Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/q-Pbz0HciSERwzhuXYjoMkApV-s.roa
File: q-Pbz0HciSERwzhuXYjoMkApV-s.roa (raw, json)
Hash identifier: rTvQXsqxyQ/pS+9SGbEgMHAA3nYfEDW+A9hYfw7iEA0=
Subject key identifier: AB:E3:DB:CF:41:DC:89:21:11:C3:38:6E:5D:88:E8:32:40:29:57:EB
Certificate issuer: /CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Certificate serial: 019093CE131FFC7644BB35639A8A5B0B4CD2
Authority key identifier: A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/q-Pbz0HciSERwzhuXYjoMkApV-s.roa
Signing time: Mon 08 Jul 2024 19:24:34 +0000
ROA not before: Mon 08 Jul 2024 19:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200260
IP address blocks: 193.242.222.0/24 maxlen: 24
2a13:75c1:100::/40 maxlen: 48
2a13:75c1:100::/44 maxlen: 48
2a13:75c1:110::/44 maxlen: 48
2a13:75c1:300::/40 maxlen: 48
2a13:75c1:500::/40 maxlen: 40
2a13:75c1:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:93:ce:13:1f:fc:76:44:bb:35:63:9a:8a:5b:0b:4c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Validity
Not Before: Jul 8 19:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abe3dbcf41dc892111c3386e5d88e832402957eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bb:33:ca:87:04:91:04:4a:38:fa:f5:cc:c2:
60:a1:15:c5:16:7b:5a:5c:3d:42:8f:8c:84:e9:8e:
1c:e0:2e:61:ef:14:c4:6f:22:ef:c1:7d:c3:a9:8a:
bd:db:3f:e5:b7:88:c1:e7:86:99:c0:23:c5:a1:37:
67:72:19:72:e5:08:95:2e:fc:a9:20:5c:b6:8b:db:
96:48:28:ec:24:16:04:cd:af:f0:fb:51:35:1a:c2:
62:d7:40:89:4f:63:75:af:fb:bf:21:46:fe:e3:ae:
a3:a0:69:e7:8c:c6:bb:0e:2a:e6:90:48:c6:68:9f:
f0:ae:4c:92:85:3f:6d:ef:53:79:78:a0:a4:e6:68:
39:11:a0:d5:15:0d:e4:ba:bd:5c:62:a9:8e:36:91:
19:75:19:31:5b:19:8e:b7:f5:dd:ab:7b:ca:fe:f8:
39:82:44:26:b9:f3:54:3d:4c:13:e1:ab:da:03:b9:
9d:50:3d:49:ff:e3:49:dd:92:3a:02:e9:6b:ae:61:
41:ef:02:e7:80:3d:e6:66:7e:ec:4b:0d:6d:72:6f:
a7:e3:8a:50:d8:ef:77:fe:61:bb:e2:a6:36:b7:79:
3e:fe:f5:b2:c8:48:cb:dd:11:f9:77:c9:e7:b5:05:
95:68:8a:4b:78:7f:a6:35:7a:47:0b:6e:5b:bc:f8:
5c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E3:DB:CF:41:DC:89:21:11:C3:38:6E:5D:88:E8:32:40:29:57:EB
X509v3 Authority Key Identifier:
keyid:A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/q-Pbz0HciSERwzhuXYjoMkApV-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.222.0/24
IPv6:
2a13:75c1:100::/40
2a13:75c1:300::/40
2a13:75c1:500::/40
2a13:75c1:2000::/36
Signature Algorithm: sha256WithRSAEncryption
49:30:f0:e2:b1:5f:31:48:f7:a9:e8:d2:c8:fd:a0:ea:3c:c6:
24:03:f8:84:f1:86:61:c6:a6:37:d2:5a:85:0f:e9:92:b2:fd:
14:cd:85:bf:da:3c:41:44:a6:cc:77:31:d9:b7:36:d8:f1:b5:
4a:a9:d6:23:26:dc:71:13:45:67:f7:b9:22:da:9c:31:88:01:
ab:cf:54:92:ed:71:3d:9f:aa:89:4a:23:0b:1c:a5:66:41:e3:
6f:80:f6:e0:8c:00:b1:99:61:c6:cc:a2:eb:65:a8:13:95:e0:
cc:18:09:0b:48:64:dc:c3:e4:2a:24:80:d8:5e:12:5f:dc:78:
ba:8d:48:de:bd:97:5b:01:fd:9a:9b:ea:cf:54:7e:bc:3c:fe:
05:34:18:eb:11:c3:1a:a0:8c:b6:16:0f:03:a3:db:88:ac:61:
80:66:16:e4:5a:94:84:c9:c8:e3:04:62:46:b5:4c:66:77:ee:
22:8f:6f:89:2c:19:2a:ef:b4:43:29:34:3c:26:01:36:4b:03:
34:9b:da:6f:df:6b:35:97:a7:f6:1d:3d:82:91:0c:ef:5f:36:
fa:28:e6:28:8b:49:90:5d:64:c1:b0:c6:fa:5c:ad:e7:f2:02:
0a:92:0b:b1:0f:81:10:82:2a:5b:ea:cf:60:ba:a7:21:21:48:
c1:3c:9f:4e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZCTzhMf/HZEuzVjmopbC0zSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTIzN2MzOWEzMjVhYTMwOWI2OWU2NmZlMDkyMzdkYTFh
ZDBkMmIwHhcNMjQwNzA4MTkyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmUzZGJjZjQxZGM4OTIxMTFjMzM4NmU1ZDg4ZTgzMjQwMjk1N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrszyocEkQRKOPr1zMJgoRXFFnta
XD1Cj4yE6Y4c4C5h7xTEbyLvwX3DqYq92z/lt4jB54aZwCPFoTdnchly5QiVLvyp
IFy2i9uWSCjsJBYEza/w+1E1GsJi10CJT2N1r/u/IUb+466joGnnjMa7DirmkEjG
aJ/wrkyShT9t71N5eKCk5mg5EaDVFQ3kur1cYqmONpEZdRkxWxmOt/Xdq3vK/vg5
gkQmufNUPUwT4avaA7mdUD1J/+NJ3ZI6AulrrmFB7wLngD3mZn7sSw1tcm+n44pQ
2O93/mG74qY2t3k+/vWyyEjL3RH5d8nntQWVaIpLeH+mNXpHC25bvPhc+QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKvj289B3IkhEcM4bl2I6DJAKVfrMB8GA1UdIwQY
MBaAFKFSN8OaMlqjCbaeZv4JI32hrQ0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQt
NGM5MTBhZTM3MzVkLzEvcS1QYnowSGNpU0VSd3podVhZam9Na0FwVi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQtNGM5MTBhZTM3MzVk
LzEvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQAwfLeMCYE
AgACMCADBgAqE3XBAQMGACoTdcEDAwYAKhN1wQUDBgQqE3XBIDANBgkqhkiG9w0B
AQsFAAOCAQEASTDw4rFfMUj3qejSyP2g6jzGJAP4hPGGYcamN9JahQ/pkrL9FM2F
v9o8QUSmzHcx2bc22PG1SqnWIybccRNFZ/e5ItqcMYgBq89Uku1xPZ+qiUojCxyl
ZkHjb4D24IwAsZlhxsyi62WoE5XgzBgJC0hk3MPkKiSA2F4SX9x4uo1I3r2XWwH9
mpvqz1R+vDz+BTQY6xHDGqCMthYPA6PbiKxhgGYW5FqUhMnI4wRiRrVMZnfuIo9v
iSwZKu+0Qyk0PCYBNksDNJvab99rNZen9h09gpEM7182+ijmKItJkF1kwbDG+lyt
5/ICCpILsQ+BEIIqW+rPYLqnISFIwTyfTg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:14:39 2024 by rpki-client on console-ams.rpki-client.org