Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/7qdYD4lN9EwSOakdR5dgcN2pqE0.roa
File: 7qdYD4lN9EwSOakdR5dgcN2pqE0.roa (raw, json)
Hash identifier: wfRJ/6jIE4ufk9ZLk2OXNLcYwCI7HikdXXSBDHB3T7I=
Subject key identifier: EE:A7:58:0F:89:4D:F4:4C:12:39:A9:1D:47:97:60:70:DD:A9:A8:4D
Certificate issuer: /CN=69d731fa4dd292c0c0532eea6967cec0790745aa
Certificate serial: 018CC8DF1B0410AAE4D9CB3918BE0EB44B7E
Authority key identifier: 69:D7:31:FA:4D:D2:92:C0:C0:53:2E:EA:69:67:CE:C0:79:07:45:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/7qdYD4lN9EwSOakdR5dgcN2pqE0.roa
Signing time: Tue 02 Jan 2024 06:31:53 +0000
ROA not before: Tue 02 Jan 2024 06:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211809
IP address blocks: 185.96.32.0/22 maxlen: 24
2a13:eb00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.mft
rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1b:04:10:aa:e4:d9:cb:39:18:be:0e:b4:4b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69d731fa4dd292c0c0532eea6967cec0790745aa
Validity
Not Before: Jan 2 06:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea7580f894df44c1239a91d47976070dda9a84d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5b:a0:38:f0:4f:2a:56:23:a1:7b:05:a9:e5:
54:e4:3d:ca:51:10:5f:05:d7:75:65:c6:a2:78:02:
d0:38:22:14:22:10:f2:ff:5b:b1:5a:39:f7:7d:6c:
88:e0:db:59:cc:fe:dd:a4:df:f3:c8:93:94:86:86:
c0:c0:70:b3:40:76:d1:f2:d4:dc:74:ef:8d:63:54:
8d:ba:21:57:00:5d:cd:ca:bc:8d:e7:ab:e0:c0:7a:
90:44:c7:2e:ef:1c:db:0b:61:b7:ad:b7:cb:00:e1:
30:e3:5d:5f:4e:70:6c:28:60:66:a3:c0:86:5f:92:
68:a1:be:f8:08:67:e3:af:ad:3e:56:83:18:69:b0:
99:cf:00:68:01:f7:03:57:77:a8:db:65:c7:0f:a0:
d7:e1:e5:aa:29:08:16:cf:b4:76:ae:64:2e:1f:c3:
9b:09:09:5b:b6:fe:45:14:28:2f:16:97:f4:fb:1c:
eb:3f:7f:b6:7a:8d:33:99:38:1f:fe:f0:ab:7d:61:
7f:d8:20:8f:88:c0:28:5c:6a:d1:58:6d:ac:ce:0f:
0a:02:f8:e3:b0:c6:5b:26:cd:cf:e5:e4:3b:0a:2f:
c7:1f:88:2e:4b:82:6f:55:04:f5:66:0b:b0:a9:04:
8e:48:f9:76:bf:26:61:4a:11:c8:df:ea:f5:2f:08:
6c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A7:58:0F:89:4D:F4:4C:12:39:A9:1D:47:97:60:70:DD:A9:A8:4D
X509v3 Authority Key Identifier:
keyid:69:D7:31:FA:4D:D2:92:C0:C0:53:2E:EA:69:67:CE:C0:79:07:45:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/adcx-k3SksDAUy7qaWfOwHkHRao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/7qdYD4lN9EwSOakdR5dgcN2pqE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/9fb5e0-5508-49f4-9f9e-34362415182a/1/adcx-k3SksDAUy7qaWfOwHkHRao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.32.0/22
IPv6:
2a13:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a2:cd:03:0c:8c:0c:a6:97:6b:b1:78:21:49:0c:4f:c4:3c:
b0:b4:c6:fe:bd:98:c4:cd:33:8f:31:77:3b:8a:54:1d:cb:c6:
39:99:3c:dc:a8:6b:05:7b:5c:a9:75:78:e4:46:b7:8a:c2:af:
f6:b3:ec:d1:72:ac:06:a4:db:63:4f:4f:d5:39:73:de:80:80:
b7:b0:6d:ff:26:b4:4d:34:df:09:63:97:47:fa:a6:1b:3d:6f:
52:a1:ef:1b:ac:6c:a5:ae:f0:38:35:cc:8f:c4:4b:4b:a9:56:
5d:c0:f4:65:32:ea:17:8f:7d:a0:e0:1a:22:5c:28:8a:c5:60:
9e:08:28:77:36:aa:f6:90:25:dd:32:af:6c:09:80:3d:54:59:
a1:46:0a:61:f3:4b:9e:40:9b:05:5d:d7:f1:f1:a7:a2:03:de:
e2:12:c0:42:71:23:1b:5b:dc:78:e3:c6:fc:a0:ce:75:58:82:
aa:74:45:a2:b4:33:44:48:e8:0a:7d:bf:64:e0:bc:d5:69:f8:
66:5f:e0:8f:b8:ab:d9:eb:93:e1:a2:38:d5:a4:f7:d4:67:f3:
04:c5:6c:12:d9:a6:59:92:8d:06:39:68:db:f5:8c:dd:5a:93:
ce:bf:8c:1b:62:31:ad:5e:f7:0e:fa:66:5d:a5:ed:83:83:9f:
42:15:ae:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3xsEEKrk2cs5GL4OtEt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZDczMWZhNGRkMjkyYzBjMDUzMmVlYTY5NjdjZWMwNzkw
NzQ1YWEwHhcNMjQwMTAyMDYzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE3NTgwZjg5NGRmNDRjMTIzOWE5MWQ0Nzk3NjA3MGRkYTlhODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVugOPBPKlYjoXsFqeVU5D3KURBf
Bdd1ZcaieALQOCIUIhDy/1uxWjn3fWyI4NtZzP7dpN/zyJOUhobAwHCzQHbR8tTc
dO+NY1SNuiFXAF3NyryN56vgwHqQRMcu7xzbC2G3rbfLAOEw411fTnBsKGBmo8CG
X5Joob74CGfjr60+VoMYabCZzwBoAfcDV3eo22XHD6DX4eWqKQgWz7R2rmQuH8Ob
CQlbtv5FFCgvFpf0+xzrP3+2eo0zmTgf/vCrfWF/2CCPiMAoXGrRWG2szg8KAvjj
sMZbJs3P5eQ7Ci/HH4guS4JvVQT1ZguwqQSOSPl2vyZhShHI3+r1Lwhs8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO6nWA+JTfRMEjmpHUeXYHDdqahNMB8GA1UdIwQY
MBaAFGnXMfpN0pLAwFMu6mlnzsB5B0WqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWRjeC1rM1Nrc0RBVXk3cWFXZk93SGtIUmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC85ZmI1ZTAtNTUwOC00OWY0LTlmOWUt
MzQzNjI0MTUxODJhLzEvN3FkWUQ0bE45RXdTT2FrZFI1ZGdjTjJwcUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC85ZmI1ZTAtNTUwOC00OWY0LTlmOWUtMzQzNjI0MTUxODJh
LzEvYWRjeC1rM1Nrc0RBVXk3cWFXZk93SGtIUmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWAgMA0E
AgACMAcDBQMqE+sAMA0GCSqGSIb3DQEBCwUAA4IBAQAuos0DDIwMppdrsXghSQxP
xDywtMb+vZjEzTOPMXc7ilQdy8Y5mTzcqGsFe1ypdXjkRreKwq/2s+zRcqwGpNtj
T0/VOXPegIC3sG3/JrRNNN8JY5dH+qYbPW9Soe8brGylrvA4NcyPxEtLqVZdwPRl
MuoXj32g4BoiXCiKxWCeCCh3Nqr2kCXdMq9sCYA9VFmhRgph80ueQJsFXdfx8aei
A97iEsBCcSMbW9x448b8oM51WIKqdEWitDNESOgKfb9k4LzVafhmX+CPuKvZ65Ph
ojjVpPfUZ/MExWwS2aZZko0GOWjb9YzdWpPOv4wbYjGtXvcO+mZdpe2Dg59CFa64
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:23 2024 by rpki-client on console-ams.rpki-client.org