Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dQfs2Gn10yr-Tz3T-dDX9Zbh-Pk.roa
File: dQfs2Gn10yr-Tz3T-dDX9Zbh-Pk.roa (raw, json)
Hash identifier: PcAQmI0VcMV8vk6cH3VnkZVx+XU3yjeoW0GvJ/Gwq6g=
Subject key identifier: 75:07:EC:D8:69:F5:D3:2A:FE:4F:3D:D3:F9:D0:D7:F5:96:E1:F8:F9
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018CC9BB0A9204621061D4FCFA75FEF2335E
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dQfs2Gn10yr-Tz3T-dDX9Zbh-Pk.roa
Signing time: Tue 02 Jan 2024 10:32:07 +0000
ROA not before: Tue 02 Jan 2024 10:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44451
IP address blocks: 93.92.8.0/21 maxlen: 21
94.247.48.0/21 maxlen: 21
37.46.16.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:0a:92:04:62:10:61:d4:fc:fa:75:fe:f2:33:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 10:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7507ecd869f5d32afe4f3dd3f9d0d7f596e1f8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1b:bc:5e:83:54:f8:4c:d9:bd:44:6c:3a:2a:
51:c0:8d:40:ba:55:18:84:45:a5:4b:b0:4d:ee:77:
f0:28:f6:38:e7:28:c6:56:49:da:90:32:b7:b3:0e:
98:12:95:2e:d0:00:d6:63:2d:04:05:de:2f:7b:84:
46:2a:21:bc:39:77:cd:7e:ae:50:e3:11:06:e9:d8:
52:fd:f9:45:86:e4:c5:97:ec:3e:43:86:2b:27:e8:
d8:1a:21:68:99:fd:d2:d0:15:6e:e3:6f:3b:03:04:
05:ad:47:69:28:ac:cd:1a:03:0a:1d:8b:e5:d4:c1:
58:17:51:9c:8c:3b:41:e1:61:27:59:0e:a4:17:42:
d7:18:97:b1:83:5a:5e:69:89:e6:25:c6:a2:1c:1e:
1b:0b:5f:3f:5c:29:4d:e8:7f:1e:6a:bc:cb:93:b7:
93:d0:0b:8f:1d:c9:c9:06:2d:27:4c:02:83:2a:e0:
a6:c9:57:57:cd:ad:39:fd:ca:b6:90:c2:ca:ac:53:
e9:17:e9:8b:53:38:a6:9c:3e:6b:02:9d:19:f9:3d:
b7:4e:ad:0b:08:1e:77:f7:39:1d:49:37:be:19:1e:
3d:21:28:85:e3:d5:2f:38:d3:4d:e8:2c:7a:7a:5f:
02:4b:c3:40:f1:81:ac:c2:6b:13:15:f4:04:ba:21:
59:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:07:EC:D8:69:F5:D3:2A:FE:4F:3D:D3:F9:D0:D7:F5:96:E1:F8:F9
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/dQfs2Gn10yr-Tz3T-dDX9Zbh-Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
93.92.8.0/21
94.247.48.0/21
Signature Algorithm: sha256WithRSAEncryption
29:bb:c9:e9:19:4c:49:11:ef:60:9d:80:04:40:65:7e:c2:a1:
d1:b0:ae:64:76:b6:0a:6f:72:e1:b7:b2:8f:4b:a1:1c:88:c9:
8c:52:eb:ba:b8:c9:65:42:f8:af:2e:a7:62:7b:d9:22:15:83:
58:24:99:96:a5:b4:03:83:0e:79:f0:56:2f:4e:9b:d2:6c:aa:
6e:de:66:90:c1:e3:ca:29:b7:de:4b:d4:a4:71:22:f0:40:73:
26:61:45:28:31:eb:82:e0:77:bc:a5:9e:8a:c7:a4:1e:73:1a:
4c:ff:3a:7c:44:ec:bb:ce:d6:65:a2:f9:40:ca:fe:c2:17:19:
49:3f:71:2e:bd:fe:bd:75:f5:04:f2:17:ec:86:c1:a3:56:77:
cb:c2:c2:34:e7:a7:cf:23:37:e7:f2:d5:00:aa:af:ab:13:82:
b2:4f:b2:e1:97:59:7e:57:59:a7:03:cd:74:c8:34:1f:62:26:
f1:bf:72:cf:24:62:48:02:92:28:4c:e6:19:1b:bf:d2:ff:e8:
fc:ba:8b:cf:2a:73:e9:11:29:1d:83:92:40:96:16:dc:10:4f:
66:a0:e0:d9:60:d6:4d:60:6f:89:b5:2e:fd:90:9a:6d:60:30:
f3:2e:62:57:9e:10:f9:eb:71:d6:0c:70:44:dd:91:e8:ee:d7:
05:59:32:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJuwqSBGIQYdT8+nX+8jNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQwMTAyMTAzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA3ZWNkODY5ZjVkMzJhZmU0ZjNkZDNmOWQwZDdmNTk2ZTFmOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxu8XoNU+EzZvURsOipRwI1AulUY
hEWlS7BN7nfwKPY45yjGVknakDK3sw6YEpUu0ADWYy0EBd4ve4RGKiG8OXfNfq5Q
4xEG6dhS/flFhuTFl+w+Q4YrJ+jYGiFomf3S0BVu4287AwQFrUdpKKzNGgMKHYvl
1MFYF1GcjDtB4WEnWQ6kF0LXGJexg1peaYnmJcaiHB4bC18/XClN6H8earzLk7eT
0AuPHcnJBi0nTAKDKuCmyVdXza05/cq2kMLKrFPpF+mLUzimnD5rAp0Z+T23Tq0L
CB539zkdSTe+GR49ISiF49UvONNN6Cx6el8CS8NA8YGswmsTFfQEuiFZNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUH7Nhp9dMq/k890/nQ1/WW4fj5MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvZFFmczJHbjEweXItVHozVC1kRFg5WmJoLVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJS4QAwQD
XVwIAwQDXvcwMA0GCSqGSIb3DQEBCwUAA4IBAQApu8npGUxJEe9gnYAEQGV+wqHR
sK5kdrYKb3Lht7KPS6EciMmMUuu6uMllQvivLqdie9kiFYNYJJmWpbQDgw558FYv
TpvSbKpu3maQwePKKbfeS9SkcSLwQHMmYUUoMeuC4He8pZ6Kx6QecxpM/zp8ROy7
ztZlovlAyv7CFxlJP3Euvf69dfUE8hfshsGjVnfLwsI056fPIzfn8tUAqq+rE4Ky
T7Lhl1l+V1mnA810yDQfYibxv3LPJGJIApIoTOYZG7/S/+j8uovPKnPpESkdg5JA
lhbcEE9moODZYNZNYG+JtS79kJptYDDzLmJXnhD563HWDHBE3ZHo7tcFWTL9
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:25 2024 by rpki-client on console-fra.rpki-client.org