Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1GQnhoHxvO12sIOE9ULYRIUjAAs.roa
File: 1GQnhoHxvO12sIOE9ULYRIUjAAs.roa (raw, json)
Hash identifier: jkc9Rxp7Nw54g4Tnxdk2poHL7z1Ekux5MO35TfEYqgI=
Subject key identifier: D4:64:27:86:81:F1:BC:ED:76:B0:83:84:F5:42:D8:44:85:23:00:0B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018D596E55DF6B77F30466A2B1E31FBE25AC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1GQnhoHxvO12sIOE9ULYRIUjAAs.roa
Signing time: Tue 30 Jan 2024 08:13:39 +0000
ROA not before: Tue 30 Jan 2024 08:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211826
IP address blocks: 89.185.2.0/24 maxlen: 24
109.72.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:6e:55:df:6b:77:f3:04:66:a2:b1:e3:1f:be:25:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 30 08:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d464278681f1bced76b08384f542d8448523000b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:be:a8:35:fb:70:27:fa:dd:a2:c2:f8:04:75:
f0:b0:26:56:e6:ac:02:7e:08:b7:58:d6:ed:fe:bc:
27:55:20:f3:e3:3e:b3:d6:36:45:0c:6c:4a:53:a6:
19:69:c9:37:b4:98:11:a3:3d:d2:35:07:ed:18:14:
44:c4:70:c7:82:f1:81:f1:12:04:88:94:70:61:66:
d0:c6:d8:f0:5c:cb:60:de:7a:c7:39:2c:54:18:5f:
d7:6d:c5:e0:d0:47:61:ed:05:b9:6d:1e:0d:69:bb:
f0:f8:ee:43:86:af:1f:6c:5c:68:6a:ae:c3:a7:96:
23:ff:3d:76:ec:57:c4:60:28:89:0a:94:28:39:a7:
e1:3e:7a:26:12:3e:87:4f:5d:23:9a:a6:e3:b8:77:
3f:4c:3f:e2:ac:3b:8d:26:10:1d:6a:02:64:63:4b:
fa:c3:cd:bd:bd:26:30:f4:97:9a:33:4b:bd:e4:a5:
dd:49:55:ee:fb:0c:d5:e7:f6:19:fc:59:7a:e6:81:
3c:4c:d7:34:6d:dc:12:d6:2e:15:d1:fd:03:59:bc:
9a:34:6b:04:90:4d:a4:e1:dc:b0:82:00:c7:1b:26:
b5:00:ba:36:f9:ff:9a:1b:e0:21:fb:a1:bc:d2:44:
10:76:d6:cc:a4:89:e5:79:e9:8d:bb:ac:e0:c8:f3:
05:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:64:27:86:81:F1:BC:ED:76:B0:83:84:F5:42:D8:44:85:23:00:0B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/1GQnhoHxvO12sIOE9ULYRIUjAAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.2.0/24
109.72.126.0/24
Signature Algorithm: sha256WithRSAEncryption
95:76:f1:90:cc:f7:3a:67:57:c2:94:0c:58:98:ab:30:08:2f:
f1:6e:56:df:cd:45:37:26:23:c4:4e:1f:c8:18:02:ad:6e:fe:
76:35:4f:ff:5d:d0:23:6c:d8:02:18:db:ba:e9:2a:10:c6:a1:
ea:06:7c:e4:17:06:6e:8e:33:ed:ef:83:e1:0a:e0:8a:69:91:
5f:b9:f1:02:36:bf:95:68:96:0c:56:61:9f:74:79:23:aa:34:
7f:3d:8f:69:89:08:8a:06:d1:bb:38:fb:17:27:d9:8d:c6:78:
58:fe:c7:0f:5f:dd:f1:91:3d:6c:9a:d9:40:13:d1:a4:3b:8a:
5b:de:75:8c:dc:53:53:ef:fa:8f:15:26:7b:fd:a9:6f:a7:45:
44:44:0a:e1:3d:00:16:18:5e:a3:18:92:c7:4d:aa:19:ce:ac:
02:4b:b4:dd:28:ab:eb:68:47:f1:9f:ff:77:f1:34:e7:9b:b9:
34:62:20:d1:9c:a5:fa:99:e4:05:ef:58:9e:70:30:ad:e9:6b:
be:29:31:cf:62:5a:41:1f:4d:88:ec:d4:86:ca:3f:c3:2d:3d:
fe:c8:a9:d0:5e:3d:9b:1b:5b:fc:94:3c:e5:ed:a0:ac:9f:e5:
90:2c:1c:60:33:08:ed:79:9f:88:c3:c9:74:c7:f6:3c:23:a1:
fa:9f:51:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1ZblXfa3fzBGaiseMfviWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTMwMDgxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDY0Mjc4NjgxZjFiY2VkNzZiMDgzODRmNTQyZDg0NDg1MjMwMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL6oNftwJ/rdosL4BHXwsCZW5qwC
fgi3WNbt/rwnVSDz4z6z1jZFDGxKU6YZack3tJgRoz3SNQftGBRExHDHgvGB8RIE
iJRwYWbQxtjwXMtg3nrHOSxUGF/XbcXg0Edh7QW5bR4Nabvw+O5Dhq8fbFxoaq7D
p5Yj/z127FfEYCiJCpQoOafhPnomEj6HT10jmqbjuHc/TD/irDuNJhAdagJkY0v6
w829vSYw9JeaM0u95KXdSVXu+wzV5/YZ/Fl65oE8TNc0bdwS1i4V0f0DWbyaNGsE
kE2k4dywggDHGya1ALo2+f+aG+Ah+6G80kQQdtbMpInleemNu6zgyPMFGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRkJ4aB8bztdrCDhPVC2ESFIwALMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvMUdRbmhvSHh2TzEyc0lPRTlVTFlSSVVqQUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWbkCAwQA
bUh+MA0GCSqGSIb3DQEBCwUAA4IBAQCVdvGQzPc6Z1fClAxYmKswCC/xblbfzUU3
JiPETh/IGAKtbv52NU//XdAjbNgCGNu66SoQxqHqBnzkFwZujjPt74PhCuCKaZFf
ufECNr+VaJYMVmGfdHkjqjR/PY9piQiKBtG7OPsXJ9mNxnhY/scPX93xkT1smtlA
E9GkO4pb3nWM3FNT7/qPFSZ7/alvp0VERArhPQAWGF6jGJLHTaoZzqwCS7TdKKvr
aEfxn/938TTnm7k0YiDRnKX6meQF71iecDCt6Wu+KTHPYlpBH02I7NSGyj/DLT3+
yKnQXj2bG1v8lDzl7aCsn+WQLBxgMwjteZ+Iw8l0x/Y8I6H6n1Hq
-----END CERTIFICATE-----
Generated at Mon May 6 13:26:35 2024 by rpki-client on console-fra.rpki-client.org