Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/q-k9OJB6lmDShSUgxkNbYP1QWs8.roa
File: q-k9OJB6lmDShSUgxkNbYP1QWs8.roa (raw, json)
Hash identifier: iXXi7ZaE3R6JSv2pUC5HJqMyqRPg0oc6N/N2GVVLhpw=
Subject key identifier: AB:E9:3D:38:90:7A:96:60:D2:85:25:20:C6:43:5B:60:FD:50:5A:CF
Certificate issuer: /CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Certificate serial: 018CC64A464633D90CA43B9E3324088A303D
Authority key identifier: B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/q-k9OJB6lmDShSUgxkNbYP1QWs8.roa
Signing time: Mon 01 Jan 2024 18:30:05 +0000
ROA not before: Mon 01 Jan 2024 18:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8495
IP address blocks: 89.146.192.0/18 maxlen: 24
85.209.200.0/22 maxlen: 24
195.34.160.0/19 maxlen: 24
2a01:130::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:46:46:33:d9:0c:a4:3b:9e:33:24:08:8a:30:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Validity
Not Before: Jan 1 18:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abe93d38907a9660d2852520c6435b60fd505acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:70:49:4c:75:25:bd:83:c3:33:a3:cb:ea:ae:
fa:d4:7d:bd:bc:41:f2:f0:a1:ff:cf:de:0d:53:17:
79:ca:d8:44:45:37:6d:bb:46:95:b4:59:78:48:df:
c2:c9:3c:c4:a8:7c:57:87:db:7c:c6:c6:3c:d9:ba:
70:31:3a:1d:90:c3:50:a1:40:94:a5:f0:45:d4:9c:
e1:da:41:f3:44:82:6c:a2:e4:6d:64:4b:12:83:43:
94:99:e5:9f:94:1d:7d:02:6f:13:0c:c3:0a:d4:32:
1a:94:14:4b:bd:92:55:72:11:8a:2f:0e:31:80:a2:
ac:66:e4:21:e9:eb:09:a2:53:c2:d4:7a:ce:59:90:
be:d3:47:da:4d:17:8e:76:e2:7e:e6:d4:16:61:09:
bf:66:b8:4a:66:69:b1:71:7e:4a:a9:ef:52:d1:f7:
04:31:50:b8:fc:b2:ce:b6:6f:26:49:6f:74:20:0f:
54:89:1b:3b:a0:3d:60:a9:c0:1e:d3:c1:f5:ab:08:
58:c0:8e:20:b9:1d:fa:fa:bd:a3:ea:57:f1:35:35:
ce:11:3b:74:e9:45:85:84:6e:72:51:a9:6b:ea:ce:
9a:f9:13:5e:a1:e9:9a:92:78:5b:c7:5c:bf:a1:10:
69:76:26:47:c2:40:12:3a:f3:b5:8f:ec:e6:07:41:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E9:3D:38:90:7A:96:60:D2:85:25:20:C6:43:5B:60:FD:50:5A:CF
X509v3 Authority Key Identifier:
keyid:B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/q-k9OJB6lmDShSUgxkNbYP1QWs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.200.0/22
89.146.192.0/18
195.34.160.0/19
IPv6:
2a01:130::/32
Signature Algorithm: sha256WithRSAEncryption
37:19:4e:2d:08:75:d9:65:23:1b:db:77:eb:4c:54:f7:5d:5f:
a7:dc:65:c2:e0:f3:49:a7:3f:08:5c:4b:9e:cf:e2:ac:bd:cc:
3f:76:e4:cc:ab:18:ce:cb:1f:74:63:28:f0:8e:74:93:f9:76:
92:a3:fc:34:ae:e5:c3:38:d7:27:6d:6c:be:24:9c:23:c6:44:
9e:51:5d:ad:b9:34:bf:53:0b:a7:9e:34:f1:c1:11:1a:02:68:
8e:5c:74:e2:df:59:9b:09:83:19:fc:8d:32:1b:45:c5:1f:e9:
e0:6f:f1:ba:49:ca:81:33:f0:3c:7c:0e:62:2c:cb:18:c0:9d:
04:04:c4:54:cc:7d:25:3f:bb:41:5c:3e:d1:0f:7f:75:fd:6d:
ff:4e:2b:74:4a:d1:ef:f9:df:bb:12:57:c8:84:bb:7b:de:50:
a6:fc:ad:a4:08:3b:91:7a:57:a0:1c:88:ff:3c:fa:55:03:04:
c6:8f:01:c9:38:ba:79:32:70:43:03:e5:8a:2c:93:48:8d:bc:
1b:ac:f9:49:f8:6d:6e:fa:ad:c5:a5:09:67:2c:5e:f3:b9:36:
80:f6:72:7d:23:d1:b6:9f:bf:27:b7:4f:74:b6:6b:28:51:30:
91:16:9f:42:5a:40:66:d7:7b:a0:a3:8d:93:f3:5a:8a:8b:bb:
6b:aa:9f:1b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSkZGM9kMpDueMyQIijA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MWUzZjZiZWJjZDA1MjkxZGM1MjY1ZTA4YjFjZDZjNDAx
YjljZmQwHhcNMjQwMTAxMTgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmU5M2QzODkwN2E5NjYwZDI4NTI1MjBjNjQzNWI2MGZkNTA1YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHBJTHUlvYPDM6PL6q761H29vEHy
8KH/z94NUxd5ythERTdtu0aVtFl4SN/CyTzEqHxXh9t8xsY82bpwMTodkMNQoUCU
pfBF1Jzh2kHzRIJsouRtZEsSg0OUmeWflB19Am8TDMMK1DIalBRLvZJVchGKLw4x
gKKsZuQh6esJolPC1HrOWZC+00faTReOduJ+5tQWYQm/ZrhKZmmxcX5Kqe9S0fcE
MVC4/LLOtm8mSW90IA9UiRs7oD1gqcAe08H1qwhYwI4guR36+r2j6lfxNTXOETt0
6UWFhG5yUalr6s6a+RNeoemaknhbx1y/oRBpdiZHwkASOvO1j+zmB0Hw8wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKvpPTiQepZg0oUlIMZDW2D9UFrPMB8GA1UdIwQY
MBaAFLUeP2vrzQUpHcUmXgixzWxAG5z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAt
OGZhNTUxZTZhZTc1LzEvcS1rOU9KQjZsbURTaFNVZ3hrTmJZUDFRV3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAtOGZhNTUxZTZhZTc1
LzEvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVdHIAwQG
WZLAAwQFwyKgMA0EAgACMAcDBQAqAQEwMA0GCSqGSIb3DQEBCwUAA4IBAQA3GU4t
CHXZZSMb23frTFT3XV+n3GXC4PNJpz8IXEuez+Ksvcw/duTMqxjOyx90YyjwjnST
+XaSo/w0ruXDONcnbWy+JJwjxkSeUV2tuTS/UwunnjTxwREaAmiOXHTi31mbCYMZ
/I0yG0XFH+ngb/G6ScqBM/A8fA5iLMsYwJ0EBMRUzH0lP7tBXD7RD391/W3/Tit0
StHv+d+7ElfIhLt73lCm/K2kCDuRelegHIj/PPpVAwTGjwHJOLp5MnBDA+WKLJNI
jbwbrPlJ+G1u+q3FpQlnLF7zuTaA9nJ9I9G2n78nt090tmsoUTCRFp9CWkBm13ug
o42T81qKi7trqp8b
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:33:03 2024 by rpki-client on console-ams.rpki-client.org