Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/m_u7Q8yXLrzaFb7NHlMCshNTJAA.roa
File: m_u7Q8yXLrzaFb7NHlMCshNTJAA.roa (raw, json)
Hash identifier: 69T4MUMKuRydTZItZHJsjf3tWIHoF2Qh+Zw8BSCBUuo=
Subject key identifier: 9B:FB:BB:43:CC:97:2E:BC:DA:15:BE:CD:1E:53:02:B2:13:53:24:00
Certificate issuer: /CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Certificate serial: 019343C11E56D302747F952FE1A631192C46
Authority key identifier: A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/m_u7Q8yXLrzaFb7NHlMCshNTJAA.roa
Signing time: Tue 19 Nov 2024 09:29:09 +0000
ROA not before: Tue 19 Nov 2024 09:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212655
IP address blocks: 45.92.44.0/22 maxlen: 24
185.8.92.0/24 maxlen: 24
185.8.94.0/23 maxlen: 23
185.26.240.0/22 maxlen: 22
185.154.144.0/22 maxlen: 22
193.28.90.0/24 maxlen: 24
2a0e:1d40::/29 maxlen: 29
2a10:6940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:c1:1e:56:d3:02:74:7f:95:2f:e1:a6:31:19:2c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Validity
Not Before: Nov 19 09:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bfbbb43cc972ebcda15becd1e5302b213532400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:aa:b3:3c:2f:4c:97:f1:8d:b2:2e:6d:5b:
6e:14:8f:c8:d9:67:b5:14:d2:10:61:19:cd:4b:54:
7c:a4:69:c2:63:fa:fd:61:e3:d1:f3:fd:40:f4:94:
f3:eb:1c:d1:c4:91:1d:f8:69:16:6d:2f:1f:ed:60:
5d:48:13:e9:b9:2f:55:5e:5a:8c:6a:fd:51:d8:a0:
c6:54:dc:1d:73:18:35:27:9b:cf:d2:f1:97:36:ab:
18:de:63:9d:3f:fe:98:5c:d2:ae:da:e9:d8:28:90:
bc:cd:a1:0a:10:d8:04:b9:0e:83:4b:1e:65:19:fa:
26:53:c2:3c:ea:25:e8:38:64:47:0c:b2:22:ff:f9:
0d:8c:5f:0f:85:d6:5e:28:b3:ea:98:73:be:2d:4c:
e4:11:e8:22:78:7b:39:3f:42:7d:b3:70:03:c4:4d:
9b:6d:07:e4:5d:b8:16:1b:d3:49:23:d0:9c:3a:13:
05:d6:72:ea:b8:64:68:fc:74:f1:a4:91:ff:e9:17:
1b:21:3e:2c:14:1f:72:de:dd:ce:09:5b:38:1d:11:
99:41:f2:0c:02:8d:20:af:e2:cb:80:93:aa:2a:b9:
ef:28:a9:28:b1:ee:34:6a:45:44:8c:c1:f3:e1:53:
70:53:e6:8c:04:9c:25:01:1d:5f:56:6d:9b:48:cf:
c3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FB:BB:43:CC:97:2E:BC:DA:15:BE:CD:1E:53:02:B2:13:53:24:00
X509v3 Authority Key Identifier:
keyid:A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/m_u7Q8yXLrzaFb7NHlMCshNTJAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.44.0/22
185.8.92.0/24
185.8.94.0/23
185.26.240.0/22
185.154.144.0/22
193.28.90.0/24
IPv6:
2a0e:1d40::/29
2a10:6940::/29
Signature Algorithm: sha256WithRSAEncryption
3e:7c:42:a9:ac:12:67:35:3e:40:e4:d9:db:7b:81:76:f8:31:
59:b8:ce:82:80:04:39:f4:52:43:4f:68:9b:e8:fa:cd:55:aa:
99:8f:f0:62:10:46:3c:6a:9c:07:39:f6:64:8b:6c:f7:9b:c2:
2b:cb:59:a4:96:05:be:6c:1f:8f:c0:53:1c:d9:5c:1b:19:d3:
96:45:01:b8:bd:65:2a:81:94:a2:bb:f0:3c:63:cb:8f:8b:18:
be:b7:65:c6:a4:67:fe:5b:d9:be:3e:7a:7e:d8:63:79:60:b9:
29:3b:5b:f1:15:62:ff:a2:ad:72:89:54:22:d7:a4:41:e7:58:
4d:ae:8c:6e:1a:68:6b:5d:62:7c:e5:e7:d0:70:81:ac:45:c3:
35:45:d9:3a:ac:95:84:06:8a:e1:08:f5:63:50:5a:b1:f8:2e:
79:f5:e2:2b:49:e6:43:33:ba:dd:d9:5e:81:f0:00:10:6f:ca:
0d:1d:a0:95:47:b8:6e:3b:dc:b8:62:4e:11:eb:72:b3:f4:9e:
2a:87:a5:a7:af:bc:4d:bf:d9:2e:fe:5b:97:6a:43:89:48:74:
f1:83:77:20:83:05:85:23:a5:17:1c:d7:d8:68:29:37:b5:c8:
91:37:a2:51:f8:d3:8e:9c:f1:a8:98:42:5c:a3:d3:f3:53:c1:
1a:7f:0d:b3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZNDwR5W0wJ0f5Uv4aYxGSxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OTljZmZhNmU0OGZhMmM0ZjhkMDk4MDMzOTZiNDU3YTYz
MGEzM2QwHhcNMjQxMTE5MDkyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZiYmI0M2NjOTcyZWJjZGExNWJlY2QxZTUzMDJiMjEzNTMyNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxuqszwvTJfxjbIubVtuFI/I2We1
FNIQYRnNS1R8pGnCY/r9YePR8/1A9JTz6xzRxJEd+GkWbS8f7WBdSBPpuS9VXlqM
av1R2KDGVNwdcxg1J5vP0vGXNqsY3mOdP/6YXNKu2unYKJC8zaEKENgEuQ6DSx5l
GfomU8I86iXoOGRHDLIi//kNjF8PhdZeKLPqmHO+LUzkEegieHs5P0J9s3ADxE2b
bQfkXbgWG9NJI9CcOhMF1nLquGRo/HTxpJH/6RcbIT4sFB9y3t3OCVs4HRGZQfIM
Ao0gr+LLgJOqKrnvKKkose40akVEjMHz4VNwU+aMBJwlAR1fVm2bSM/DBQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJv7u0PMly682hW+zR5TArITUyQAMB8GA1UdIwQY
MBaAFKmZz/puSPosT40JgDOWtFemMKM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUt
YjNhNTA5MTBjMmE4LzEvbV91N1E4eVhMcnphRmI3TkhsTUNzaE5USkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUtYjNhNTA5MTBjMmE4
LzEvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLVwsAwQA
uQhcAwQBuQheAwQCuRrwAwQCuZqQAwQAwRxaMBQEAgACMA4DBQMqDh1AAwUDKhBp
QDANBgkqhkiG9w0BAQsFAAOCAQEAPnxCqawSZzU+QOTZ23uBdvgxWbjOgoAEOfRS
Q09om+j6zVWqmY/wYhBGPGqcBzn2ZIts95vCK8tZpJYFvmwfj8BTHNlcGxnTlkUB
uL1lKoGUorvwPGPLj4sYvrdlxqRn/lvZvj56fthjeWC5KTtb8RVi/6KtcolUItek
QedYTa6Mbhpoa11ifOXn0HCBrEXDNUXZOqyVhAaK4Qj1Y1BasfguefXiK0nmQzO6
3dlegfAAEG/KDR2glUe4bjvcuGJOEetys/SeKoelp6+8Tb/ZLv5bl2pDiUh08YN3
IIMFhSOlFxzX2GgpN7XIkTeiUfjTjpzxqJhCXKPT81PBGn8Nsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:33 2024 by rpki-client on console-ams.rpki-client.org