Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/q4p0jFQ3WEfG-M-4E7I9saS5OYY.roa
File: q4p0jFQ3WEfG-M-4E7I9saS5OYY.roa (raw, json)
Hash identifier: e5nOmBteRDXgf2CEGYG1zrThh5BuvyRg11QsYb1ewt0=
Subject key identifier: AB:8A:74:8C:54:37:58:47:C6:F8:CF:B8:13:B2:3D:B1:A4:B9:39:86
Certificate issuer: /CN=b57ab718b4acb3a679c5db8fcee7294ed6be2bd0
Certificate serial: 018CC26D740FB837DA890848839543F369DB
Authority key identifier: B5:7A:B7:18:B4:AC:B3:A6:79:C5:DB:8F:CE:E7:29:4E:D6:BE:2B:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXq3GLSss6Z5xduPzucpTta-K9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/q4p0jFQ3WEfG-M-4E7I9saS5OYY.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43853
IP address blocks: 131.117.176.0/21 maxlen: 21
185.183.56.0/22 maxlen: 22
46.22.112.0/20 maxlen: 20
2a0b:680::/29 maxlen: 29
2a02:2a48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/tXq3GLSss6Z5xduPzucpTta-K9A.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/tXq3GLSss6Z5xduPzucpTta-K9A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tXq3GLSss6Z5xduPzucpTta-K9A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:74:0f:b8:37:da:89:08:48:83:95:43:f3:69:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b57ab718b4acb3a679c5db8fcee7294ed6be2bd0
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab8a748c54375847c6f8cfb813b23db1a4b93986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:da:c0:e5:fc:d7:ce:32:d7:ee:74:a3:1b:5e:
51:75:3f:6e:76:24:64:cf:97:a3:72:20:ca:40:6a:
ac:59:a4:9c:9f:af:1e:39:8a:44:11:53:31:f4:04:
84:46:40:31:77:76:b5:97:74:f6:58:bd:cf:68:fd:
e0:9f:16:8d:f2:07:85:06:09:1f:a9:b4:9a:db:fb:
1d:24:58:6a:f8:1f:b1:fb:08:6a:e4:bb:8d:d2:43:
76:9e:1d:19:6b:28:fd:01:06:e9:00:02:2d:fa:d1:
37:e3:9c:2a:e7:23:9b:05:0b:70:a8:aa:95:9e:f6:
b5:3f:b9:f9:3c:77:42:d3:45:8d:cb:b0:86:f6:f6:
5d:c1:26:1d:35:90:a2:2f:3c:0f:4c:4f:7e:15:34:
f7:fc:c1:8e:9a:35:00:61:06:f7:93:64:3a:a5:a1:
c2:a0:a6:b9:db:1d:4b:69:44:b4:97:9b:11:eb:6c:
0f:e9:bd:82:70:50:09:54:52:68:ec:37:b2:c5:1e:
6f:ff:9e:18:3f:49:b0:a6:2c:3d:db:4b:86:4e:cf:
c5:66:ed:7e:b1:49:68:49:e4:37:bd:8d:e5:a2:67:
f5:3a:05:f7:13:82:a7:14:cd:ea:2f:e4:82:c3:72:
1c:5f:ad:1a:80:48:24:67:a9:3a:e6:f0:f0:b1:be:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8A:74:8C:54:37:58:47:C6:F8:CF:B8:13:B2:3D:B1:A4:B9:39:86
X509v3 Authority Key Identifier:
keyid:B5:7A:B7:18:B4:AC:B3:A6:79:C5:DB:8F:CE:E7:29:4E:D6:BE:2B:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXq3GLSss6Z5xduPzucpTta-K9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/q4p0jFQ3WEfG-M-4E7I9saS5OYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/ba1be3-796e-45c8-8b76-c700ea03c227/1/tXq3GLSss6Z5xduPzucpTta-K9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.112.0/20
131.117.176.0/21
185.183.56.0/22
IPv6:
2a02:2a48::/32
2a0b:680::/29
Signature Algorithm: sha256WithRSAEncryption
5c:79:59:d4:4e:a6:9e:b5:01:39:0f:82:46:39:ea:53:57:fb:
df:41:ec:fd:de:f1:82:f1:e2:16:bf:65:12:19:01:34:c6:92:
f5:0e:84:a9:31:d5:bc:79:d2:6d:11:2c:a3:68:8f:70:24:e9:
88:ec:8f:cc:3a:76:c6:54:21:b2:4e:49:cc:f6:5a:3d:1d:f4:
7c:5e:51:4a:47:e6:82:f2:16:bc:f1:e1:3f:15:25:80:a1:f6:
19:2e:eb:22:65:1a:a4:c5:94:66:eb:d8:e2:54:50:35:cc:84:
37:a0:62:a2:bb:3b:30:97:6f:84:3a:ec:6a:ad:31:f4:08:b4:
4f:62:8e:60:ed:0f:cd:b5:ce:89:6b:0b:c4:87:27:17:16:7b:
ae:7c:fd:cc:79:02:4a:7d:cb:45:4d:8b:d4:d6:79:a4:d4:05:
6a:56:0d:f2:34:de:af:ed:86:8b:cd:7f:8b:dd:5f:8a:4f:6d:
87:6e:b3:62:09:5a:c1:42:6e:d5:c2:73:dd:ef:06:5f:07:d0:
1b:86:a0:7a:ac:ac:9b:a5:31:4b:e1:02:1a:61:c7:64:cd:cd:
40:24:a5:da:8d:a7:51:8b:d5:5a:88:2b:72:b1:41:5b:8b:dd:
7c:c9:47:c0:1b:ba:49:0e:e1:46:b5:1a:dc:73:0d:ec:96:c0:
da:32:b8:01
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzCbXQPuDfaiQhIg5VD82nbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1N2FiNzE4YjRhY2IzYTY3OWM1ZGI4ZmNlZTcyOTRlZDZi
ZTJiZDAwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhhNzQ4YzU0Mzc1ODQ3YzZmOGNmYjgxM2IyM2RiMWE0YjkzOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9rA5fzXzjLX7nSjG15RdT9udiRk
z5ejciDKQGqsWaScn68eOYpEEVMx9ASERkAxd3a1l3T2WL3PaP3gnxaN8geFBgkf
qbSa2/sdJFhq+B+x+whq5LuN0kN2nh0Zayj9AQbpAAIt+tE345wq5yObBQtwqKqV
nva1P7n5PHdC00WNy7CG9vZdwSYdNZCiLzwPTE9+FTT3/MGOmjUAYQb3k2Q6paHC
oKa52x1LaUS0l5sR62wP6b2CcFAJVFJo7DeyxR5v/54YP0mwpiw920uGTs/FZu1+
sUloSeQ3vY3lomf1OgX3E4KnFM3qL+SCw3IcX60agEgkZ6k65vDwsb6kgwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKuKdIxUN1hHxvjPuBOyPbGkuTmGMB8GA1UdIwQY
MBaAFLV6txi0rLOmecXbj87nKU7WvivQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFhxM0dMU3NzNlo1eGR1UHp1Y3BUdGEtSzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iYTFiZTMtNzk2ZS00NWM4LThiNzYt
YzcwMGVhMDNjMjI3LzEvcTRwMGpGUTNXRWZHLU0tNEU3STlzYVM1T1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iYTFiZTMtNzk2ZS00NWM4LThiNzYtYzcwMGVhMDNjMjI3
LzEvdFhxM0dMU3NzNlo1eGR1UHp1Y3BUdGEtSzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQELhZwAwQD
g3WwAwQCubc4MBQEAgACMA4DBQAqAipIAwUDKgsGgDANBgkqhkiG9w0BAQsFAAOC
AQEAXHlZ1E6mnrUBOQ+CRjnqU1f730Hs/d7xgvHiFr9lEhkBNMaS9Q6EqTHVvHnS
bREso2iPcCTpiOyPzDp2xlQhsk5JzPZaPR30fF5RSkfmgvIWvPHhPxUlgKH2GS7r
ImUapMWUZuvY4lRQNcyEN6Biors7MJdvhDrsaq0x9Ai0T2KOYO0PzbXOiWsLxIcn
FxZ7rnz9zHkCSn3LRU2L1NZ5pNQFalYN8jTer+2Gi81/i91fik9th26zYglawUJu
1cJz3e8GXwfQG4ageqysm6UxS+ECGmHHZM3NQCSl2o2nUYvVWogrcrFBW4vdfMlH
wBu6SQ7hRrUa3HMN7JbA2jK4AQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:29 2024 by rpki-client on console-fra.rpki-client.org