Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/sQUxTXma67k2-bbaCPNLRM7hs90.roa
File: sQUxTXma67k2-bbaCPNLRM7hs90.roa (raw, json)
Hash identifier: siTLaJqqm6VBcJaDJc2+P6DbDofyorZgRE6mzf8bxPQ=
Subject key identifier: B1:05:31:4D:79:9A:EB:B9:36:F9:B6:DA:08:F3:4B:44:CE:E1:B3:DD
Certificate issuer: /CN=588394e3910d94a7bf0a78a0f302d02ae9907273
Certificate serial: 018CC500E0256608D2C65F12F63AA550641B
Authority key identifier: 58:83:94:E3:91:0D:94:A7:BF:0A:78:A0:F3:02:D0:2A:E9:90:72:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIOU45ENlKe_Cnig8wLQKumQcnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/sQUxTXma67k2-bbaCPNLRM7hs90.roa
Signing time: Mon 01 Jan 2024 12:30:18 +0000
ROA not before: Mon 01 Jan 2024 12:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56851
IP address blocks: 193.111.60.0/22 maxlen: 24
31.131.16.0/20 maxlen: 24
2001:67c:15e4::/48 maxlen: 48
2001:67c:15f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/WIOU45ENlKe_Cnig8wLQKumQcnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/WIOU45ENlKe_Cnig8wLQKumQcnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIOU45ENlKe_Cnig8wLQKumQcnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e0:25:66:08:d2:c6:5f:12:f6:3a:a5:50:64:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588394e3910d94a7bf0a78a0f302d02ae9907273
Validity
Not Before: Jan 1 12:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b105314d799aebb936f9b6da08f34b44cee1b3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5b:63:79:b1:e1:87:30:f1:52:e5:f4:34:3a:
f2:03:25:ad:e4:b1:fd:67:d9:4e:7f:97:5a:97:17:
b9:fd:60:18:df:eb:6e:c6:25:cc:30:7f:a8:13:4a:
bd:ae:92:da:5d:11:65:40:f2:ca:a6:91:9e:b8:5b:
9a:a7:b1:3e:13:8a:d6:71:65:1b:e6:87:64:b1:b0:
51:70:91:22:28:66:7b:04:13:0f:aa:1b:db:f6:59:
f4:66:b0:18:db:52:b8:cd:00:3b:c7:71:55:4d:00:
30:05:d3:5c:60:f1:8f:fd:dd:c1:f0:64:f7:1c:ab:
95:29:18:a0:91:b1:9c:42:6e:53:b0:52:e1:ab:5d:
80:c5:2c:2f:6c:02:53:05:41:4e:ea:d9:f4:e7:0c:
f1:92:6f:9b:86:ad:57:fd:8a:92:34:c9:38:1c:55:
09:c6:44:13:dc:3c:81:1c:36:45:b7:81:68:2c:ac:
b1:2f:ff:0c:1f:b1:e3:f6:34:39:43:23:de:08:b8:
f5:39:8a:ba:6c:4f:18:00:bd:b5:62:b0:dc:da:d8:
9f:db:49:80:01:4e:9e:dc:01:4b:fe:f0:5f:91:2b:
92:d1:0c:cb:4c:96:e9:42:f8:ae:6a:b4:a8:db:cb:
5f:e5:d2:5a:30:fc:45:a8:77:7d:0a:7a:9c:b9:65:
3e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:05:31:4D:79:9A:EB:B9:36:F9:B6:DA:08:F3:4B:44:CE:E1:B3:DD
X509v3 Authority Key Identifier:
keyid:58:83:94:E3:91:0D:94:A7:BF:0A:78:A0:F3:02:D0:2A:E9:90:72:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIOU45ENlKe_Cnig8wLQKumQcnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/sQUxTXma67k2-bbaCPNLRM7hs90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/78b1a7-9fbd-4f6f-8eb4-7b622ddf84f4/1/WIOU45ENlKe_Cnig8wLQKumQcnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.16.0/20
193.111.60.0/22
IPv6:
2001:67c:15e4::/48
2001:67c:15f0::/48
Signature Algorithm: sha256WithRSAEncryption
54:15:3d:dd:61:e8:51:32:59:e5:7b:84:b9:da:03:a0:6d:42:
a0:29:f9:86:08:2d:99:e8:07:f6:87:cb:d7:9c:0b:28:a6:bf:
af:f1:19:36:fc:fc:79:ea:4f:91:23:c7:8b:fc:37:30:65:80:
79:b7:28:48:78:ad:c0:d7:4b:d3:38:55:4c:8b:76:13:ca:18:
17:d1:13:be:84:c1:11:17:ef:b0:44:7f:a8:a2:3d:43:6d:40:
26:ba:89:7b:84:9f:72:fb:d4:70:79:81:a3:e8:43:42:32:b4:
be:03:2f:2c:60:3d:9d:58:c9:3a:e5:b1:36:fd:ca:5f:8e:61:
3b:c0:f2:27:f7:ad:24:23:83:a7:d2:10:cc:c6:f1:4c:c7:0e:
a2:7d:2e:e8:e9:6d:4f:c3:db:ba:35:67:0f:38:50:da:a2:0a:
2d:14:40:5d:ff:bf:70:9e:31:d0:dd:34:65:b4:41:70:5a:68:
2f:ee:69:8e:60:1c:e4:a4:5e:e2:b8:6e:98:3d:0e:fb:35:77:
00:ef:e5:68:93:75:f7:e0:98:b7:18:14:f1:9b:fb:8b:20:30:
c0:d8:5c:4c:c4:12:9a:c8:22:f3:2e:57:b2:3c:02:63:a3:21:
1b:3a:aa:33:1b:41:d9:fe:00:24:5b:7f:9c:ab:63:87:c2:94:
aa:b8:47:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzFAOAlZgjSxl8S9jqlUGQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODM5NGUzOTEwZDk0YTdiZjBhNzhhMGYzMDJkMDJhZTk5
MDcyNzMwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA1MzE0ZDc5OWFlYmI5MzZmOWI2ZGEwOGYzNGI0NGNlZTFiM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVtjebHhhzDxUuX0NDryAyWt5LH9
Z9lOf5dalxe5/WAY3+tuxiXMMH+oE0q9rpLaXRFlQPLKppGeuFuap7E+E4rWcWUb
5odksbBRcJEiKGZ7BBMPqhvb9ln0ZrAY21K4zQA7x3FVTQAwBdNcYPGP/d3B8GT3
HKuVKRigkbGcQm5TsFLhq12AxSwvbAJTBUFO6tn05wzxkm+bhq1X/YqSNMk4HFUJ
xkQT3DyBHDZFt4FoLKyxL/8MH7Hj9jQ5QyPeCLj1OYq6bE8YAL21YrDc2tif20mA
AU6e3AFL/vBfkSuS0QzLTJbpQviuarSo28tf5dJaMPxFqHd9CnqcuWU+SQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLEFMU15muu5Nvm22gjzS0TO4bPdMB8GA1UdIwQY
MBaAFFiDlOORDZSnvwp4oPMC0CrpkHJzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lPVTQ1RU5sS2VfQ25pZzh3TFFLdW1RY25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS83OGIxYTctOWZiZC00ZjZmLThlYjQt
N2I2MjJkZGY4NGY0LzEvc1FVeFRYbWE2N2syLWJiYUNQTkxSTTdoczkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS83OGIxYTctOWZiZC00ZjZmLThlYjQtN2I2MjJkZGY4NGY0
LzEvV0lPVTQ1RU5sS2VfQ25pZzh3TFFLdW1RY25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQEH4MQAwQC
wW88MBgEAgACMBIDBwAgAQZ8FeQDBwAgAQZ8FfAwDQYJKoZIhvcNAQELBQADggEB
AFQVPd1h6FEyWeV7hLnaA6BtQqAp+YYILZnoB/aHy9ecCyimv6/xGTb8/HnqT5Ej
x4v8NzBlgHm3KEh4rcDXS9M4VUyLdhPKGBfRE76EwREX77BEf6iiPUNtQCa6iXuE
n3L71HB5gaPoQ0IytL4DLyxgPZ1YyTrlsTb9yl+OYTvA8if3rSQjg6fSEMzG8UzH
DqJ9LujpbU/D27o1Zw84UNqiCi0UQF3/v3CeMdDdNGW0QXBaaC/uaY5gHOSkXuK4
bpg9Dvs1dwDv5WiTdffgmLcYFPGb+4sgMMDYXEzEEprIIvMuV7I8AmOjIRs6qjMb
Qdn+ACRbf5yrY4fClKq4R6c=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:33 2024 by rpki-client on console-ams.rpki-client.org