Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rQe9spaHDpNkSoyKFv5FWNeCy6Q.roa
File: rQe9spaHDpNkSoyKFv5FWNeCy6Q.roa (raw, json)
Hash identifier: pqBigkpO03OeqB7ur0nsorfYSIA8p5F0ZfaQs1Ed+iM=
Subject key identifier: AD:07:BD:B2:96:87:0E:93:64:4A:8C:8A:16:FE:45:58:D7:82:CB:A4
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 01909815F570BA3FB07D61E0B54253490EE8
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rQe9spaHDpNkSoyKFv5FWNeCy6Q.roa
Signing time: Tue 09 Jul 2024 15:21:34 +0000
ROA not before: Tue 09 Jul 2024 15:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 31.14.65.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
46.102.180.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:15:f5:70:ba:3f:b0:7d:61:e0:b5:42:53:49:0e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jul 9 15:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad07bdb296870e93644a8c8a16fe4558d782cba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:85:ba:01:44:b4:b0:02:94:03:e3:2c:7b:
2c:4e:62:1b:8b:60:2b:91:56:8b:bb:87:46:b0:ee:
0b:24:2c:aa:eb:40:ef:e5:9a:69:59:f8:0a:59:57:
22:ca:f4:c2:7e:fb:69:ca:13:84:c5:f3:84:32:b2:
30:c3:b4:29:b7:ca:cc:12:c1:71:95:85:82:0e:49:
87:b5:e2:81:1a:ec:81:79:c5:a0:6a:1c:be:75:7f:
b6:80:57:90:29:a0:f7:ab:84:74:47:69:ce:c0:88:
de:d9:b9:94:3e:6d:10:f6:d0:52:f5:58:ea:4b:95:
fa:09:37:10:f1:d1:b3:a3:c5:6b:6f:0e:89:bc:60:
fa:7c:2b:ea:60:44:5b:b5:55:51:05:ca:bf:10:c0:
85:8b:3c:1c:77:1d:f4:f1:1d:b1:53:36:6d:5f:d0:
b8:87:75:8a:44:87:ae:53:45:44:cc:7b:b9:27:3c:
19:c4:4c:52:1a:33:b4:41:2f:e1:0e:c5:62:5b:a7:
a4:d8:cb:fc:52:de:29:bb:2f:b5:d2:44:4a:50:e1:
78:ef:15:1a:0c:9e:79:58:28:09:e7:5e:d1:f4:20:
57:15:4f:ce:27:8e:99:2f:00:63:45:98:5c:b4:98:
1d:09:9a:b6:8b:d1:a8:dc:16:0d:a6:24:66:5d:13:
a8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:07:BD:B2:96:87:0E:93:64:4A:8C:8A:16:FE:45:58:D7:82:CB:A4
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rQe9spaHDpNkSoyKFv5FWNeCy6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.65.0/24
46.102.179.0-46.102.180.255
86.104.0.0/23
86.104.212.0/24
Signature Algorithm: sha256WithRSAEncryption
71:34:a2:4d:7a:79:bb:62:11:b3:2e:40:17:5b:f4:a1:3a:25:
9b:3a:ef:68:e5:e5:88:4c:85:b7:d2:2c:bb:6d:e9:fc:40:65:
26:cd:11:58:22:c9:b6:40:59:44:68:6f:a8:4f:c8:2b:b4:63:
67:2a:b7:e4:8c:1d:5c:b9:2d:e8:cc:a0:74:ef:45:c6:e4:fd:
a4:45:f7:71:f3:5d:01:fe:df:11:d8:cf:14:bf:d5:ab:8a:05:
60:08:f3:58:1f:6f:25:3a:d1:42:87:d6:cb:b0:48:43:38:51:
b7:d3:fa:7d:48:87:f5:2e:5f:49:29:11:df:57:3d:ad:e3:18:
2c:57:13:92:30:59:6b:48:d3:5f:cb:81:72:e1:e3:cb:5d:02:
f9:ee:44:14:21:9f:01:f0:f3:78:6d:ad:b1:15:cd:e9:ab:35:
d4:03:4e:dd:a1:af:f2:c2:6b:51:bc:33:e8:50:be:56:bd:bd:
8f:ef:da:8c:60:a5:ba:3f:9d:eb:bd:38:89:d0:4a:e7:8c:51:
c7:20:13:f9:06:e0:ac:91:a2:65:80:64:0d:e3:55:da:10:51:
ba:5d:f3:b5:ef:4f:1c:f1:c9:27:5d:ef:75:1d:81:b1:1d:22:
23:dd:b1:fe:73:42:07:ad:cd:88:84:2c:53:82:3f:40:c3:3b:
e2:f4:40:7b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZCYFfVwuj+wfWHgtUJTSQ7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjQwNzA5MTUyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA3YmRiMjk2ODcwZTkzNjQ0YThjOGExNmZlNDU1OGQ3ODJjYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiGFugFEtLAClAPjLHssTmIbi2Ar
kVaLu4dGsO4LJCyq60Dv5ZppWfgKWVciyvTCfvtpyhOExfOEMrIww7Qpt8rMEsFx
lYWCDkmHteKBGuyBecWgahy+dX+2gFeQKaD3q4R0R2nOwIje2bmUPm0Q9tBS9Vjq
S5X6CTcQ8dGzo8Vrbw6JvGD6fCvqYERbtVVRBcq/EMCFizwcdx308R2xUzZtX9C4
h3WKRIeuU0VEzHu5JzwZxExSGjO0QS/hDsViW6ek2Mv8Ut4puy+10kRKUOF47xUa
DJ55WCgJ517R9CBXFU/OJ46ZLwBjRZhctJgdCZq2i9Go3BYNpiRmXROoOwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK0HvbKWhw6TZEqMihb+RVjXgsukMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvclFlOXNwYUhEcE5rU295S0Z2NUZXTmVDeTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHw5BMAwD
BAAuZrMDBAAuZrQDBAFWaAADBABWaNQwDQYJKoZIhvcNAQELBQADggEBAHE0ok16
ebtiEbMuQBdb9KE6JZs672jl5YhMhbfSLLtt6fxAZSbNEVgiybZAWURob6hPyCu0
Y2cqt+SMHVy5LejMoHTvRcbk/aRF93HzXQH+3xHYzxS/1auKBWAI81gfbyU60UKH
1suwSEM4UbfT+n1Ih/UuX0kpEd9XPa3jGCxXE5IwWWtI01/LgXLh48tdAvnuRBQh
nwHw83htrbEVzemrNdQDTt2hr/LCa1G8M+hQvla9vY/v2oxgpbo/neu9OInQSueM
UccgE/kG4KyRomWAZA3jVdoQUbpd87XvTxzxySdd73UdgbEdIiPdsf5zQgetzYiE
LFOCP0DDO+L0QHs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:04:51 2024 by rpki-client on console-ams.rpki-client.org