Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/DqmERg2adrkgvtGOjIVT6-qaPXM.roa
File: DqmERg2adrkgvtGOjIVT6-qaPXM.roa (raw, json)
Hash identifier: OjQ5SIF7lrPkqgF/vgcWOVnsdJ7DLHkelDcjBjFmHvE=
Subject key identifier: 0E:A9:84:46:0D:9A:76:B9:20:BE:D1:8E:8C:85:53:EB:EA:9A:3D:73
Certificate issuer: /CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Certificate serial: 018CC26D02C45BC9B631D5B913C0D875D2A5
Authority key identifier: B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/DqmERg2adrkgvtGOjIVT6-qaPXM.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34516
IP address blocks: 193.239.214.0/23 maxlen: 23
2001:678:3c8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/uTp0QF6_eyUcz7unwrIOwV-djkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/uTp0QF6_eyUcz7unwrIOwV-djkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:c4:5b:c9:b6:31:d5:b9:13:c0:d8:75:d2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93a74405ebf7b251ccfbba7c2b20ec15f9d8e48
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ea984460d9a76b920bed18e8c8553ebea9a3d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e0:03:82:8e:cc:ed:90:a3:aa:41:3d:59:65:
90:1b:f5:03:70:02:ba:fc:9b:64:cf:ee:70:e8:45:
1d:a1:a8:2c:e2:9c:ae:f9:92:53:50:15:11:ee:8b:
9a:68:ba:7d:f8:a1:1d:c0:9f:ac:cc:9f:7c:47:7a:
4b:5b:75:af:85:37:fa:1a:58:04:06:65:68:a6:5e:
57:cc:31:36:ad:3a:6e:f2:16:9c:a0:86:d2:82:a5:
95:1e:da:2a:35:cf:c6:40:94:9a:66:7f:08:fc:ac:
17:b6:14:60:c1:b2:f2:78:16:39:00:cf:bc:4c:bc:
66:32:15:9d:81:5e:d0:0b:54:32:64:cf:65:23:89:
9e:47:ed:8b:52:7c:f6:a7:90:c2:d3:eb:bc:4a:ee:
b2:73:86:6b:d3:0d:3b:41:09:e3:f8:36:fb:d7:c4:
55:63:43:cb:0c:19:cc:4c:13:8a:a3:a2:2a:f5:0d:
fa:a3:7f:08:33:fc:24:d1:0e:01:c0:74:3b:df:6f:
89:e6:f3:d6:f1:a1:ee:7a:dd:84:7d:1e:49:66:18:
bb:ed:28:82:00:d4:d3:4d:b8:8c:91:8c:05:a4:16:
fe:76:ec:18:ea:c1:ba:13:21:62:e7:bf:2d:1e:15:
95:34:ec:a0:30:63:37:98:88:93:08:47:5b:9c:33:
b6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A9:84:46:0D:9A:76:B9:20:BE:D1:8E:8C:85:53:EB:EA:9A:3D:73
X509v3 Authority Key Identifier:
keyid:B9:3A:74:40:5E:BF:7B:25:1C:CF:BB:A7:C2:B2:0E:C1:5F:9D:8E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTp0QF6_eyUcz7unwrIOwV-djkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/DqmERg2adrkgvtGOjIVT6-qaPXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/682da0-d3ef-49f0-bea4-0a134b6535c4/1/uTp0QF6_eyUcz7unwrIOwV-djkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.214.0/23
IPv6:
2001:678:3c8::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0c:19:e3:29:81:79:78:9b:73:d0:1f:df:d1:a1:22:b3:5b:
13:56:10:5a:53:5d:23:c6:23:28:b2:53:d4:38:f3:f3:7c:96:
25:43:b3:97:57:3a:35:a4:94:ed:b5:64:46:8f:03:80:07:01:
ca:74:94:2b:fd:ec:01:19:60:80:e0:0e:42:63:3f:3b:c4:a3:
cc:e2:55:1c:ae:8c:ba:99:06:8b:1b:09:f0:6f:1d:90:bd:ff:
17:76:ed:7d:54:7e:b7:00:18:d3:dc:b0:2f:d9:e3:38:0e:a4:
c2:52:00:30:c5:93:7f:49:8e:4f:85:6b:67:ee:f2:f4:63:d3:
7c:40:61:cd:8d:06:7b:2f:ca:86:75:6a:c3:45:22:3a:74:2a:
48:f3:cb:78:57:52:be:18:f6:ec:68:ae:7d:e9:9a:57:5e:53:
33:29:ef:bd:f7:de:2a:b4:05:fc:46:4b:64:b2:2a:3d:8c:b1:
e1:f9:8c:c6:83:e7:72:f5:0b:63:ab:84:96:bf:48:97:d1:02:
49:35:57:5d:54:1c:48:cc:fc:29:5a:c0:fd:0e:ca:8c:8a:62:
3d:6e:16:72:2a:d3:d5:21:8c:cd:4c:e2:22:b3:f2:c6:c5:60:
a4:c5:0c:79:a5:8d:10:43:5a:f5:a5:41:01:df:5f:2c:b9:e3:
a3:7e:2e:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbQLEW8m2MdW5E8DYddKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2E3NDQwNWViZjdiMjUxY2NmYmJhN2MyYjIwZWMxNWY5
ZDhlNDgwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWE5ODQ0NjBkOWE3NmI5MjBiZWQxOGU4Yzg1NTNlYmVhOWEzZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeADgo7M7ZCjqkE9WWWQG/UDcAK6
/Jtkz+5w6EUdoags4pyu+ZJTUBUR7ouaaLp9+KEdwJ+szJ98R3pLW3WvhTf6GlgE
BmVopl5XzDE2rTpu8hacoIbSgqWVHtoqNc/GQJSaZn8I/KwXthRgwbLyeBY5AM+8
TLxmMhWdgV7QC1QyZM9lI4meR+2LUnz2p5DC0+u8Su6yc4Zr0w07QQnj+Db718RV
Y0PLDBnMTBOKo6Iq9Q36o38IM/wk0Q4BwHQ732+J5vPW8aHuet2EfR5JZhi77SiC
ANTTTbiMkYwFpBb+duwY6sG6EyFi578tHhWVNOygMGM3mIiTCEdbnDO2xwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA6phEYNmna5IL7RjoyFU+vqmj1zMB8GA1UdIwQY
MBaAFLk6dEBev3slHM+7p8KyDsFfnY5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQt
MGExMzRiNjUzNWM0LzEvRHFtRVJnMmFkcmtndnRHT2pJVlQ2LXFhUFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82ODJkYTAtZDNlZi00OWYwLWJlYTQtMGExMzRiNjUzNWM0
LzEvdVRwMFFGNl9leVVjejd1bndySU93Vi1kamtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwe/WMA8E
AgACMAkDBwAgAQZ4A8gwDQYJKoZIhvcNAQELBQADggEBAGoMGeMpgXl4m3PQH9/R
oSKzWxNWEFpTXSPGIyiyU9Q48/N8liVDs5dXOjWklO21ZEaPA4AHAcp0lCv97AEZ
YIDgDkJjPzvEo8ziVRyujLqZBosbCfBvHZC9/xd27X1UfrcAGNPcsC/Z4zgOpMJS
ADDFk39Jjk+Fa2fu8vRj03xAYc2NBnsvyoZ1asNFIjp0Kkjzy3hXUr4Y9uxorn3p
mldeUzMp77333iq0BfxGS2SyKj2MseH5jMaD53L1C2OrhJa/SJfRAkk1V11UHEjM
/ClawP0OyoyKYj1uFnIq09UhjM1M4iKz8sbFYKTFDHmljRBDWvWlQQHfXyy546N+
Li4=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:31:36 2024 by rpki-client on console-ams.rpki-client.org