9:e6:1f:8c:05:b3:22:ff:
c1:85:14:f5:49:78:73:63:19:21:79:88:6e:8e:bc:a2:bb:fc:
6d:98:b7:8b:f1:f4:bf:ad:27:89:3a:27:a0:22:69:3b:c3:95:
48:2c:5a:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSzAsmDQ81EMzO/MeRYpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTdmY2JlNTkzMTRjMzcyYjY4ZjIzMjIyMzgyOGIxZTMz
YTAzZWMwHhcNMjQwMTAxMTgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM2YTAzYmMwNDY4OTVjMjY4MzY4MzM3NWJiYzg5M2Q5ZjY0OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0onrtQz338MfusvOLOdMjJsGg/qM
5A6qBTAcTGKm+yuhzt1x8cy2CsWNqHW5MfXrAFNbCqic9/wv/G3CRVUCKxUS+uWn
s8Srf7Q0UQ0ISlT/PSE0LuaGrS4xujbbUM6CjsxHTNibpK/L3F7uM1TBRRoWJUQx
mMSTZ4Ew00Ozv2zMzsshKFujCH46YtdpUWojcrNJcoBHgGNNvjeTuiacEESow3jU
JCaa0B7XGsEEqVYFEuHHXtNu33TpItDlY/bHBgKSKpkNcU0+X3IZLEnD4c19Uq/c
W1n73UAU9KuLpTxThkWOriC7QbLEyobh1Qwc0cgrGoTr3okOFrdmFSzX+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKjGoDvARolcJoNoM3W7yJPZ9kjVMB8GA1UdIwQY
MBaAFCCn/L5ZMUw3K2jyMiI4KLHjOgPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTIt
NDI2MDM5Nzg4OTE5LzEvcU1hZ084QkdpVndtZzJnemRidklrOW4yU05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTItNDI2MDM5Nzg4OTE5
LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9+6AwQC
LZdMAwQCURYgMA0GCSqGSIb3DQEBCwUAA4IBAQBR9QpcZeuWrUrwAIctw4HYOntr
k1/6M/EuipIdh6B65jYTL7LJKP1vilpIawfxPA+YVURQT0jzHOBg41vxj32nuLB3
SMNKo6vheQ8WesiuBDEjyy4jbzUtDdaznqD/DXkLaIyehtdIcG6aLGVQao8RkFFD
1cAg+gt0wtu4ZsnBbOJ7j8vwbx1Hm9uSIxQNojzfEKasdhtZwPdNXURR/NVml3zV
E3Lp9AOVhHzNRJnZ3ZDhLnyGDjSC2W2la6a3CL6/1lrpFUS/xHVs4YyUfTtOueYf
jAWzIv/BhRT1SXhzYxkheYhujryiu/xtmLeL8fS/rSeJOiegImk7w5VILFoY
-----END CERTIFICATE-----
Generated at Sun May 19 05:18:28 2024 by rpki-client on console-ams.rpki-client.org