Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/qsyxCvo3ntBQFv_S4a1sizGHsM0.roa
File: qsyxCvo3ntBQFv_S4a1sizGHsM0.roa (raw, json)
Hash identifier: 02WrPMGEy5BFj1aJfAmRIwE2mBS5y9YD3iykOfhzGSs=
Subject key identifier: AA:CC:B1:0A:FA:37:9E:D0:50:16:FF:D2:E1:AD:6C:8B:31:87:B0:CD
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348AB13A8B65C9CFD377D83A1AEF400
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/qsyxCvo3ntBQFv_S4a1sizGHsM0.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197177
IP address blocks: 94.240.20.0/24 maxlen: 24
94.240.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ab:13:a8:b6:5c:9c:fd:37:7d:83:a1:ae:f4:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaccb10afa379ed05016ffd2e1ad6c8b3187b0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:f7:64:ed:36:48:c0:fd:85:a7:76:71:8f:
3f:fe:4e:ce:64:35:22:d4:e7:f2:f6:32:8e:86:01:
56:9b:d4:cc:6e:f2:98:0f:46:46:09:4d:c8:72:9e:
04:bc:d8:f9:36:0d:bf:33:a1:d8:90:88:fc:6c:7f:
b1:88:d8:b6:7d:e1:d0:94:9a:01:dc:17:56:05:c9:
ce:2e:b5:f6:74:2d:ac:e5:67:55:34:0e:94:a0:c7:
57:a3:04:87:33:4d:bf:34:92:f5:ab:70:af:e3:b1:
25:40:29:23:43:9d:cf:95:12:a4:bc:96:94:43:9c:
32:c6:c5:83:59:fb:7a:9e:9b:07:26:40:69:d9:cd:
e0:20:07:cf:2a:19:59:f3:8a:5e:c7:3f:31:08:a0:
c8:dc:1a:17:42:bf:da:69:04:a0:88:20:da:22:3a:
12:cd:28:02:ff:fc:3a:d0:4c:d0:fd:d5:8b:e9:28:
99:8c:1c:7e:27:e9:6a:ae:90:7e:37:fa:8d:56:81:
f3:fe:ae:2e:24:a9:9b:3f:a0:e5:fa:84:46:42:df:
67:85:a4:a8:66:2a:cf:df:97:1e:23:4c:94:fe:09:
2c:70:da:d4:f4:27:87:2f:ed:fa:47:35:8e:d5:0a:
2e:dd:cc:9b:68:e9:49:fb:96:b5:f6:74:5f:17:b8:
cf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CC:B1:0A:FA:37:9E:D0:50:16:FF:D2:E1:AD:6C:8B:31:87:B0:CD
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/qsyxCvo3ntBQFv_S4a1sizGHsM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.20.0/24
94.240.39.0/24
Signature Algorithm: sha256WithRSAEncryption
51:0f:e5:97:09:9b:3e:2d:8d:a8:26:13:ed:7f:31:4d:3b:fd:
57:23:4b:03:63:38:31:ba:b9:3f:15:07:8a:3a:4a:b4:5a:14:
64:10:e3:07:00:6c:95:52:2a:e9:f8:3f:1c:64:a4:8a:1c:72:
d0:7c:76:e6:80:55:62:d1:ae:5b:8f:c4:bc:98:9e:69:d0:ab:
02:e6:21:c5:e0:1c:a4:1f:25:81:d6:4c:d1:2b:7f:95:82:b7:
bf:d6:b6:8c:b7:54:5c:7d:11:0b:e0:0a:06:51:59:ca:3f:03:
6c:6a:5a:ad:dd:7d:b0:aa:c1:29:61:96:91:64:0a:a6:cb:c1:
9f:1a:f9:7c:53:b7:df:64:00:34:25:77:44:20:e9:e1:b5:69:
18:22:54:0b:80:2b:3c:0f:aa:93:a6:86:17:67:f8:84:0c:e0:
c4:34:3c:03:de:56:0f:89:0a:05:0c:66:bf:df:04:39:8c:97:
5e:e1:e1:0a:5e:84:8a:c4:7a:78:3b:a6:f3:64:00:ff:2b:5b:
d4:30:0d:97:fb:a2:4b:4e:c9:0e:88:8f:ce:b8:4c:03:b8:e7:
51:47:43:5c:98:9e:06:97:e4:9c:26:1c:91:ab:f6:c1:89:92:
25:01:c9:96:97:56:49:e3:84:59:78:9a:e2:e8:ff:ac:46:8f:
24:cd:ad:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSKsTqLZcnP03fYOhrvQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNjYjEwYWZhMzc5ZWQwNTAxNmZmZDJlMWFkNmM4YjMxODdiMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gf3ZO02SMD9had2cY8//k7OZDUi
1Ofy9jKOhgFWm9TMbvKYD0ZGCU3Icp4EvNj5Ng2/M6HYkIj8bH+xiNi2feHQlJoB
3BdWBcnOLrX2dC2s5WdVNA6UoMdXowSHM02/NJL1q3Cv47ElQCkjQ53PlRKkvJaU
Q5wyxsWDWft6npsHJkBp2c3gIAfPKhlZ84pexz8xCKDI3BoXQr/aaQSgiCDaIjoS
zSgC//w60EzQ/dWL6SiZjBx+J+lqrpB+N/qNVoHz/q4uJKmbP6Dl+oRGQt9nhaSo
ZirP35ceI0yU/gkscNrU9CeHL+36RzWO1Qou3cybaOlJ+5a19nRfF7jPNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKrMsQr6N57QUBb/0uGtbIsxh7DNMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvcXN5eEN2bzNudEJRRnZfUzRhMXNpekdIc00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXvAUAwQA
XvAnMA0GCSqGSIb3DQEBCwUAA4IBAQBRD+WXCZs+LY2oJhPtfzFNO/1XI0sDYzgx
urk/FQeKOkq0WhRkEOMHAGyVUirp+D8cZKSKHHLQfHbmgFVi0a5bj8S8mJ5p0KsC
5iHF4BykHyWB1kzRK3+Vgre/1raMt1RcfREL4AoGUVnKPwNsalqt3X2wqsEpYZaR
ZAqmy8GfGvl8U7ffZAA0JXdEIOnhtWkYIlQLgCs8D6qTpoYXZ/iEDODENDwD3lYP
iQoFDGa/3wQ5jJde4eEKXoSKxHp4O6bzZAD/K1vUMA2X+6JLTskOiI/OuEwDuOdR
R0NcmJ4Gl+ScJhyRq/bBiZIlAcmWl1ZJ44RZeJri6P+sRo8kza1l
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:44:29 2024 by rpki-client on console-ams.rpki-client.org