Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/32-qdCb4rRhilbjnHet2fMhBWGw.roa
File: 32-qdCb4rRhilbjnHet2fMhBWGw.roa (raw, json)
Hash identifier: dXa97wPgzTjpUWXTYgEdhKS7xoJUe7N0dNw+vnFtWR8=
Subject key identifier: DF:6F:AA:74:26:F8:AD:18:62:95:B8:E7:1D:EB:76:7C:C8:41:58:6C
Certificate issuer: /CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
Certificate serial: 018CC86F01114B753AC10184723D47751658
Authority key identifier: E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/32-qdCb4rRhilbjnHet2fMhBWGw.roa
Signing time: Tue 02 Jan 2024 04:29:27 +0000
ROA not before: Tue 02 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8535
IP address blocks: 80.252.0.0/20 maxlen: 20
193.42.228.0/22 maxlen: 22
194.149.228.0/22 maxlen: 22
2a02:bd8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/4koyJ4zntMsgXfzK14YBSjsK4yM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/4koyJ4zntMsgXfzK14YBSjsK4yM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:01:11:4b:75:3a:c1:01:84:72:3d:47:75:16:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
Validity
Not Before: Jan 2 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df6faa7426f8ad186295b8e71deb767cc841586c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:46:85:de:5f:92:67:b8:dc:02:d6:f4:41:
b0:b4:0c:c2:c0:70:4f:9c:fa:80:f8:d7:c5:ee:b4:
bc:2e:fc:5b:52:70:96:a7:38:c1:55:2b:41:33:0d:
10:13:f7:ae:9f:c1:92:38:69:18:99:e8:42:fe:c4:
ce:08:53:e7:41:42:6c:97:2f:21:b2:7d:7a:d4:02:
5b:43:22:4a:bf:ae:f1:18:60:5a:c3:aa:72:71:69:
d2:24:98:f8:e9:c4:27:5e:5f:ab:28:86:8a:e0:f3:
54:16:57:f5:ba:5e:74:65:32:04:e2:43:6b:72:9d:
a1:fe:1f:2c:1b:55:77:d1:b7:26:62:a1:cb:ae:e0:
b8:57:7d:b7:f1:07:06:6d:b0:ca:3f:87:6b:50:dd:
28:7c:9b:7b:16:9c:8b:37:51:62:21:c4:de:95:a3:
a9:58:20:d4:98:8c:47:93:45:c7:7a:05:52:37:50:
1b:6b:de:6d:88:50:95:cc:60:17:87:bd:7e:14:44:
9c:5c:0f:b8:10:61:80:54:a2:59:fa:f0:78:af:ba:
3f:c1:85:5d:1e:6a:e9:27:e2:56:bd:9b:b1:b3:33:
1d:a3:11:22:87:31:37:be:8e:09:30:54:7a:de:8d:
0f:ae:21:c1:b1:4f:3b:6d:49:d0:09:e7:0b:5f:82:
40:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6F:AA:74:26:F8:AD:18:62:95:B8:E7:1D:EB:76:7C:C8:41:58:6C
X509v3 Authority Key Identifier:
keyid:E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/32-qdCb4rRhilbjnHet2fMhBWGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/4koyJ4zntMsgXfzK14YBSjsK4yM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.0.0/20
193.42.228.0/22
194.149.228.0/22
IPv6:
2a02:bd8::/32
Signature Algorithm: sha256WithRSAEncryption
78:16:57:20:3e:66:56:43:e3:53:8a:e3:a3:42:22:49:21:0c:
20:6b:a3:5b:e2:41:ef:e2:1b:eb:c2:1c:97:27:6d:a7:6b:e8:
24:f7:9a:ce:f6:18:89:78:ad:f5:19:2a:7a:a7:3a:aa:3d:26:
31:99:0f:30:8c:37:7b:79:b6:a4:06:c2:ec:0e:12:83:bd:1d:
e5:3b:9b:cd:46:47:c9:32:16:4d:1f:90:17:d6:d1:22:ea:30:
3e:b1:1d:e0:81:d6:13:b0:d2:ff:b4:5b:2b:9b:cd:f5:a5:e6:
44:8d:9d:13:bb:e4:c3:06:65:16:74:e7:03:a7:4d:62:9c:70:
eb:c9:2b:09:f3:5f:5a:8c:43:d2:b4:aa:ef:74:ab:2e:08:2f:
f9:21:56:b7:31:3b:16:8c:e0:71:db:33:45:73:e2:a9:3c:b2:
8e:44:61:91:f4:61:f6:00:52:5b:74:24:55:66:a3:65:0e:a8:
8b:44:ca:03:91:b1:80:5d:b6:76:26:59:fb:9f:3c:2f:8d:cc:
c1:d2:b9:f4:d9:70:68:dd:24:62:a9:76:26:a7:42:19:4c:e1:
ff:2b:d5:18:de:03:df:3d:05:8c:5e:4e:1f:aa:1b:c5:b6:85:
3f:0e:3a:86:47:4a:0a:71:b3:6f:0c:fe:10:b5:dd:fd:26:30:
db:da:69:41
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIbwERS3U6wQGEcj1HdRZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEzMjI3OGNlN2I0Y2IyMDVkZmNjYWQ3ODYwMTRhM2Iw
YWUzMjMwHhcNMjQwMTAyMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZmYWE3NDI2ZjhhZDE4NjI5NWI4ZTcxZGViNzY3Y2M4NDE1ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMlGhd5fkme43ALW9EGwtAzCwHBP
nPqA+NfF7rS8LvxbUnCWpzjBVStBMw0QE/eun8GSOGkYmehC/sTOCFPnQUJsly8h
sn161AJbQyJKv67xGGBaw6pycWnSJJj46cQnXl+rKIaK4PNUFlf1ul50ZTIE4kNr
cp2h/h8sG1V30bcmYqHLruC4V3238QcGbbDKP4drUN0ofJt7FpyLN1FiIcTelaOp
WCDUmIxHk0XHegVSN1Aba95tiFCVzGAXh71+FEScXA+4EGGAVKJZ+vB4r7o/wYVd
HmrpJ+JWvZuxszMdoxEihzE3vo4JMFR63o0PriHBsU87bUnQCecLX4JANwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN9vqnQm+K0YYpW45x3rdnzIQVhsMB8GA1UdIwQY
MBaAFOJKMieM57TLIF38yteGAUo7CuMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjct
NzdhYjA1ZTBjZjYyLzEvMzItcWRDYjRyUmhpbGJqbkhldDJmTWhCV0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjctNzdhYjA1ZTBjZjYy
LzEvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPwAAwQC
wSrkAwQCwpXkMA0EAgACMAcDBQAqAgvYMA0GCSqGSIb3DQEBCwUAA4IBAQB4Flcg
PmZWQ+NTiuOjQiJJIQwga6Nb4kHv4hvrwhyXJ22na+gk95rO9hiJeK31GSp6pzqq
PSYxmQ8wjDd7ebakBsLsDhKDvR3lO5vNRkfJMhZNH5AX1tEi6jA+sR3ggdYTsNL/
tFsrm831peZEjZ0Tu+TDBmUWdOcDp01inHDrySsJ819ajEPStKrvdKsuCC/5IVa3
MTsWjOBx2zNFc+KpPLKORGGR9GH2AFJbdCRVZqNlDqiLRMoDkbGAXbZ2Jln7nzwv
jczB0rn02XBo3SRiqXYmp0IZTOH/K9UY3gPfPQWMXk4fqhvFtoU/DjqGR0oKcbNv
DP4Qtd39JjDb2mlB
-----END CERTIFICATE-----
Generated at Tue May 28 17:25:02 2024 by rpki-client on console-ams.rpki-client.org