Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/pqnm-fMHg1pFxOSMVPzdArToBX0.roa
File: pqnm-fMHg1pFxOSMVPzdArToBX0.roa (raw, json)
Hash identifier: ojCRDo5geRu0a+QLGXZLHaG9XC+tqN6ZXcmTyv64M74=
Subject key identifier: A6:A9:E6:F9:F3:07:83:5A:45:C4:E4:8C:54:FC:DD:02:B4:E8:05:7D
Certificate issuer: /CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Certificate serial: 018CC8DF3F0159D8F82B2149FAB84142BA8C
Authority key identifier: DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/pqnm-fMHg1pFxOSMVPzdArToBX0.roa
Signing time: Tue 02 Jan 2024 06:32:03 +0000
ROA not before: Tue 02 Jan 2024 06:32:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43070
IP address blocks: 89.187.192.0/22 maxlen: 22
89.187.196.0/23 maxlen: 23
77.95.40.0/21 maxlen: 21
185.45.136.0/22 maxlen: 22
2a02:910::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3f:01:59:d8:f8:2b:21:49:fa:b8:41:42:ba:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de9572fcbd665f72e00e5ffdb8db802d1cbec894
Validity
Not Before: Jan 2 06:32:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6a9e6f9f307835a45c4e48c54fcdd02b4e8057d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:6b:8f:5d:55:8e:f7:7f:e1:ee:fc:fb:d5:0a:
93:4f:82:bd:30:68:4f:fc:30:9a:1c:a4:61:c5:9a:
45:53:aa:50:af:00:e7:43:36:67:b6:4f:3a:45:bc:
d9:79:0e:cb:0e:6b:c1:a6:9a:ea:6a:74:d9:98:b1:
73:2c:87:af:f2:50:15:05:e1:77:f4:26:b3:f9:89:
d6:ac:5f:5d:6b:3e:81:18:0b:89:d6:89:40:76:1f:
d4:cb:f1:e1:9a:6c:91:be:6f:90:d5:cc:2f:02:94:
4b:6d:80:87:77:e3:e6:da:04:9f:68:f5:ee:94:dd:
f3:12:d5:9b:80:6d:36:fd:a3:85:93:b4:a5:1d:db:
a4:da:76:b2:ce:81:00:1f:fc:3d:26:20:31:3e:0e:
ff:2e:5e:d0:66:5c:c7:49:7b:ed:ec:a5:4a:8c:15:
78:04:be:3f:c7:5f:19:fd:4c:ee:45:4e:b4:5f:a4:
a9:75:c3:53:12:a6:51:63:49:22:1f:c6:db:15:5a:
fc:9e:1c:0d:6a:13:a3:2a:2c:de:1b:a1:0a:8d:4f:
25:2c:9b:bb:9a:9a:32:fe:bc:05:36:62:ee:42:90:
1c:ee:8a:f8:11:77:99:99:37:6e:e4:5e:6b:aa:5e:
a5:fa:e0:e0:50:49:24:2f:42:7e:09:b8:d4:45:8c:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A9:E6:F9:F3:07:83:5A:45:C4:E4:8C:54:FC:DD:02:B4:E8:05:7D
X509v3 Authority Key Identifier:
keyid:DE:95:72:FC:BD:66:5F:72:E0:0E:5F:FD:B8:DB:80:2D:1C:BE:C8:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pVy_L1mX3LgDl_9uNuALRy-yJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/pqnm-fMHg1pFxOSMVPzdArToBX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/792200-2da0-41bf-8587-a92934cb1de8/1/3pVy_L1mX3LgDl_9uNuALRy-yJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.40.0/21
89.187.192.0-89.187.197.255
185.45.136.0/22
IPv6:
2a02:910::/32
Signature Algorithm: sha256WithRSAEncryption
6a:d1:fd:93:d7:c9:b6:c2:50:b3:90:1d:f4:b1:eb:e7:4c:ad:
8e:c7:f9:08:39:33:72:c0:2e:2f:d2:65:67:9c:7a:2f:0c:54:
d9:2d:85:aa:14:a8:0a:be:96:ff:d8:8a:db:a5:cd:3b:18:98:
f0:b5:44:79:0d:4b:0d:00:9e:e0:d9:56:f7:ca:d7:07:de:bf:
05:14:66:a0:fe:2c:79:b5:5a:1a:50:d9:ab:bd:44:54:05:76:
3f:56:a5:ab:03:a1:e5:18:db:c8:07:5a:fd:99:0e:11:b4:73:
ba:c4:63:b3:31:4b:af:bd:db:b9:4c:e9:df:55:93:31:78:63:
93:67:c9:ca:b3:e2:eb:2a:2d:53:01:a7:7a:99:bd:f8:2d:b0:
47:3f:0d:6b:8e:6e:7a:e9:0b:01:39:41:a6:71:5f:c7:45:6a:
33:b0:52:2c:76:9e:3c:54:e8:2e:1c:ee:a4:57:b0:4d:c5:09:
f6:4f:22:f3:03:a8:e6:af:c0:2e:3d:b1:5e:5d:b3:77:c4:95:
e9:94:64:32:4e:8e:63:39:9f:b6:9e:e2:e8:90:56:b7:79:71:
b7:e2:6e:97:2f:99:bd:4b:34:26:61:65:5d:70:00:2d:53:e4:
25:91:8d:29:c4:c4:89:74:38:85:9d:b7:3e:e2:19:01:d8:36:
f6:85:96:9d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI3z8BWdj4KyFJ+rhBQrqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTU3MmZjYmQ2NjVmNzJlMDBlNWZmZGI4ZGI4MDJkMWNi
ZWM4OTQwHhcNMjQwMTAyMDYzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE5ZTZmOWYzMDc4MzVhNDVjNGU0OGM1NGZjZGQwMmI0ZTgwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72uPXVWO93/h7vz71QqTT4K9MGhP
/DCaHKRhxZpFU6pQrwDnQzZntk86RbzZeQ7LDmvBpprqanTZmLFzLIev8lAVBeF3
9Caz+YnWrF9daz6BGAuJ1olAdh/Uy/HhmmyRvm+Q1cwvApRLbYCHd+Pm2gSfaPXu
lN3zEtWbgG02/aOFk7SlHduk2nayzoEAH/w9JiAxPg7/Ll7QZlzHSXvt7KVKjBV4
BL4/x18Z/UzuRU60X6SpdcNTEqZRY0kiH8bbFVr8nhwNahOjKizeG6EKjU8lLJu7
mpoy/rwFNmLuQpAc7or4EXeZmTdu5F5rql6l+uDgUEkkL0J+CbjURYx/TwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKap5vnzB4NaRcTkjFT83QK06AV9MB8GA1UdIwQY
MBaAFN6Vcvy9Zl9y4A5f/bjbgC0cvsiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODct
YTkyOTM0Y2IxZGU4LzEvcHFubS1mTUhnMXBGeE9TTVZQemRBclRvQlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83OTIyMDAtMmRhMC00MWJmLTg1ODctYTkyOTM0Y2IxZGU4
LzEvM3BWeV9MMW1YM0xnRGxfOXVOdUFMUnkteUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDTV8oMAwD
BAZZu8ADBAFZu8QDBAK5LYgwDQQCAAIwBwMFACoCCRAwDQYJKoZIhvcNAQELBQAD
ggEBAGrR/ZPXybbCULOQHfSx6+dMrY7H+Qg5M3LALi/SZWecei8MVNkthaoUqAq+
lv/YitulzTsYmPC1RHkNSw0AnuDZVvfK1wfevwUUZqD+LHm1WhpQ2au9RFQFdj9W
pasDoeUY28gHWv2ZDhG0c7rEY7MxS6+927lM6d9VkzF4Y5Nnycqz4usqLVMBp3qZ
vfgtsEc/DWuObnrpCwE5QaZxX8dFajOwUix2njxU6C4c7qRXsE3FCfZPIvMDqOav
wC49sV5ds3fElemUZDJOjmM5n7ae4uiQVrd5cbfibpcvmb1LNCZhZV1wAC1T5CWR
jSnExIl0OIWdtz7iGQHYNvaFlp0=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:11 2024 by rpki-client on console-fra.rpki-client.org