Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/qPIo0WKfdto54u60zhkBZ4LCc3U.roa
File: qPIo0WKfdto54u60zhkBZ4LCc3U.roa (raw, json)
Hash identifier: TXOPY7H6GZYc2lhn47+T9kTp7e5TNjBrKzQzlJ+A3yI=
Subject key identifier: A8:F2:28:D1:62:9F:76:DA:39:E2:EE:B4:CE:19:01:67:82:C2:73:75
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 01918E17FF5B20A672BA744C55BC21BC87F6
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/qPIo0WKfdto54u60zhkBZ4LCc3U.roa
Signing time: Mon 26 Aug 2024 09:50:22 +0000
ROA not before: Mon 26 Aug 2024 09:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6205
IP address blocks: 185.70.97.0/24 maxlen: 24
185.70.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:17:ff:5b:20:a6:72:ba:74:4c:55:bc:21:bc:87:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Aug 26 09:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8f228d1629f76da39e2eeb4ce19016782c27375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a1:8c:6d:bc:9e:78:e6:35:df:8d:95:c3:36:
05:41:3a:d6:e4:e8:12:6c:52:f1:47:f0:f9:1a:7b:
b1:db:fe:67:29:26:d1:28:3d:47:e8:55:54:f6:5e:
71:2f:f6:42:93:59:a8:da:09:36:6b:9f:26:d8:48:
9c:ae:61:8a:00:88:fe:8a:b4:43:1d:16:f9:72:63:
ed:b8:41:a9:de:bf:d4:ee:0a:05:24:d6:92:f4:98:
0d:4b:ce:06:bd:2c:f3:ca:ec:d2:3e:ce:d2:e5:b4:
8c:4f:28:38:df:4a:53:1b:fc:a8:49:24:32:56:77:
40:f0:2a:74:9f:02:f2:04:29:2a:ae:a7:a7:69:ce:
df:48:d4:03:dd:b8:2e:17:66:ed:c8:20:56:29:52:
08:54:a9:77:2b:4a:fc:ca:81:7a:3d:d0:d9:2b:75:
b2:a2:a9:f7:77:c2:98:e1:f8:2f:78:0b:6f:04:bb:
fa:79:63:48:79:52:2a:0e:0e:78:1f:b0:02:dc:9a:
70:e9:f7:a4:06:08:fa:bd:c6:8c:f8:92:98:8a:95:
d1:48:cf:55:a2:a1:3e:94:dd:d8:32:22:c6:22:cd:
b2:a9:e9:12:65:bc:af:e0:e5:4b:a3:63:6e:e4:8d:
38:f7:21:aa:3b:39:ec:23:55:72:98:28:e3:08:17:
b5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F2:28:D1:62:9F:76:DA:39:E2:EE:B4:CE:19:01:67:82:C2:73:75
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/qPIo0WKfdto54u60zhkBZ4LCc3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.97.0/24
185.70.99.0/24
Signature Algorithm: sha256WithRSAEncryption
11:eb:e6:b5:cc:a4:7a:6a:c3:e0:20:08:78:ea:28:0e:ae:e9:
7e:27:ac:7b:1c:27:01:08:31:80:08:1c:51:44:98:15:6a:51:
6f:17:15:fe:e7:dc:8e:94:a2:b3:72:63:8f:b6:4d:7f:e5:32:
3e:f0:ae:b3:d8:52:6e:91:e0:fa:7f:ea:ed:a7:29:54:03:35:
05:b8:cd:63:83:d6:b0:41:56:75:8b:d0:17:bf:0a:07:ca:9f:
e5:52:e2:51:9e:08:b2:eb:66:40:5d:68:62:d2:db:1d:cf:80:
f9:b5:7a:0a:80:1f:32:a8:0b:73:6d:e1:bc:5b:9e:1a:f9:82:
51:48:46:3b:8e:55:7b:c8:53:47:20:47:f7:00:12:ff:7f:78:
0c:aa:4c:56:28:2c:a5:da:01:38:06:3c:25:12:f6:9f:a4:da:
50:8b:b3:7a:79:52:18:30:b0:4f:6d:67:4f:fa:4c:75:a4:3f:
7d:41:dd:0d:f3:6f:c2:8f:85:39:53:ff:36:fe:1b:f0:55:46:
3e:34:58:5b:e8:51:c1:ea:60:5b:2c:e6:bb:bd:45:00:9a:76:
1a:46:77:1d:05:8d:e7:b8:d9:f7:07:4e:46:1e:7a:ee:eb:49:
c8:6e:fb:1e:c2:83:05:d2:56:48:7f:8f:49:97:26:f0:fa:85:
74:70:0e:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGOF/9bIKZyunRMVbwhvIf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjQwODI2MDk1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGYyMjhkMTYyOWY3NmRhMzllMmVlYjRjZTE5MDE2NzgyYzI3Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aGMbbyeeOY1342VwzYFQTrW5OgS
bFLxR/D5Gnux2/5nKSbRKD1H6FVU9l5xL/ZCk1mo2gk2a58m2EicrmGKAIj+irRD
HRb5cmPtuEGp3r/U7goFJNaS9JgNS84GvSzzyuzSPs7S5bSMTyg430pTG/yoSSQy
VndA8Cp0nwLyBCkqrqenac7fSNQD3bguF2btyCBWKVIIVKl3K0r8yoF6PdDZK3Wy
oqn3d8KY4fgveAtvBLv6eWNIeVIqDg54H7AC3Jpw6fekBgj6vcaM+JKYipXRSM9V
oqE+lN3YMiLGIs2yqekSZbyv4OVLo2Nu5I049yGqOznsI1VymCjjCBe1CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKjyKNFin3baOeLutM4ZAWeCwnN1MB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvcVBJbzBXS2ZkdG81NHU2MHpoa0JaNExDYzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZhAwQA
uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQAR6+a1zKR6asPgIAh46igOrul+J6x7HCcB
CDGACBxRRJgValFvFxX+59yOlKKzcmOPtk1/5TI+8K6z2FJukeD6f+rtpylUAzUF
uM1jg9awQVZ1i9AXvwoHyp/lUuJRngiy62ZAXWhi0tsdz4D5tXoKgB8yqAtzbeG8
W54a+YJRSEY7jlV7yFNHIEf3ABL/f3gMqkxWKCyl2gE4BjwlEvafpNpQi7N6eVIY
MLBPbWdP+kx1pD99Qd0N82/Cj4U5U/82/hvwVUY+NFhb6FHB6mBbLOa7vUUAmnYa
RncdBY3nuNn3B05GHnru60nIbvsewoMF0lZIf49Jlybw+oV0cA6P
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:54:23 2024 by rpki-client on console-ams.rpki-client.org