Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/q307VnkMXMvcaWte8v0qM8ch38g.roa
File: q307VnkMXMvcaWte8v0qM8ch38g.roa (raw, json)
Hash identifier: iT5IVaIjFQFGheVpjRr7Aok6CInM3+jY5lwz44RHkjI=
Subject key identifier: AB:7D:3B:56:79:0C:5C:CB:DC:69:6B:5E:F2:FD:2A:33:C7:21:DF:C8
Certificate issuer: /CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Certificate serial: 019275B076BB76965961B4DD89CF7A9F0E3D
Authority key identifier: 89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/q307VnkMXMvcaWte8v0qM8ch38g.roa
Signing time: Thu 10 Oct 2024 09:09:11 +0000
ROA not before: Thu 10 Oct 2024 09:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199739
IP address blocks: 109.224.2.0/24 maxlen: 24
109.224.3.0/24 maxlen: 24
109.224.32.0/24 maxlen: 24
109.224.44.0/24 maxlen: 24
109.224.45.0/24 maxlen: 24
109.224.46.0/24 maxlen: 24
109.224.47.0/24 maxlen: 24
185.141.9.0/24 maxlen: 24
185.141.10.0/24 maxlen: 24
185.141.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:b0:76:bb:76:96:59:61:b4:dd:89:cf:7a:9f:0e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896ed6e4b5c7c19db98c57432af4dcf630bf60ae
Validity
Not Before: Oct 10 09:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab7d3b56790c5ccbdc696b5ef2fd2a33c721dfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:66:63:6a:88:73:02:ab:42:cb:a3:a6:a6:
d4:86:88:7c:b3:d0:67:9f:14:95:98:65:14:0e:89:
8a:95:75:1d:e5:f1:39:17:45:46:8a:b2:c0:47:9e:
52:61:7e:13:d4:95:90:21:df:58:cf:d3:47:3f:c8:
ab:1e:40:80:e9:7e:e4:76:7a:aa:26:f0:ec:8b:30:
5c:97:ad:63:6a:97:24:6b:ea:a5:5a:42:18:6d:10:
4e:95:fe:bc:1f:fd:7d:ac:78:97:ca:1d:d1:05:59:
ca:c9:84:f0:63:9f:d1:d1:a0:c0:b9:15:85:62:97:
3a:90:86:77:0f:ae:eb:6d:c5:99:16:29:79:b7:32:
4d:af:c2:57:3f:3c:a3:e6:e4:be:f5:1e:38:30:ea:
27:cd:c7:9a:16:00:a2:12:f2:2d:a6:55:f7:03:dc:
3a:f3:10:0c:79:4c:62:a0:0c:58:ac:b5:11:62:8e:
1b:63:56:7a:11:90:b4:2c:6c:14:4a:31:c5:00:f4:
c2:1b:9a:01:cb:21:b4:d3:39:59:7d:73:3b:98:c0:
e2:6a:0c:19:50:88:83:8b:92:0d:13:2e:4c:bc:37:
8a:28:4a:f2:31:12:1a:7c:22:46:73:88:7e:81:32:
46:5a:ef:a2:da:9e:7d:f1:c8:09:1a:05:c1:96:91:
b2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:7D:3B:56:79:0C:5C:CB:DC:69:6B:5E:F2:FD:2A:33:C7:21:DF:C8
X509v3 Authority Key Identifier:
keyid:89:6E:D6:E4:B5:C7:C1:9D:B9:8C:57:43:2A:F4:DC:F6:30:BF:60:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW7W5LXHwZ25jFdDKvTc9jC_YK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/q307VnkMXMvcaWte8v0qM8ch38g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/900444-dd40-4a04-a616-dc1ff6746d2e/1/iW7W5LXHwZ25jFdDKvTc9jC_YK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.2.0/23
109.224.32.0/24
109.224.44.0/22
185.141.9.0-185.141.11.255
Signature Algorithm: sha256WithRSAEncryption
cf:cb:25:ee:9d:7c:84:f9:bc:2b:e4:d3:19:79:e1:6b:13:f2:
cd:bf:fe:73:29:e5:b4:c7:7c:be:0c:40:23:c0:66:7f:4b:1c:
a0:13:c9:2b:bd:80:c7:bb:03:5f:b8:f5:aa:50:1a:5b:b4:ab:
76:b1:70:46:c9:6e:5e:a3:9c:22:d0:49:2d:8c:09:7e:57:22:
85:e4:e7:9b:e8:dc:65:5f:71:f3:a0:91:50:f9:bb:ab:6c:eb:
68:a4:b6:b1:91:43:11:8d:e8:17:07:09:25:b9:e6:a5:4a:7c:
e0:02:52:05:3a:bd:d3:59:fc:d3:16:20:3f:56:3f:b4:b7:9d:
a0:54:46:20:01:c9:3c:34:a0:5d:d1:f0:34:f6:53:90:2c:f0:
ef:51:8f:80:ec:12:e9:48:72:0d:41:64:32:0d:0a:da:dc:24:
29:3a:af:af:15:43:26:d4:97:17:b4:6b:13:be:c9:81:cc:6d:
c2:5c:74:88:bd:f9:66:a8:74:f2:65:2e:23:a3:9a:62:18:2f:
f5:fd:23:5e:3e:7a:f7:e9:49:62:18:eb:a5:1f:fc:fc:dd:6a:
c2:cb:5f:26:f9:14:e5:f5:c6:f4:4d:dc:3d:1a:9b:b6:ed:ef:
24:9d:76:1e:99:f5:9e:39:c3:11:52:0f:3f:5f:d5:46:16:32:
bb:7b:8f:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJ1sHa7dpZZYbTdic96nw49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmVkNmU0YjVjN2MxOWRiOThjNTc0MzJhZjRkY2Y2MzBi
ZjYwYWUwHhcNMjQxMDEwMDkwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjdkM2I1Njc5MGM1Y2NiZGM2OTZiNWVmMmZkMmEzM2M3MjFkZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHVmY2qIcwKrQsujpqbUhoh8s9Bn
nxSVmGUUDomKlXUd5fE5F0VGirLAR55SYX4T1JWQId9Yz9NHP8irHkCA6X7kdnqq
JvDsizBcl61japcka+qlWkIYbRBOlf68H/19rHiXyh3RBVnKyYTwY5/R0aDAuRWF
Ypc6kIZ3D67rbcWZFil5tzJNr8JXPzyj5uS+9R44MOonzceaFgCiEvItplX3A9w6
8xAMeUxioAxYrLURYo4bY1Z6EZC0LGwUSjHFAPTCG5oByyG00zlZfXM7mMDiagwZ
UIiDi5INEy5MvDeKKEryMRIafCJGc4h+gTJGWu+i2p598cgJGgXBlpGy6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKt9O1Z5DFzL3GlrXvL9KjPHId/IMB8GA1UdIwQY
MBaAFIlu1uS1x8GduYxXQyr03PYwv2CuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYt
ZGMxZmY2NzQ2ZDJlLzEvcTMwN1Zua01YTXZjYVd0ZTh2MHFNOGNoMzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85MDA0NDQtZGQ0MC00YTA0LWE2MTYtZGMxZmY2NzQ2ZDJl
LzEvaVc3VzVMWEh3WjI1akZkREt2VGM5akNfWUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBbeACAwQA
beAgAwQCbeAsMAwDBAC5jQkDBAK5jQgwDQYJKoZIhvcNAQELBQADggEBAM/LJe6d
fIT5vCvk0xl54WsT8s2//nMp5bTHfL4MQCPAZn9LHKATySu9gMe7A1+49apQGlu0
q3axcEbJbl6jnCLQSS2MCX5XIoXk55vo3GVfcfOgkVD5u6ts62iktrGRQxGN6BcH
CSW55qVKfOACUgU6vdNZ/NMWID9WP7S3naBURiAByTw0oF3R8DT2U5As8O9Rj4Ds
EulIcg1BZDINCtrcJCk6r68VQybUlxe0axO+yYHMbcJcdIi9+WaodPJlLiOjmmIY
L/X9I14+evfpSWIY66Uf/PzdasLLXyb5FOX1xvRN3D0am7bt7ySddh6Z9Z45wxFS
Dz9f1UYWMrt7j/s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:07 2024 by rpki-client on console-ams.rpki-client.org