Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/qooFeYPW9NIpsBzDxpayc9VB83U.roa
File: qooFeYPW9NIpsBzDxpayc9VB83U.roa (raw, json)
Hash identifier: WG3L5FGGgqZiuy85O6Yu+7FL0841/FK5aJB3KolcH/w=
Subject key identifier: AA:8A:05:79:83:D6:F4:D2:29:B0:1C:C3:C6:96:B2:73:D5:41:F3:75
Certificate issuer: /CN=66ba8d64e901b39b501ed3693ec27430713886e3
Certificate serial: 018CFDE398F63DB8BF8C0764B0EA9C18F89E
Authority key identifier: 66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/qooFeYPW9NIpsBzDxpayc9VB83U.roa
Signing time: Fri 12 Jan 2024 13:36:40 +0000
ROA not before: Fri 12 Jan 2024 13:36:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210861
IP address blocks: 93.190.126.0/24 maxlen: 24
2a11:7980:ff::/48 maxlen: 48
2a11:7980::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:e3:98:f6:3d:b8:bf:8c:07:64:b0:ea:9c:18:f8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ba8d64e901b39b501ed3693ec27430713886e3
Validity
Not Before: Jan 12 13:36:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa8a057983d6f4d229b01cc3c696b273d541f375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5e:77:1b:43:93:e4:f3:b9:19:af:97:f5:2a:
c4:25:b0:4a:c3:4c:51:32:0b:4d:ca:d2:18:f7:c2:
f6:c5:4e:35:14:14:7d:49:90:05:0f:3a:34:3c:7d:
ae:41:9d:b1:fc:7f:16:35:49:e3:a7:d6:a0:04:a2:
92:5a:cd:e9:c4:3d:39:32:c0:f7:8e:e1:de:47:d7:
0b:ad:be:8d:cd:b8:12:65:41:6c:f9:4c:4d:de:a1:
a1:8f:e4:5e:a6:76:f9:57:09:80:3e:b3:dc:44:60:
93:c9:40:b3:e7:c2:d6:ba:33:e5:ab:01:50:4b:3b:
16:46:ed:5f:37:2e:8a:76:e2:64:f1:68:5c:dc:3b:
03:4a:f1:00:da:86:35:d4:4d:a6:1b:2d:44:60:4f:
a9:68:c0:35:79:06:7d:55:a6:fa:32:c5:19:a0:b3:
8e:d7:28:c5:fd:78:2d:0e:3b:03:a5:69:98:3e:e5:
02:17:01:20:0b:96:ed:5e:d3:d7:c4:2b:44:d2:aa:
86:11:38:ad:e2:f4:46:62:da:ea:e3:23:b7:11:72:
f2:63:d2:44:5d:97:f2:42:d2:e4:fb:2c:4d:34:0e:
24:44:40:75:54:66:0f:2f:bd:e5:6f:66:6a:98:cb:
c1:39:81:03:41:53:42:88:b7:5c:9a:91:c9:ad:de:
8e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8A:05:79:83:D6:F4:D2:29:B0:1C:C3:C6:96:B2:73:D5:41:F3:75
X509v3 Authority Key Identifier:
keyid:66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/qooFeYPW9NIpsBzDxpayc9VB83U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.126.0/24
IPv6:
2a11:7980::/40
Signature Algorithm: sha256WithRSAEncryption
10:65:10:51:b7:30:3b:23:d0:1e:9b:8b:bc:18:35:71:fb:0e:
d2:30:ec:eb:58:8d:dc:62:6d:59:05:a8:ba:23:13:12:bf:e6:
4f:2c:51:9d:b9:3f:3f:f1:35:3d:99:fc:f2:df:81:3f:6b:02:
b2:ea:90:75:dc:32:57:3c:6f:c5:ba:59:d6:90:1f:22:7b:68:
29:ec:92:a1:d3:be:cc:a6:73:06:fd:d9:b0:59:53:65:f7:d7:
88:a4:23:18:c5:10:5e:9b:a4:6e:40:72:d6:60:e3:3a:63:8f:
3e:96:9e:9f:ed:3a:a8:9d:54:45:aa:9b:5b:12:10:a8:bb:93:
8d:24:99:78:a5:24:5e:50:25:48:f5:ff:3e:46:c0:f2:e2:2d:
c5:ce:6a:d7:b9:c4:a0:21:f8:4f:c4:50:9b:da:1a:62:e2:f8:
61:28:6f:5c:ac:d7:8e:a3:16:a1:da:42:75:24:85:95:9d:58:
8e:43:34:7e:47:7b:c2:73:74:12:5a:96:2b:51:9f:c3:64:4a:
6f:55:76:80:c5:61:1b:95:0f:ac:f5:7e:d7:83:7b:9d:cd:2a:
67:af:9d:6f:46:c7:d7:64:59:c1:8e:b9:4e:23:54:07:5e:87:
14:07:2d:82:c9:7f:e0:bf:e8:fe:e3:bc:fb:3a:df:7a:b6:f6:
b1:91:b2:1b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYz945j2Pbi/jAdksOqcGPieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE4ZDY0ZTkwMWIzOWI1MDFlZDM2OTNlYzI3NDMwNzEz
ODg2ZTMwHhcNMjQwMTEyMTMzNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThhMDU3OTgzZDZmNGQyMjliMDFjYzNjNjk2YjI3M2Q1NDFmMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlF53G0OT5PO5Ga+X9SrEJbBKw0xR
MgtNytIY98L2xU41FBR9SZAFDzo0PH2uQZ2x/H8WNUnjp9agBKKSWs3pxD05MsD3
juHeR9cLrb6NzbgSZUFs+UxN3qGhj+Repnb5VwmAPrPcRGCTyUCz58LWujPlqwFQ
SzsWRu1fNy6KduJk8Whc3DsDSvEA2oY11E2mGy1EYE+paMA1eQZ9Vab6MsUZoLOO
1yjF/XgtDjsDpWmYPuUCFwEgC5btXtPXxCtE0qqGETit4vRGYtrq4yO3EXLyY9JE
XZfyQtLk+yxNNA4kREB1VGYPL73lb2ZqmMvBOYEDQVNCiLdcmpHJrd6O2wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKqKBXmD1vTSKbAcw8aWsnPVQfN1MB8GA1UdIwQY
MBaAFGa6jWTpAbObUB7TaT7CdDBxOIbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEt
MGIzZTdlYmU0YWMyLzEvcW9vRmVZUFc5Tklwc0J6RHhwYXljOVZCODNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEtMGIzZTdlYmU0YWMy
LzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAXb5+MA4E
AgACMAgDBgAqEXmAADANBgkqhkiG9w0BAQsFAAOCAQEAEGUQUbcwOyPQHpuLvBg1
cfsO0jDs61iN3GJtWQWouiMTEr/mTyxRnbk/P/E1PZn88t+BP2sCsuqQddwyVzxv
xbpZ1pAfIntoKeySodO+zKZzBv3ZsFlTZffXiKQjGMUQXpukbkBy1mDjOmOPPpae
n+06qJ1URaqbWxIQqLuTjSSZeKUkXlAlSPX/PkbA8uItxc5q17nEoCH4T8RQm9oa
YuL4YShvXKzXjqMWodpCdSSFlZ1YjkM0fkd7wnN0ElqWK1Gfw2RKb1V2gMVhG5UP
rPV+14N7nc0qZ6+db0bH12RZwY65TiNUB16HFActgsl/4L/o/uO8+zrferb2sZGy
Gw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:25 2024 by rpki-client on console-fra.rpki-client.org