Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/q2wAiL9cj1VTlOfAeI3ZxbTFp-0.roa
File: q2wAiL9cj1VTlOfAeI3ZxbTFp-0.roa (raw, json)
Hash identifier: DZ8tyt6slOf/Iq/c/LtCqC1wBehk9DO+rQebb/zFTz4=
Subject key identifier: AB:6C:00:88:BF:5C:8F:55:53:94:E7:C0:78:8D:D9:C5:B4:C5:A7:ED
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC706B23C885C3B52FF145401FC41
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/q2wAiL9cj1VTlOfAeI3ZxbTFp-0.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62332
IP address blocks: 185.120.84.0/22 maxlen: 24
185.42.240.0/22 maxlen: 24
185.86.212.0/22 maxlen: 24
185.39.68.0/22 maxlen: 24
2a04:7cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c7:06:b2:3c:88:5c:3b:52:ff:14:54:01:fc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6c0088bf5c8f555394e7c0788dd9c5b4c5a7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:92:60:ca:a4:14:de:64:6b:6c:00:12:f3:b1:
4e:29:1d:87:29:45:0a:e1:c7:6f:82:62:af:1c:f4:
99:00:b9:67:4a:10:4a:13:a1:d8:e8:34:b3:75:83:
39:b3:54:e5:8f:ca:9b:40:5c:07:b4:a7:c1:26:ea:
ee:b1:e3:b3:db:f4:f9:61:15:d2:c2:15:e7:97:2d:
cc:05:21:46:7f:02:d6:ca:46:e3:4c:df:07:11:65:
4b:64:ca:90:83:cc:9b:4b:73:42:27:78:df:80:d7:
bb:28:4a:f5:31:40:21:24:bf:2d:ee:a1:d1:e7:ef:
c4:90:5a:1c:de:90:5f:cd:04:62:da:4c:17:2f:e9:
31:97:63:24:42:d0:f4:32:5e:fc:bd:bb:d4:45:41:
58:f6:48:8d:62:02:19:50:ac:c0:a0:85:e0:f9:17:
3c:4c:12:93:eb:18:93:59:dc:bf:be:51:2a:93:54:
58:94:b7:9e:d0:55:6f:22:78:2d:f8:7d:a6:b0:5a:
43:52:2c:dc:9f:7b:0d:b4:cd:87:2d:28:de:e3:6e:
3c:50:00:6f:4f:b2:1f:66:ce:ee:ec:3f:f9:a1:51:
f4:72:8a:c4:3d:8c:a0:e8:11:0a:94:a0:6d:67:38:
7a:c2:e9:2d:76:ce:bb:b0:a2:11:29:f9:ed:ad:1e:
08:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6C:00:88:BF:5C:8F:55:53:94:E7:C0:78:8D:D9:C5:B4:C5:A7:ED
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/q2wAiL9cj1VTlOfAeI3ZxbTFp-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.68.0/22
185.42.240.0/22
185.86.212.0/22
185.120.84.0/22
IPv6:
2a04:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:d3:0a:27:92:db:f4:07:1d:c7:28:81:56:55:0f:9e:95:2c:
bb:63:3d:db:15:ed:fd:db:5b:25:ea:b4:5f:59:c4:22:9d:f2:
e0:b8:8b:00:cf:15:89:e6:34:9c:ff:72:86:56:db:55:a2:0a:
9a:57:97:78:f6:d5:d0:f4:d6:6c:cf:50:bb:d5:ea:b6:36:dd:
0e:29:3d:aa:4e:41:b7:f6:5c:af:7f:0d:20:73:2b:c6:87:04:
66:f6:d7:04:13:81:77:85:29:d4:54:84:77:3d:a6:bf:1f:53:
16:3e:21:c6:2a:ad:af:16:b9:30:bd:e0:4c:f1:52:01:d2:8a:
89:8d:13:c9:0a:04:78:f7:f8:79:ae:35:19:23:31:98:0f:31:
32:92:48:44:24:dd:7c:35:16:79:d3:11:9f:e0:07:a6:02:17:
8f:4c:ff:d1:13:5a:eb:e0:81:0a:f1:d1:2c:9f:55:8c:8c:ec:
df:a8:99:13:5b:94:78:58:df:77:01:1d:d2:6e:fd:14:2f:d2:
6e:ac:82:31:20:f7:3f:b6:c9:c3:e5:98:b6:02:a9:1f:8e:61:
41:d7:12:d6:2c:04:74:69:44:86:35:59:45:3d:30:ae:3d:5d:
24:5e:3f:39:1d:e9:ba:67:6e:38:f7:4d:a6:c5:b9:67:94:94:
38:db:f9:3f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2scGsjyIXDtS/xRUAfxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZjMDA4OGJmNWM4ZjU1NTM5NGU3YzA3ODhkZDljNWI0YzVhN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5JgyqQU3mRrbAAS87FOKR2HKUUK
4cdvgmKvHPSZALlnShBKE6HY6DSzdYM5s1Tlj8qbQFwHtKfBJuruseOz2/T5YRXS
whXnly3MBSFGfwLWykbjTN8HEWVLZMqQg8ybS3NCJ3jfgNe7KEr1MUAhJL8t7qHR
5+/EkFoc3pBfzQRi2kwXL+kxl2MkQtD0Ml78vbvURUFY9kiNYgIZUKzAoIXg+Rc8
TBKT6xiTWdy/vlEqk1RYlLee0FVvIngt+H2msFpDUizcn3sNtM2HLSje4248UABv
T7IfZs7u7D/5oVH0corEPYyg6BEKlKBtZzh6wuktds67sKIRKfntrR4IXwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKtsAIi/XI9VU5TnwHiN2cW0xaftMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvcTJ3QWlMOWNqMVZUbE9mQWVJM1p4YlRGcC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSdEAwQC
uSrwAwQCuVbUAwQCuXhUMA0EAgACMAcDBQMqBHzAMA0GCSqGSIb3DQEBCwUAA4IB
AQBt0wonktv0Bx3HKIFWVQ+elSy7Yz3bFe3921sl6rRfWcQinfLguIsAzxWJ5jSc
/3KGVttVogqaV5d49tXQ9NZsz1C71eq2Nt0OKT2qTkG39lyvfw0gcyvGhwRm9tcE
E4F3hSnUVIR3Paa/H1MWPiHGKq2vFrkwveBM8VIB0oqJjRPJCgR49/h5rjUZIzGY
DzEykkhEJN18NRZ50xGf4AemAhePTP/RE1rr4IEK8dEsn1WMjOzfqJkTW5R4WN93
AR3Sbv0UL9JurIIxIPc/tsnD5Zi2AqkfjmFB1xLWLAR0aUSGNVlFPTCuPV0kXj85
Hem6Z244902mxblnlJQ42/k/
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org