Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Jq6qGMrbyHE2OxCF31WAy5vB27s.roa
File: Jq6qGMrbyHE2OxCF31WAy5vB27s.roa (raw, json)
Hash identifier: 95q4knRGTcp0oZ602dC/onm1KqXoKc3IaeFwwbdllQ0=
Subject key identifier: 26:AE:AA:18:CA:DB:C8:71:36:3B:10:85:DF:55:80:CB:9B:C1:DB:BB
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 0191504D2972B0A2C60B09D79698DC2CEF72
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Jq6qGMrbyHE2OxCF31WAy5vB27s.roa
Signing time: Wed 14 Aug 2024 09:51:59 +0000
ROA not before: Wed 14 Aug 2024 09:51:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202029
IP address blocks: 185.212.194.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
2a04:acc0:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:4d:29:72:b0:a2:c6:0b:09:d7:96:98:dc:2c:ef:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Aug 14 09:51:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26aeaa18cadbc871363b1085df5580cb9bc1dbbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ba:a8:22:4f:e2:a2:71:20:ca:0d:13:3c:db:
3e:86:07:9c:98:14:1a:73:80:f2:01:c6:17:92:dd:
6e:20:c4:08:20:73:39:52:f3:20:0a:2f:98:16:0c:
08:12:00:84:bd:00:79:fd:62:c2:f2:13:9c:be:c2:
0a:7e:d3:08:df:a8:84:60:a1:6a:db:74:ad:6e:60:
35:ce:bb:3b:b5:8d:f5:1e:e2:6a:4a:88:e2:da:93:
bd:04:2e:59:41:72:4f:63:99:38:98:f2:2a:a8:f3:
7d:e1:f7:e6:3e:eb:cc:b1:79:6d:1a:fe:b7:07:01:
8d:ca:62:a7:33:47:27:cb:1c:88:3d:4e:14:09:f6:
9d:26:79:a9:b6:1d:71:ea:5e:40:2e:e9:04:94:43:
de:3d:a8:88:f7:98:37:0c:96:23:a1:7f:ed:43:f3:
ca:ac:1c:6d:90:a3:63:e6:c0:45:35:96:52:86:21:
3e:8e:e4:bd:7a:97:38:0e:9a:65:1c:4e:9e:01:7b:
5c:fe:72:45:0b:20:f4:70:ce:bd:de:8a:2f:8c:cd:
19:b4:09:22:5a:79:eb:dd:a3:6a:fa:b7:04:23:90:
8e:db:0d:72:c9:c5:c5:e8:42:06:67:c5:46:6c:0d:
b9:b0:99:4f:24:ec:d2:0d:20:9c:92:d4:26:35:74:
64:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AE:AA:18:CA:DB:C8:71:36:3B:10:85:DF:55:80:CB:9B:C1:DB:BB
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Jq6qGMrbyHE2OxCF31WAy5vB27s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.194.0/24
195.230.107.0/24
IPv6:
2a04:acc0:10::/44
Signature Algorithm: sha256WithRSAEncryption
54:41:7e:4c:fe:38:41:2e:a9:2a:d8:9f:92:c3:2b:6b:71:72:
96:c9:0b:6a:f2:10:a4:b3:48:de:c7:ec:1f:d3:cd:c4:79:89:
b3:b1:94:d2:36:6f:3e:88:54:e9:5d:52:e6:94:29:08:1a:d1:
20:75:f5:33:1d:c2:d5:e2:28:9e:7b:be:20:f5:d2:8e:98:0e:
19:72:00:d0:0d:13:f4:2a:bd:70:c3:bd:9f:34:4e:9f:2f:a4:
43:70:22:e5:33:d2:90:77:df:bd:52:77:c3:8b:5b:28:a6:12:
36:f9:5a:fb:94:9f:5e:27:b7:4b:2b:11:00:3b:d5:49:5c:55:
93:90:86:3c:2c:19:18:e1:36:79:c5:b9:af:bc:53:08:50:56:
f4:b3:93:0d:a3:b0:43:e2:3e:e2:a0:f8:75:e4:c3:2e:52:60:
e8:32:c7:0b:35:4d:09:c9:ad:7f:47:02:66:e9:ef:07:8c:ac:
ad:f7:b6:0c:27:f1:3f:66:f6:b5:9e:de:d1:5c:60:8c:77:73:
41:65:b9:dd:17:6e:07:01:98:44:0d:b3:e0:cd:3b:09:92:10:
e4:36:d9:7b:a4:05:9b:67:ba:ec:9d:15:80:0d:ab:c7:06:8b:
30:df:8b:a5:58:3d:ac:54:8f:0f:b3:c8:2f:38:64:d9:3d:6c:
65:87:82:8b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZFQTSlysKLGCwnXlpjcLO9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjQwODE0MDk1MTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFlYWExOGNhZGJjODcxMzYzYjEwODVkZjU1ODBjYjliYzFkYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLqoIk/ionEgyg0TPNs+hgecmBQa
c4DyAcYXkt1uIMQIIHM5UvMgCi+YFgwIEgCEvQB5/WLC8hOcvsIKftMI36iEYKFq
23StbmA1zrs7tY31HuJqSoji2pO9BC5ZQXJPY5k4mPIqqPN94ffmPuvMsXltGv63
BwGNymKnM0cnyxyIPU4UCfadJnmpth1x6l5ALukElEPePaiI95g3DJYjoX/tQ/PK
rBxtkKNj5sBFNZZShiE+juS9epc4DpplHE6eAXtc/nJFCyD0cM693oovjM0ZtAki
Wnnr3aNq+rcEI5CO2w1yycXF6EIGZ8VGbA25sJlPJOzSDSCcktQmNXRkcwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCauqhjK28hxNjsQhd9VgMubwdu7MB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvSnE2cUdNcmJ5SEUyT3hDRjMxV0F5NXZCMjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAudTCAwQA
w+ZrMA8EAgACMAkDBwQqBKzAABAwDQYJKoZIhvcNAQELBQADggEBAFRBfkz+OEEu
qSrYn5LDK2txcpbJC2ryEKSzSN7H7B/TzcR5ibOxlNI2bz6IVOldUuaUKQga0SB1
9TMdwtXiKJ57viD10o6YDhlyANANE/QqvXDDvZ80Tp8vpENwIuUz0pB3371Sd8OL
WyimEjb5WvuUn14nt0srEQA71UlcVZOQhjwsGRjhNnnFua+8UwhQVvSzkw2jsEPi
PuKg+HXkwy5SYOgyxws1TQnJrX9HAmbp7weMrK33tgwn8T9m9rWe3tFcYIx3c0Fl
ud0XbgcBmEQNs+DNOwmSEOQ22XukBZtnuuydFYANq8cGizDfi6VYPaxUjw+zyC84
ZNk9bGWHgos=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:26 2024 by rpki-client on console-fra.rpki-client.org