Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/QMo6Ma836o8tliGVMCOBow9A_wY.roa
File: QMo6Ma836o8tliGVMCOBow9A_wY.roa (raw, json)
Hash identifier: cZXy7gn98TG6p4GzW8QWO69HrkRWmpwFM/Ay5QjWonY=
Subject key identifier: 40:CA:3A:31:AF:37:EA:8F:2D:96:21:95:30:23:81:A3:0F:40:FF:06
Certificate issuer: /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial: 018CCA2B245FBC31E928F5491C6179880FFD
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/QMo6Ma836o8tliGVMCOBow9A_wY.roa
Signing time: Tue 02 Jan 2024 12:34:34 +0000
ROA not before: Tue 02 Jan 2024 12:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203596
IP address blocks: 193.108.216.0/24 maxlen: 24
193.109.1.0/24 maxlen: 24
193.109.2.0/24 maxlen: 24
193.109.0.0/24 maxlen: 24
193.109.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:24:5f:bc:31:e9:28:f5:49:1c:61:79:88:0f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Validity
Not Before: Jan 2 12:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ca3a31af37ea8f2d962195302381a30f40ff06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2f:5b:45:c6:eb:32:8e:09:30:ce:15:1f:a6:
87:14:9f:db:0e:61:f6:7a:eb:48:63:cb:12:50:54:
6e:a8:3c:e0:c3:e6:cb:a2:5e:d5:56:d2:c2:ba:21:
3a:93:4d:c5:64:68:e9:5a:1a:c0:97:9b:bc:01:95:
c6:6b:79:37:b2:75:29:a0:3e:30:cf:58:2a:e2:f7:
6d:74:e4:33:d3:1e:9a:60:d1:2a:d3:95:f0:da:fb:
e8:02:5a:60:55:cd:12:6b:76:d3:e7:53:d7:91:3b:
07:cb:c5:70:75:2a:3e:a1:d5:fb:9b:e4:10:d8:db:
c2:f0:2b:2a:10:3c:4d:55:44:85:ed:77:1c:27:ae:
1e:7e:8b:31:87:d5:5b:73:06:2d:33:d2:d8:3c:5e:
61:1e:43:59:a7:13:11:82:3e:1d:b3:14:6d:dd:e7:
0e:13:c3:aa:6a:69:f6:8d:76:ef:82:9e:c5:b1:e0:
d5:7d:23:e6:d3:b7:60:cc:73:e7:d8:b5:79:97:9e:
5a:f7:05:99:64:bc:e2:82:58:c6:b2:bc:e7:44:86:
35:82:85:4f:3f:2f:07:0a:d1:56:79:76:29:5d:a6:
0a:0e:44:8a:98:92:3b:c0:0f:bf:02:ea:7d:08:01:
83:b1:17:7d:53:fc:5f:8e:01:71:0d:70:7e:8c:af:
e6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CA:3A:31:AF:37:EA:8F:2D:96:21:95:30:23:81:A3:0F:40:FF:06
X509v3 Authority Key Identifier:
keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/QMo6Ma836o8tliGVMCOBow9A_wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.216.0/24
193.109.0.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:36:35:f8:23:c3:f3:aa:6b:3b:e1:27:9d:35:56:f7:9b:b5:
10:23:90:87:10:2a:ff:72:91:fe:44:58:23:60:a0:14:e0:6d:
16:52:e7:2c:e7:4c:2d:7d:94:5e:cd:e1:bd:ea:30:ee:f4:6e:
e2:30:c9:28:fb:5b:62:50:66:fb:29:89:19:35:5d:66:ed:69:
3e:8d:55:73:14:5d:b2:02:8a:e5:72:80:5d:25:3d:28:dd:af:
f8:c8:9e:8a:65:c9:de:3e:d7:7f:24:f6:c0:8d:fa:a7:86:76:
d3:cc:9f:5e:a3:f6:90:41:3b:fe:e6:86:dd:eb:84:34:79:47:
b8:29:80:a7:d5:c3:cf:f3:a1:21:37:27:49:9d:4e:e6:58:1a:
f9:ee:3f:f9:58:57:aa:68:98:bd:a8:9b:08:e2:25:02:88:e6:
0f:94:a2:4c:d9:2d:98:8b:2e:76:a7:8b:62:2b:b2:f1:3a:eb:
84:b5:8e:d2:99:67:ab:cd:86:31:d9:65:48:5d:ff:12:e4:e5:
67:e0:a1:a1:f5:f4:f1:3a:7b:73:4c:30:71:61:c3:7e:45:17:
e6:99:d1:2c:de:4d:0d:64:35:f7:89:2e:1e:a1:41:45:07:b3:
9f:cc:6d:d7:1a:cd:ba:e1:3e:a5:8a:0c:83:8b:ee:06:44:9e:
dd:a7:86:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKyRfvDHpKPVJHGF5iA/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Y2YzN2IzNjQ2ZmRhOTNjYmRkMGI4YWFjY2ZmZjMxM2E2
ZjcxOGYwHhcNMjQwMTAyMTIzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGNhM2EzMWFmMzdlYThmMmQ5NjIxOTUzMDIzODFhMzBmNDBmZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC9bRcbrMo4JMM4VH6aHFJ/bDmH2
eutIY8sSUFRuqDzgw+bLol7VVtLCuiE6k03FZGjpWhrAl5u8AZXGa3k3snUpoD4w
z1gq4vdtdOQz0x6aYNEq05Xw2vvoAlpgVc0Sa3bT51PXkTsHy8VwdSo+odX7m+QQ
2NvC8CsqEDxNVUSF7XccJ64efosxh9VbcwYtM9LYPF5hHkNZpxMRgj4dsxRt3ecO
E8Oqamn2jXbvgp7FseDVfSPm07dgzHPn2LV5l55a9wWZZLzigljGsrznRIY1goVP
Py8HCtFWeXYpXaYKDkSKmJI7wA+/Aup9CAGDsRd9U/xfjgFxDXB+jK/mgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDKOjGvN+qPLZYhlTAjgaMPQP8GMB8GA1UdIwQY
MBaAFEjPN7Nkb9qTy90LiqzP/zE6b3GPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQt
MTdlMzE1ODk1NGRhLzEvUU1vNk1hODM2bzh0bGlHVk1DT0JvdzlBX3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMGQ1OTMtNzIzZi00OTYzLTkwMWQtMTdlMzE1ODk1NGRh
LzEvU004M3MyUnYycFBMM1F1S3JNX19NVHB2Y1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwWzYAwQC
wW0AMA0GCSqGSIb3DQEBCwUAA4IBAQCeNjX4I8Pzqms74SedNVb3m7UQI5CHECr/
cpH+RFgjYKAU4G0WUucs50wtfZRezeG96jDu9G7iMMko+1tiUGb7KYkZNV1m7Wk+
jVVzFF2yAorlcoBdJT0o3a/4yJ6KZcnePtd/JPbAjfqnhnbTzJ9eo/aQQTv+5obd
64Q0eUe4KYCn1cPP86EhNydJnU7mWBr57j/5WFeqaJi9qJsI4iUCiOYPlKJM2S2Y
iy52p4tiK7LxOuuEtY7SmWerzYYx2WVIXf8S5OVn4KGh9fTxOntzTDBxYcN+RRfm
mdEs3k0NZDX3iS4eoUFFB7OfzG3XGs264T6ligyDi+4GRJ7dp4bo
-----END CERTIFICATE-----
Generated at Tue Jul 2 22:13:33 2024 by rpki-client on console-fra.rpki-client.org