Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/qLLKtrWJnyvPokl7p_mkSt5_Nqk.roa
File: qLLKtrWJnyvPokl7p_mkSt5_Nqk.roa (raw, json)
Hash identifier: LLZc/G7efVLtzAK+Z+2/oMFYn6AfeVGDTuvp9ColX2s=
Subject key identifier: A8:B2:CA:B6:B5:89:9F:2B:CF:A2:49:7B:A7:F9:A4:4A:DE:7F:36:A9
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192C0377DB1541E26B2EC9F76D9CF65A4D1
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/qLLKtrWJnyvPokl7p_mkSt5_Nqk.roa
Signing time: Thu 24 Oct 2024 20:28:34 +0000
ROA not before: Thu 24 Oct 2024 20:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205059
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c0:37:7d:b1:54:1e:26:b2:ec:9f:76:d9:cf:65:a4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 20:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8b2cab6b5899f2bcfa2497ba7f9a44ade7f36a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:31:6d:73:a4:37:54:a2:6e:16:64:c8:e5:82:
93:e5:be:d6:05:90:b3:a2:93:8a:42:7b:ea:4a:d6:
07:06:a0:26:b2:38:e9:6a:66:94:4c:7c:87:1b:ec:
bc:98:71:b2:88:ea:6a:e3:34:9e:28:4c:2d:b3:25:
bd:e9:2e:a8:22:e8:45:4c:3a:86:c8:21:84:ee:19:
80:b6:77:98:e4:9f:16:56:c5:e9:4d:86:39:d0:77:
90:35:c0:2d:65:99:59:68:04:ca:64:3d:c4:28:78:
ff:24:81:d0:de:69:d5:7c:21:51:1d:44:d1:5c:48:
6f:70:03:8e:14:36:55:84:cf:e1:5a:47:1c:2d:64:
a2:56:9f:38:63:f2:b4:95:e4:9c:31:d5:64:f1:9c:
c9:73:a4:6b:46:e6:bd:db:56:a8:ef:91:ca:85:df:
f9:0b:ca:50:49:d3:a9:d0:dc:c8:82:71:e9:62:c0:
ff:d6:f1:3a:df:fb:6b:aa:f4:23:34:f2:36:d8:66:
c0:7d:83:d0:b4:8e:47:6c:fd:ec:a3:11:41:25:fc:
56:65:40:5c:44:2e:d3:46:69:9a:3c:3d:08:27:dc:
31:8b:6f:5e:b7:87:30:f4:d0:6e:2c:18:b8:0a:3b:
e7:28:e9:ea:8f:4a:50:c1:80:82:ee:c1:ee:e2:04:
00:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B2:CA:B6:B5:89:9F:2B:CF:A2:49:7B:A7:F9:A4:4A:DE:7F:36:A9
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/qLLKtrWJnyvPokl7p_mkSt5_Nqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:4c:ce:84:f6:61:d3:c1:8c:b3:c7:48:d6:eb:65:39:8b:58:
4c:00:17:b9:cd:a3:c7:18:3f:90:23:69:64:f1:c6:3c:4b:c2:
df:89:be:f6:f8:66:96:2a:ab:0d:4f:d1:3f:78:dc:47:c2:53:
1d:0d:7e:e8:c3:31:47:f5:59:69:a0:7b:1f:f1:37:98:e5:11:
14:56:fc:23:30:11:31:cf:ea:26:cc:85:a2:74:aa:61:29:31:
5e:4e:64:d1:65:b1:c3:4f:79:d1:4e:f2:92:79:be:98:7d:65:
17:f5:07:67:ac:56:15:6a:19:02:97:03:66:fe:c3:f3:00:84:
26:46:8d:1d:05:6b:ac:7e:d9:b8:c8:16:b0:b1:34:3c:d7:e7:
7f:f5:74:c1:ee:39:0b:a6:84:01:ee:35:70:88:33:5f:12:6b:
41:d0:e8:61:2f:b5:20:78:5d:2f:cc:ed:73:0f:72:99:01:0f:
ca:cd:3d:4b:4e:a4:4d:e3:fc:1f:5a:21:5a:ca:62:7f:19:44:
6e:ed:9d:cb:b4:f9:ec:47:76:87:42:92:08:08:c4:7e:6f:02:
f3:31:5c:2f:49:c1:a9:28:90:ea:fa:75:ef:d3:e5:4d:06:5d:
10:d8:2a:99:ee:82:ba:fb:43:b6:75:5c:9d:91:a4:17:03:98:
57:89:f3:11
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZLAN32xVB4msuyfdtnPZaTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MjAyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGIyY2FiNmI1ODk5ZjJiY2ZhMjQ5N2JhN2Y5YTQ0YWRlN2YzNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTFtc6Q3VKJuFmTI5YKT5b7WBZCz
opOKQnvqStYHBqAmsjjpamaUTHyHG+y8mHGyiOpq4zSeKEwtsyW96S6oIuhFTDqG
yCGE7hmAtneY5J8WVsXpTYY50HeQNcAtZZlZaATKZD3EKHj/JIHQ3mnVfCFRHUTR
XEhvcAOOFDZVhM/hWkccLWSiVp84Y/K0leScMdVk8ZzJc6RrRua921ao75HKhd/5
C8pQSdOp0NzIgnHpYsD/1vE63/trqvQjNPI22GbAfYPQtI5HbP3soxFBJfxWZUBc
RC7TRmmaPD0IJ9wxi29et4cw9NBuLBi4CjvnKOnqj0pQwYCC7sHu4gQAVQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKiyyra1iZ8rz6JJe6f5pErefzapMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvcUxMS3RyV0pueXZQb2tsN3BfbWtTdDVfTnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuYEQAwQB
uedsMBgEAgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEB
AFxMzoT2YdPBjLPHSNbrZTmLWEwAF7nNo8cYP5AjaWTxxjxLwt+Jvvb4ZpYqqw1P
0T943EfCUx0NfujDMUf1WWmgex/xN5jlERRW/CMwETHP6ibMhaJ0qmEpMV5OZNFl
scNPedFO8pJ5vph9ZRf1B2esVhVqGQKXA2b+w/MAhCZGjR0Fa6x+2bjIFrCxNDzX
53/1dMHuOQumhAHuNXCIM18Sa0HQ6GEvtSB4XS/M7XMPcpkBD8rNPUtOpE3j/B9a
IVrKYn8ZRG7tncu0+exHdodCkggIxH5vAvMxXC9JwakokOr6de/T5U0GXRDYKpnu
grr7Q7Z1XJ2RpBcDmFeJ8xE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:18 2024 by rpki-client on console-fra.rpki-client.org