Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/2qkgVF4JKaqCD7OYA8TqPy3RdnU.roa
File: 2qkgVF4JKaqCD7OYA8TqPy3RdnU.roa (raw, json)
Hash identifier: G7FhXX3DLGB6SlXSP+l3xP1/urZ1YMBYYmvVWepv1Fc=
Subject key identifier: DA:A9:20:54:5E:09:29:AA:82:0F:B3:98:03:C4:EA:3F:2D:D1:76:75
Certificate issuer: /CN=c75799ff4335b7b1ae7188edfa53fd7e213eb216
Certificate serial: 018CC56EE33BD21F74456E277B464386F0E8
Authority key identifier: C7:57:99:FF:43:35:B7:B1:AE:71:88:ED:FA:53:FD:7E:21:3E:B2:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/2qkgVF4JKaqCD7OYA8TqPy3RdnU.roa
Signing time: Mon 01 Jan 2024 14:30:27 +0000
ROA not before: Mon 01 Jan 2024 14:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41477
IP address blocks: 91.215.164.0/22 maxlen: 23
91.215.166.0/24 maxlen: 24
91.215.165.0/24 maxlen: 24
91.215.167.0/24 maxlen: 24
185.34.164.0/22 maxlen: 23
185.34.165.0/24 maxlen: 24
185.34.166.0/24 maxlen: 24
185.34.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.mft
rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e3:3b:d2:1f:74:45:6e:27:7b:46:43:86:f0:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c75799ff4335b7b1ae7188edfa53fd7e213eb216
Validity
Not Before: Jan 1 14:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daa920545e0929aa820fb39803c4ea3f2dd17675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:70:90:64:8e:74:11:88:73:5c:b9:5c:b0:64:
32:9d:74:f8:fe:43:a1:4f:c4:ac:9a:69:40:1c:aa:
0c:bb:1d:62:a2:62:48:00:e4:3a:16:8a:27:1a:9a:
c7:8a:4f:df:22:49:75:65:5f:62:5f:0f:e7:03:a1:
a1:31:92:54:c9:1e:3e:fb:e3:3c:f4:f0:32:32:de:
f8:99:e8:e1:d8:f8:da:6b:a4:37:4f:b7:40:3e:18:
94:4e:13:58:d8:ff:25:46:0c:12:04:f2:1d:75:04:
7d:91:6d:fb:2b:eb:1d:c1:f2:e9:5c:6d:37:29:f9:
7f:07:53:51:2b:fc:90:36:40:8d:23:ff:87:84:99:
84:68:73:83:73:ab:07:ce:01:36:37:1e:7f:97:8e:
69:28:aa:85:6c:5d:7e:5c:ff:8a:86:33:4c:f3:d8:
cf:50:81:b5:73:b2:32:ee:16:fe:96:b7:ca:64:33:
fd:45:eb:28:83:e9:b8:a3:71:98:1f:90:df:f9:5a:
9a:dd:d4:a8:65:03:05:f7:32:03:9e:0a:1f:75:f8:
98:46:71:87:e7:2d:87:db:3b:62:f2:aa:5e:b5:96:
14:38:ad:64:67:32:19:e0:5b:39:86:06:6c:ad:b4:
94:43:b3:58:c7:0a:2a:73:83:0c:b6:f4:5b:79:9d:
49:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A9:20:54:5E:09:29:AA:82:0F:B3:98:03:C4:EA:3F:2D:D1:76:75
X509v3 Authority Key Identifier:
keyid:C7:57:99:FF:43:35:B7:B1:AE:71:88:ED:FA:53:FD:7E:21:3E:B2:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1eZ_0M1t7GucYjt-lP9fiE-shY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/2qkgVF4JKaqCD7OYA8TqPy3RdnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1e4c03-f619-47a3-81bd-36ef7aeebe3b/1/x1eZ_0M1t7GucYjt-lP9fiE-shY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.164.0/22
185.34.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:17:19:53:0d:9d:00:fb:26:b9:1d:ec:08:59:c8:e2:9e:ee:
00:95:08:fc:b8:77:b0:e7:da:d0:b8:12:65:6e:6b:43:b1:84:
c9:b5:aa:cb:1b:3f:00:d1:9d:5c:cd:d2:9e:44:f8:4e:15:a9:
67:28:49:96:e6:89:8f:9c:79:b4:b9:fd:99:a8:a0:d2:a8:4b:
b0:92:08:d4:9d:53:d9:4d:44:b9:2b:88:23:48:0a:79:db:4c:
7b:fc:e7:c6:95:17:d0:7b:d0:36:8f:01:a7:cf:ce:6f:27:2d:
99:8b:a0:fc:ca:76:11:83:bc:5c:7e:11:a8:2c:f1:30:53:ad:
b7:cc:8a:7c:bc:e9:0f:76:cd:7b:2e:ab:d9:ce:58:96:a5:fc:
de:a6:c0:67:4d:60:d1:a9:59:c3:bd:77:71:a4:f8:ae:25:b0:
a2:0c:d9:e6:0c:2c:65:8a:18:96:f6:a6:9c:00:d9:13:02:f1:
e9:6a:05:1a:e3:0a:0a:c4:d4:d2:7b:f3:2c:5d:92:0a:5b:4c:
33:b2:7c:60:76:6d:eb:51:3f:a4:6a:db:e9:d2:2d:6f:6c:10:
33:8d:0e:99:8a:8f:ae:f7:1c:f8:ca:4a:62:38:2d:ea:05:04:
4c:70:60:9f:12:35:03:01:41:fd:ba:6d:50:3e:db:63:a2:53:
8b:97:c7:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbuM70h90RW4ne0ZDhvDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTc5OWZmNDMzNWI3YjFhZTcxODhlZGZhNTNmZDdlMjEz
ZWIyMTYwHhcNMjQwMTAxMTQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE5MjA1NDVlMDkyOWFhODIwZmIzOTgwM2M0ZWEzZjJkZDE3Njc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnCQZI50EYhzXLlcsGQynXT4/kOh
T8SsmmlAHKoMux1iomJIAOQ6FoonGprHik/fIkl1ZV9iXw/nA6GhMZJUyR4+++M8
9PAyMt74mejh2Pjaa6Q3T7dAPhiUThNY2P8lRgwSBPIddQR9kW37K+sdwfLpXG03
Kfl/B1NRK/yQNkCNI/+HhJmEaHODc6sHzgE2Nx5/l45pKKqFbF1+XP+KhjNM89jP
UIG1c7Iy7hb+lrfKZDP9Resog+m4o3GYH5Df+Vqa3dSoZQMF9zIDngofdfiYRnGH
5y2H2zti8qpetZYUOK1kZzIZ4Fs5hgZsrbSUQ7NYxwoqc4MMtvRbeZ1JuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNqpIFReCSmqgg+zmAPE6j8t0XZ1MB8GA1UdIwQY
MBaAFMdXmf9DNbexrnGI7fpT/X4hPrIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFlWl8wTTF0N0d1Y1lqdC1sUDlmaUUtc2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xZTRjMDMtZjYxOS00N2EzLTgxYmQt
MzZlZjdhZWViZTNiLzEvMnFrZ1ZGNEpLYXFDRDdPWUE4VHFQeTNSZG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xZTRjMDMtZjYxOS00N2EzLTgxYmQtMzZlZjdhZWViZTNi
LzEveDFlWl8wTTF0N0d1Y1lqdC1sUDlmaUUtc2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9ekAwQC
uSKkMA0GCSqGSIb3DQEBCwUAA4IBAQCwFxlTDZ0A+ya5HewIWcjinu4AlQj8uHew
59rQuBJlbmtDsYTJtarLGz8A0Z1czdKeRPhOFalnKEmW5omPnHm0uf2ZqKDSqEuw
kgjUnVPZTUS5K4gjSAp520x7/OfGlRfQe9A2jwGnz85vJy2Zi6D8ynYRg7xcfhGo
LPEwU623zIp8vOkPds17LqvZzliWpfzepsBnTWDRqVnDvXdxpPiuJbCiDNnmDCxl
ihiW9qacANkTAvHpagUa4woKxNTSe/MsXZIKW0wzsnxgdm3rUT+katvp0i1vbBAz
jQ6Zio+u9xz4ykpiOC3qBQRMcGCfEjUDAUH9um1QPttjolOLl8ej
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:17 2024 by rpki-client on console-fra.rpki-client.org