Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/qo2jzqVlOjPUhdPG96aPB57Bd98.roa
File: qo2jzqVlOjPUhdPG96aPB57Bd98.roa (raw, json)
Hash identifier: 3SfSkldzo2vFOHrSz/1noBc7kTL+WD7vG3jkJ51q3qQ=
Subject key identifier: AA:8D:A3:CE:A5:65:3A:33:D4:85:D3:C6:F7:A6:8F:07:9E:C1:77:DF
Certificate issuer: /CN=6debd19da98c27fabab7b2f294bcf9ec6af44905
Certificate serial: 018CC9BC3D101F6BC2385E34739AACD8A96F
Authority key identifier: 6D:EB:D1:9D:A9:8C:27:FA:BA:B7:B2:F2:94:BC:F9:EC:6A:F4:49:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/qo2jzqVlOjPUhdPG96aPB57Bd98.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36924
IP address blocks: 146.0.64.0/21 maxlen: 24
185.183.228.0/22 maxlen: 24
185.56.48.0/22 maxlen: 24
2a0b:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3d:10:1f:6b:c2:38:5e:34:73:9a:ac:d8:a9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6debd19da98c27fabab7b2f294bcf9ec6af44905
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa8da3cea5653a33d485d3c6f7a68f079ec177df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:05:d6:f3:e0:29:3d:cf:39:ad:73:c7:37:09:
50:79:b9:05:5e:ef:48:f0:d4:c2:bb:b9:e3:c1:d4:
05:1d:17:0d:90:3b:0b:27:90:36:b2:d8:f3:25:a1:
a1:7f:7d:b0:35:7c:33:0f:9c:ad:22:d3:e6:fb:95:
00:d4:f8:c2:b7:2f:4d:70:ec:29:ac:d9:72:8e:22:
b0:2f:51:33:27:f5:f9:ff:5a:47:bb:78:91:f4:93:
5a:22:f0:1e:e3:54:60:da:04:51:12:26:bd:7f:49:
7e:d9:18:52:e4:13:eb:70:74:95:4e:63:02:91:fa:
ea:8c:60:24:60:8b:b1:48:d3:f5:2e:28:45:f7:14:
5f:92:b5:5a:29:1d:29:af:2e:c8:35:1b:39:ea:25:
60:88:fe:56:8f:15:d7:16:39:79:09:85:9f:37:b7:
08:22:4c:b8:03:1e:01:06:a5:8a:9c:69:b7:7d:92:
a8:01:e6:75:df:66:ed:dc:68:75:b3:9f:cc:05:1c:
ea:cf:37:11:b8:42:b6:8f:48:50:bf:4e:f7:3f:7f:
44:c3:b8:1c:2f:59:06:f1:a2:8e:08:dc:03:c0:3c:
ac:e0:c2:fd:c5:21:d8:19:fb:39:d6:f2:56:c6:53:
55:87:d3:61:dd:61:f0:34:0d:58:11:58:31:3d:15:
47:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8D:A3:CE:A5:65:3A:33:D4:85:D3:C6:F7:A6:8F:07:9E:C1:77:DF
X509v3 Authority Key Identifier:
keyid:6D:EB:D1:9D:A9:8C:27:FA:BA:B7:B2:F2:94:BC:F9:EC:6A:F4:49:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/qo2jzqVlOjPUhdPG96aPB57Bd98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.64.0/21
185.56.48.0/22
185.183.228.0/22
IPv6:
2a0b:2080::/29
Signature Algorithm: sha256WithRSAEncryption
03:57:fa:c3:c6:35:30:f8:0b:5b:a6:b9:0e:f2:e0:84:23:1f:
05:a3:4d:5e:6f:63:55:88:82:9e:cc:21:41:2a:cc:29:e0:c2:
ab:c7:96:fb:98:9c:71:88:56:96:4d:2b:c0:05:6e:87:58:1e:
b5:d3:6d:80:d5:ab:30:eb:c6:a6:81:92:7d:c2:16:47:46:90:
96:84:a6:41:60:b3:52:d4:02:d5:87:02:d1:31:ac:86:97:6b:
bd:00:42:2a:28:51:5d:dc:15:5b:af:62:f7:ca:f0:b2:08:52:
e2:a9:cb:18:23:5a:86:ea:61:cc:59:0e:1b:61:96:d1:80:2d:
11:70:bf:71:c0:6a:b1:a2:45:22:bd:0f:6c:8b:1b:0e:12:86:
58:12:7e:58:84:24:5e:85:03:7b:c0:af:37:5b:71:08:8a:55:
47:f6:b0:76:df:da:38:df:03:ed:22:2a:b2:77:c4:c1:3e:5c:
5b:49:11:31:20:a9:23:30:b7:fd:ea:5e:d3:2f:1f:9c:c7:00:
76:04:1e:86:8a:26:d9:74:f5:6f:67:c7:4a:3e:48:84:54:0c:
1e:95:36:8c:e4:c6:c4:8f:ee:c6:c7:db:f8:06:3c:ad:b5:01:
05:bd:d6:dd:c4:0a:5e:c1:0e:c9:70:02:a1:4e:e6:ac:06:6a:
31:a6:23:3c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvD0QH2vCOF40c5qs2KlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZWJkMTlkYTk4YzI3ZmFiYWI3YjJmMjk0YmNmOWVjNmFm
NDQ5MDUwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThkYTNjZWE1NjUzYTMzZDQ4NWQzYzZmN2E2OGYwNzllYzE3N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wXW8+ApPc85rXPHNwlQebkFXu9I
8NTCu7njwdQFHRcNkDsLJ5A2stjzJaGhf32wNXwzD5ytItPm+5UA1PjCty9NcOwp
rNlyjiKwL1EzJ/X5/1pHu3iR9JNaIvAe41Rg2gRREia9f0l+2RhS5BPrcHSVTmMC
kfrqjGAkYIuxSNP1LihF9xRfkrVaKR0pry7INRs56iVgiP5WjxXXFjl5CYWfN7cI
Iky4Ax4BBqWKnGm3fZKoAeZ132bt3Gh1s5/MBRzqzzcRuEK2j0hQv073P39Ew7gc
L1kG8aKOCNwDwDys4ML9xSHYGfs51vJWxlNVh9Nh3WHwNA1YEVgxPRVHdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKqNo86lZToz1IXTxvemjweewXffMB8GA1UdIwQY
MBaAFG3r0Z2pjCf6urey8pS8+exq9EkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmV2Um5hbU1KX3E2dDdMeWxMejU3R3IwU1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xYWQzNDktZWRmZS00MTUwLTlkMzct
MjY0YWI5MzM3ZmEwLzEvcW8yanpxVmxPalBVaGRQRzk2YVBCNTdCZDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xYWQzNDktZWRmZS00MTUwLTlkMzctMjY0YWI5MzM3ZmEw
LzEvYmV2Um5hbU1KX3E2dDdMeWxMejU3R3IwU1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDkgBAAwQC
uTgwAwQCubfkMA0EAgACMAcDBQMqCyCAMA0GCSqGSIb3DQEBCwUAA4IBAQADV/rD
xjUw+AtbprkO8uCEIx8Fo01eb2NViIKezCFBKswp4MKrx5b7mJxxiFaWTSvABW6H
WB61022A1asw68amgZJ9whZHRpCWhKZBYLNS1ALVhwLRMayGl2u9AEIqKFFd3BVb
r2L3yvCyCFLiqcsYI1qG6mHMWQ4bYZbRgC0RcL9xwGqxokUivQ9sixsOEoZYEn5Y
hCRehQN7wK83W3EIilVH9rB239o43wPtIiqyd8TBPlxbSRExIKkjMLf96l7TLx+c
xwB2BB6GiibZdPVvZ8dKPkiEVAwelTaM5MbEj+7Gx9v4BjyttQEFvdbdxApewQ7J
cAKhTuasBmoxpiM8
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:15 2024 by rpki-client on console-ams.rpki-client.org