Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/q9jLX7A_0US-IFSHDeDHIplVz3o.roa
File: q9jLX7A_0US-IFSHDeDHIplVz3o.roa (raw, json)
Hash identifier: 2uhNt6Fi/mZ6Tw9BOb1+MnTES8xmRPvtIxUfWeazhDI=
Subject key identifier: AB:D8:CB:5F:B0:3F:D1:44:BE:20:54:87:0D:E0:C7:22:99:55:CF:7A
Certificate issuer: /CN=2ee74296fce8d20befa18799dae6ec7831d61c5a
Certificate serial: 018CC6B8C70E9A1AFE863040F4E6FA4285C8
Authority key identifier: 2E:E7:42:96:FC:E8:D2:0B:EF:A1:87:99:DA:E6:EC:78:31:D6:1C:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LudClvzo0gvvoYeZ2ubseDHWHFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/q9jLX7A_0US-IFSHDeDHIplVz3o.roa
Signing time: Mon 01 Jan 2024 20:30:47 +0000
ROA not before: Mon 01 Jan 2024 20:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25164
IP address blocks: 195.177.234.0/23 maxlen: 23
194.146.212.0/22 maxlen: 22
45.142.224.0/22 maxlen: 22
2a01:200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/LudClvzo0gvvoYeZ2ubseDHWHFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/LudClvzo0gvvoYeZ2ubseDHWHFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/LudClvzo0gvvoYeZ2ubseDHWHFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c7:0e:9a:1a:fe:86:30:40:f4:e6:fa:42:85:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee74296fce8d20befa18799dae6ec7831d61c5a
Validity
Not Before: Jan 1 20:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abd8cb5fb03fd144be2054870de0c7229955cf7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:02:18:8e:9e:eb:1f:40:e2:43:ce:9c:ef:
4c:53:f8:79:ca:db:2b:42:56:82:8b:f7:07:b2:e2:
ea:7b:fc:27:b0:bf:28:fc:89:b3:3c:17:a4:b8:2b:
53:e0:ff:e9:f4:7b:ad:a7:55:a3:6c:65:c8:49:4b:
39:76:af:9e:60:a4:c3:4d:94:a1:35:4e:74:0e:1b:
2d:27:10:a8:71:61:9d:2c:b3:81:98:4b:4c:17:ff:
0f:90:91:4a:e9:33:22:19:6d:27:98:10:82:ee:3a:
c2:2c:7e:c8:30:6e:1c:07:33:92:ac:d4:49:60:69:
55:da:96:56:64:64:36:4f:c1:61:87:75:0f:6a:31:
31:4d:d6:ea:29:07:0a:9f:fe:b1:24:76:d2:6d:94:
c4:ae:99:88:37:47:9a:9d:f4:0e:2c:f8:c9:61:27:
43:1b:3d:98:1b:c2:50:d4:6b:17:bf:88:d6:c5:2c:
75:25:dc:b8:c6:83:bd:b0:8f:ca:e0:c7:af:42:5d:
dc:e4:72:f0:55:a2:48:3a:fb:89:20:8e:47:8f:02:
9c:7f:1e:4f:7f:39:41:78:88:86:97:25:86:9b:5d:
f2:8f:0a:31:26:b6:52:34:97:a6:0f:2a:db:b4:fd:
91:13:17:00:b7:89:28:0d:e1:f9:13:13:61:45:c5:
b0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D8:CB:5F:B0:3F:D1:44:BE:20:54:87:0D:E0:C7:22:99:55:CF:7A
X509v3 Authority Key Identifier:
keyid:2E:E7:42:96:FC:E8:D2:0B:EF:A1:87:99:DA:E6:EC:78:31:D6:1C:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LudClvzo0gvvoYeZ2ubseDHWHFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/q9jLX7A_0US-IFSHDeDHIplVz3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c73b3b-5b5c-4a77-8b80-d2b697aefa02/1/LudClvzo0gvvoYeZ2ubseDHWHFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.224.0/22
194.146.212.0/22
195.177.234.0/23
IPv6:
2a01:200::/32
Signature Algorithm: sha256WithRSAEncryption
65:04:94:b9:e7:44:9d:40:68:ad:97:6a:9e:9b:eb:1d:40:ca:
bf:12:f9:65:6a:4d:4f:5e:97:d3:0c:e9:88:4a:65:21:ee:51:
54:b6:5b:ca:99:46:59:25:b8:3f:83:59:ac:d0:3b:65:ec:fd:
c4:61:0e:68:a9:0f:e2:f8:7a:6b:a0:39:9d:71:e7:38:81:bc:
27:5f:65:2f:1c:7d:cc:7d:af:30:03:e0:bb:d3:0a:c7:67:bb:
92:e4:c3:b4:32:d9:9e:69:07:67:5a:6f:ee:5c:67:79:89:bd:
be:72:c0:54:b6:8f:1d:4e:60:a7:f7:f7:28:64:47:04:4c:13:
90:c7:29:5f:de:25:6a:11:40:18:e8:ad:20:8f:64:f0:22:1b:
07:cc:cd:c5:cd:8c:4f:4f:3a:e6:f1:30:c6:3b:2b:14:a4:41:
8c:46:bd:ca:91:94:95:73:23:bf:37:64:f5:db:2d:00:d0:75:
2e:8f:e6:88:9a:36:0c:09:74:18:0f:0e:df:4c:7c:d2:f3:7a:
a0:71:32:a6:ab:30:62:38:45:02:2f:59:f5:6e:69:41:3f:ac:
12:df:31:1a:3c:91:07:77:8a:6e:77:6a:13:f4:0f:60:38:a3:
a3:1f:32:4d:db:03:3f:39:71:35:a2:4d:d3:fc:63:57:99:a2:
da:c9:30:37
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGuMcOmhr+hjBA9Ob6QoXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTc0Mjk2ZmNlOGQyMGJlZmExODc5OWRhZTZlYzc4MzFk
NjFjNWEwHhcNMjQwMTAxMjAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ4Y2I1ZmIwM2ZkMTQ0YmUyMDU0ODcwZGUwYzcyMjk5NTVjZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAcCGI6e6x9A4kPOnO9MU/h5ytsr
QlaCi/cHsuLqe/wnsL8o/ImzPBekuCtT4P/p9Hutp1WjbGXISUs5dq+eYKTDTZSh
NU50DhstJxCocWGdLLOBmEtMF/8PkJFK6TMiGW0nmBCC7jrCLH7IMG4cBzOSrNRJ
YGlV2pZWZGQ2T8Fhh3UPajExTdbqKQcKn/6xJHbSbZTErpmIN0eanfQOLPjJYSdD
Gz2YG8JQ1GsXv4jWxSx1Jdy4xoO9sI/K4MevQl3c5HLwVaJIOvuJII5HjwKcfx5P
fzlBeIiGlyWGm13yjwoxJrZSNJemDyrbtP2RExcAt4koDeH5ExNhRcWwEwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKvYy1+wP9FEviBUhw3gxyKZVc96MB8GA1UdIwQY
MBaAFC7nQpb86NIL76GHmdrm7Hgx1hxaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVkQ2x2em8wZ3Z2b1llWjJ1YnNlREhXSEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9jNzNiM2ItNWI1Yy00YTc3LThiODAt
ZDJiNjk3YWVmYTAyLzEvcTlqTFg3QV8wVVMtSUZTSERlREhJcGxWejNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9jNzNiM2ItNWI1Yy00YTc3LThiODAtZDJiNjk3YWVmYTAy
LzEvTHVkQ2x2em8wZ3Z2b1llWjJ1YnNlREhXSEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLY7gAwQC
wpLUAwQBw7HqMA0EAgACMAcDBQAqAQIAMA0GCSqGSIb3DQEBCwUAA4IBAQBlBJS5
50SdQGitl2qem+sdQMq/Evllak1PXpfTDOmISmUh7lFUtlvKmUZZJbg/g1ms0Dtl
7P3EYQ5oqQ/i+HproDmdcec4gbwnX2UvHH3Mfa8wA+C70wrHZ7uS5MO0MtmeaQdn
Wm/uXGd5ib2+csBUto8dTmCn9/coZEcETBOQxylf3iVqEUAY6K0gj2TwIhsHzM3F
zYxPTzrm8TDGOysUpEGMRr3KkZSVcyO/N2T12y0A0HUuj+aImjYMCXQYDw7fTHzS
83qgcTKmqzBiOEUCL1n1bmlBP6wS3zEaPJEHd4pud2oT9A9gOKOjHzJN2wM/OXE1
ok3T/GNXmaLayTA3
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:26:03 2024 by rpki-client on console-fra.rpki-client.org