Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/qWVliVVBTgtWvR6S995EryD8mZI.roa
File: qWVliVVBTgtWvR6S995EryD8mZI.roa (raw, json)
Hash identifier: WX531gkMKeUHO0QFAvHR0PWkW+9FO+3+cojlfjhIlRQ=
Subject key identifier: A9:65:65:89:55:41:4E:0B:56:BD:1E:92:F7:DE:44:AF:20:FC:99:92
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 018CC64AE175887D94272FDD4637579D006C
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/qWVliVVBTgtWvR6S995EryD8mZI.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42346
IP address blocks: 83.137.24.0/21 maxlen: 21
185.93.216.0/22 maxlen: 22
194.63.148.0/22 maxlen: 22
109.106.32.0/21 maxlen: 21
109.106.40.0/22 maxlen: 22
185.127.172.0/22 maxlen: 22
195.60.192.0/22 maxlen: 22
212.120.32.0/19 maxlen: 24
213.213.160.0/19 maxlen: 19
2a02:ab0::/29 maxlen: 29
2a00:5480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e1:75:88:7d:94:27:2f:dd:46:37:57:9d:00:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a965658955414e0b56bd1e92f7de44af20fc9992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:be:b6:c8:5b:7c:f7:f1:d8:60:d3:3f:5e:2a:
cc:8f:b3:62:03:c8:8e:9f:f6:66:11:ac:da:60:7b:
c0:f0:aa:62:0b:03:22:6c:59:d5:83:9d:a8:e5:12:
49:a6:7e:7d:31:03:71:39:23:16:6d:c5:1b:48:64:
48:78:59:a8:fd:e0:f3:01:17:e6:5e:22:f2:9f:16:
da:9a:af:1f:26:9e:f8:76:17:fd:1a:fe:f4:06:79:
c3:18:55:f4:d4:23:db:13:6a:e6:de:3d:4a:fe:c6:
61:53:a7:8a:b8:6a:85:69:de:d7:7e:8f:62:f0:ae:
0a:9a:a8:30:d7:b7:e1:6c:4f:c7:de:30:4c:e6:a0:
9b:bb:cb:9b:96:68:a1:18:2d:a1:9c:49:73:30:1f:
90:9a:6a:34:98:85:b0:3d:a7:55:f9:63:3e:6c:30:
e2:cd:cf:31:9e:8d:e5:71:4f:95:80:29:e2:9c:8c:
60:2c:06:1f:18:67:e6:e6:41:09:ae:54:cf:8c:28:
06:ce:41:e0:32:06:3f:56:0f:ac:5f:39:05:c8:5a:
d5:41:f0:2b:1a:18:5b:77:f6:df:24:56:18:38:ec:
0b:1a:25:b3:a2:75:80:2d:f8:7d:19:ae:87:dc:52:
22:cc:a1:af:15:4d:5e:4a:65:6a:e8:b3:85:f0:8a:
db:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:65:65:89:55:41:4E:0B:56:BD:1E:92:F7:DE:44:AF:20:FC:99:92
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/qWVliVVBTgtWvR6S995EryD8mZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.24.0/21
109.106.32.0-109.106.43.255
185.93.216.0/22
185.127.172.0/22
194.63.148.0/22
195.60.192.0/22
212.120.32.0/19
213.213.160.0/19
IPv6:
2a00:5480::/29
2a02:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
47:ba:55:9a:26:ec:00:0c:42:06:8c:c6:ec:16:65:6f:08:6f:
70:af:10:0c:8e:11:3b:17:da:74:71:2f:2d:6e:27:ad:85:99:
e5:15:40:51:70:08:90:3c:2d:fa:0f:65:e8:f1:8e:17:a8:27:
b8:24:d4:97:e6:d2:ab:5c:f6:de:50:03:c7:26:98:25:43:d2:
1c:2c:7c:34:5c:14:0d:99:4a:e1:a0:09:77:d2:f7:a5:0c:f4:
92:4f:3d:b5:5a:d5:f6:fe:86:ca:95:9e:a9:b5:06:21:c2:d9:
0e:09:ac:02:d0:8a:c5:9b:90:f5:de:c1:d8:4a:d6:92:e4:e1:
08:1b:38:e3:87:fe:3d:18:2c:ae:b0:ca:99:70:d3:e9:dc:52:
fb:20:f9:fb:be:3b:3d:f9:74:35:e2:34:d5:f3:48:a0:20:b6:
05:13:50:77:76:a0:7d:0c:0d:7b:74:74:cd:19:36:85:f4:6d:
79:37:39:62:08:84:69:68:24:78:2c:32:62:1e:b8:fd:11:58:
43:8a:36:5f:05:5f:8f:f7:fe:69:03:af:c0:36:6e:6d:1a:1b:
2b:df:c0:ea:b3:df:74:53:16:88:fc:a4:aa:c0:b6:72:60:b4:
73:98:2b:a9:8b:b1:7c:0a:65:30:85:46:81:75:e1:95:2a:a4:
5b:65:79:aa
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzGSuF1iH2UJy/dRjdXnQBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTY1NjU4OTU1NDE0ZTBiNTZiZDFlOTJmN2RlNDRhZjIwZmM5OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw762yFt89/HYYNM/XirMj7NiA8iO
n/ZmEazaYHvA8KpiCwMibFnVg52o5RJJpn59MQNxOSMWbcUbSGRIeFmo/eDzARfm
XiLynxbamq8fJp74dhf9Gv70BnnDGFX01CPbE2rm3j1K/sZhU6eKuGqFad7Xfo9i
8K4Kmqgw17fhbE/H3jBM5qCbu8ublmihGC2hnElzMB+Qmmo0mIWwPadV+WM+bDDi
zc8xno3lcU+VgCninIxgLAYfGGfm5kEJrlTPjCgGzkHgMgY/Vg+sXzkFyFrVQfAr
Ghhbd/bfJFYYOOwLGiWzonWALfh9Ga6H3FIizKGvFU1eSmVq6LOF8IrbGQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKllZYlVQU4LVr0ekvfeRK8g/JmSMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvcVdWbGlWVkJUZ3RXdlI2Uzk5NUVyeUQ4bVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDU4kYMAwD
BAVtaiADBAJtaigDBAK5XdgDBAK5f6wDBALCP5QDBALDPMADBAXUeCADBAXV1aAw
FAQCAAIwDgMFAyoAVIADBQMqAgqwMA0GCSqGSIb3DQEBCwUAA4IBAQBHulWaJuwA
DEIGjMbsFmVvCG9wrxAMjhE7F9p0cS8tbiethZnlFUBRcAiQPC36D2Xo8Y4XqCe4
JNSX5tKrXPbeUAPHJpglQ9IcLHw0XBQNmUrhoAl30velDPSSTz21WtX2/obKlZ6p
tQYhwtkOCawC0IrFm5D13sHYStaS5OEIGzjjh/49GCyusMqZcNPp3FL7IPn7vjs9
+XQ14jTV80igILYFE1B3dqB9DA17dHTNGTaF9G15NzliCIRpaCR4LDJiHrj9EVhD
ijZfBV+P9/5pA6/ANm5tGhsr38Dqs990UxaI/KSqwLZyYLRzmCupi7F8CmUwhUaB
deGVKqRbZXmq
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:45:38 2024 by rpki-client on console-ams.rpki-client.org