Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/yqvMTbAv6kOrHy_QXlWuPOwgTnU.roa
File: yqvMTbAv6kOrHy_QXlWuPOwgTnU.roa (raw, json)
Hash identifier: 9gia3XJZ2yUkNHvEF8q3U+zS6AxuvtiMywVjSZE1gMw=
Subject key identifier: CA:AB:CC:4D:B0:2F:EA:43:AB:1F:2F:D0:5E:55:AE:3C:EC:20:4E:75
Certificate issuer: /CN=9f822437f49ed53886689022afddda59f79f8a71
Certificate serial: 0191D63714669FD4A2021AE96F7B53F1DF50
Authority key identifier: 9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/yqvMTbAv6kOrHy_QXlWuPOwgTnU.roa
Signing time: Mon 09 Sep 2024 09:56:59 +0000
ROA not before: Mon 09 Sep 2024 09:56:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35819
IP address blocks: 89.40.26.0/24 maxlen: 24
149.126.14.0/24 maxlen: 24
149.126.15.0/24 maxlen: 24
185.133.180.0/24 maxlen: 24
185.133.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/n4IkN_Se1TiGaJAir93aWfefinE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/n4IkN_Se1TiGaJAir93aWfefinE.mft
rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:37:14:66:9f:d4:a2:02:1a:e9:6f:7b:53:f1:df:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f822437f49ed53886689022afddda59f79f8a71
Validity
Not Before: Sep 9 09:56:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caabcc4db02fea43ab1f2fd05e55ae3cec204e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c0:7a:fd:7f:d4:89:fd:24:3c:61:14:a9:3e:
23:cb:ef:a8:fc:c7:cd:f5:b8:f4:49:e9:ff:3f:70:
7a:ac:67:dd:07:bd:f1:1d:78:58:4a:55:57:e6:01:
e6:40:85:87:a0:24:00:fa:98:29:0c:16:38:de:56:
33:3a:d2:90:7c:23:d5:47:18:f2:6e:3e:9a:27:84:
ec:8b:b6:fe:aa:4f:97:ea:96:cd:d8:98:0c:13:92:
26:6a:97:c8:b4:03:51:df:fb:f1:6b:b3:43:33:0f:
82:9e:2a:37:92:3d:47:d2:8d:03:09:ad:e0:0b:3a:
4b:f6:f8:81:c9:36:a2:64:af:47:0a:5b:31:82:b3:
2d:93:71:73:1a:ec:fc:0a:31:c0:19:ff:9a:13:2b:
e0:46:94:25:8d:cd:9a:30:b1:6d:be:5a:27:39:a3:
c3:35:97:24:e0:9f:31:6b:fc:16:d0:cb:5f:f9:e1:
c7:03:8d:7a:f2:61:0e:d1:a7:be:85:2a:66:0c:bd:
10:31:c5:c1:82:ae:d9:32:e7:2b:3a:5c:da:3b:3e:
c7:05:d1:0b:1c:14:e3:cb:5b:58:25:c4:44:e7:bb:
9f:37:14:e1:5f:f9:e4:dc:79:4e:20:3b:0e:4f:42:
3e:38:28:43:b0:44:39:69:c1:0f:fa:6c:88:51:ab:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AB:CC:4D:B0:2F:EA:43:AB:1F:2F:D0:5E:55:AE:3C:EC:20:4E:75
X509v3 Authority Key Identifier:
keyid:9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/yqvMTbAv6kOrHy_QXlWuPOwgTnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/n4IkN_Se1TiGaJAir93aWfefinE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.26.0/24
149.126.14.0/23
185.133.180.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:83:0b:73:e8:19:66:b6:f5:e3:92:ee:2b:bb:90:dd:5b:7a:
26:a9:61:d0:d2:5e:6d:ad:1d:75:26:8c:b4:35:02:f9:34:05:
f6:53:fd:23:9b:4e:b9:33:55:39:a0:19:c2:e4:f6:d3:5b:ec:
4a:84:bf:24:79:d5:eb:d3:7e:06:91:d1:d3:3b:27:b5:52:ed:
c4:59:54:b9:4e:4d:f3:37:08:09:97:6e:96:46:d0:0d:f5:56:
bb:d0:23:97:c2:02:65:90:5f:06:56:b4:3f:fd:1f:f8:6c:a6:
c7:b7:3c:c6:65:21:95:e1:e8:08:61:d2:3a:e3:b5:13:7d:7f:
f1:00:dd:b8:42:b7:ec:0c:3b:5f:38:c8:23:1f:5f:69:55:04:
f9:5b:cb:03:78:55:9a:a5:0e:25:77:cd:9d:fc:cc:bd:18:97:
16:98:6c:90:9a:2e:c9:47:80:ea:1f:d1:cb:6b:1b:21:fc:35:
98:8e:91:97:04:7b:f7:aa:3a:8d:0f:4b:8c:5d:54:b2:15:a6:
96:04:f9:12:f9:6c:f3:9c:a6:06:4b:bd:12:50:06:c7:b9:38:
4b:a7:80:78:85:eb:b9:b7:a0:d1:64:a1:c4:c0:42:81:82:2e:
07:61:bd:d9:1f:21:5a:d6:d3:19:fc:04:65:03:a5:eb:d3:87:
9b:cc:5b:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHWNxRmn9SiAhrpb3tT8d9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODIyNDM3ZjQ5ZWQ1Mzg4NjY4OTAyMmFmZGRkYTU5Zjc5
ZjhhNzEwHhcNMjQwOTA5MDk1NjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFiY2M0ZGIwMmZlYTQzYWIxZjJmZDA1ZTU1YWUzY2VjMjA0ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cB6/X/Uif0kPGEUqT4jy++o/MfN
9bj0Sen/P3B6rGfdB73xHXhYSlVX5gHmQIWHoCQA+pgpDBY43lYzOtKQfCPVRxjy
bj6aJ4Tsi7b+qk+X6pbN2JgME5ImapfItANR3/vxa7NDMw+Cnio3kj1H0o0DCa3g
CzpL9viByTaiZK9HClsxgrMtk3FzGuz8CjHAGf+aEyvgRpQljc2aMLFtvlonOaPD
NZck4J8xa/wW0Mtf+eHHA4168mEO0ae+hSpmDL0QMcXBgq7ZMucrOlzaOz7HBdEL
HBTjy1tYJcRE57ufNxThX/nk3HlOIDsOT0I+OChDsEQ5acEP+myIUauE5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMqrzE2wL+pDqx8v0F5VrjzsIE51MB8GA1UdIwQY
MBaAFJ+CJDf0ntU4hmiQIq/d2ln3n4pxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWIt
MTRlYzQxZDRjMGE2LzEveXF2TVRiQXY2a09ySHlfUVhsV3VQT3dnVG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWItMTRlYzQxZDRjMGE2
LzEvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSgaAwQB
lX4OAwQBuYW0MA0GCSqGSIb3DQEBCwUAA4IBAQAegwtz6BlmtvXjku4ru5DdW3om
qWHQ0l5trR11Joy0NQL5NAX2U/0jm065M1U5oBnC5PbTW+xKhL8kedXr034GkdHT
Oye1Uu3EWVS5Tk3zNwgJl26WRtAN9Va70COXwgJlkF8GVrQ//R/4bKbHtzzGZSGV
4egIYdI647UTfX/xAN24QrfsDDtfOMgjH19pVQT5W8sDeFWapQ4ld82d/My9GJcW
mGyQmi7JR4DqH9HLaxsh/DWYjpGXBHv3qjqND0uMXVSyFaaWBPkS+WzznKYGS70S
UAbHuThLp4B4heu5t6DRZKHEwEKBgi4HYb3ZHyFa1tMZ/ARlA6Xr04ebzFsl
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:46 2024 by rpki-client on console-fra.rpki-client.org