Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qKrchMZXoIvNoaefCPDzOW0zzrc.roa
File: qKrchMZXoIvNoaefCPDzOW0zzrc.roa (raw, json)
Hash identifier: DKiMBCUknYr6TLGRZQgdrwJpSAU1gBJL50GusmVLoFU=
Subject key identifier: A8:AA:DC:84:C6:57:A0:8B:CD:A1:A7:9F:08:F0:F3:39:6D:33:CE:B7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192D2AB8B3A20D776275141EBC0B59EEA7E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qKrchMZXoIvNoaefCPDzOW0zzrc.roa
Signing time: Mon 28 Oct 2024 10:28:30 +0000
ROA not before: Mon 28 Oct 2024 10:28:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49600
IP address blocks: 92.60.35.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.230.54.0/23 maxlen: 23
185.230.55.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
193.37.64.0/24 maxlen: 24
193.37.65.0/24 maxlen: 24
194.35.41.0/24 maxlen: 24
194.35.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:ab:8b:3a:20:d7:76:27:51:41:eb:c0:b5:9e:ea:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 28 10:28:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8aadc84c657a08bcda1a79f08f0f3396d33ceb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b6:50:d5:3a:b8:4b:a3:a2:af:f2:a6:85:4c:
41:97:83:9a:85:bd:77:58:35:4b:3f:28:05:15:0a:
a5:d5:80:42:29:85:cd:7b:03:bd:30:a2:d4:98:d7:
6b:0a:04:23:36:0c:cb:f1:2f:69:0c:db:f4:31:1a:
86:d9:3e:ec:e4:b7:a5:65:90:5c:1f:a3:bb:a9:8a:
3c:c9:9d:f2:ee:ab:06:6c:81:0a:bc:0b:eb:e5:a9:
7f:99:be:75:2c:9e:ab:20:fa:d9:e0:32:c6:01:63:
5d:5d:53:ea:56:9d:8e:c0:aa:13:71:8f:cc:b6:29:
6d:9f:85:c5:94:61:58:91:e7:b4:b1:ef:b8:c3:83:
48:9c:be:c9:eb:60:5d:d3:91:1f:a6:09:62:1a:45:
0e:ce:27:b2:d6:3f:ae:47:40:d8:9a:00:36:9e:e9:
8a:7c:21:d6:36:8e:9f:b7:f3:ba:9f:5a:24:b3:a0:
9f:d6:6e:42:4a:c9:3e:17:eb:2e:c5:a7:69:ec:51:
3c:64:77:98:a4:dc:55:7b:cc:82:60:13:93:e8:8f:
57:91:b8:fd:0f:24:5e:2c:8f:87:42:d4:ec:97:da:
eb:c6:f3:6e:82:d5:d8:df:db:c4:d0:31:87:16:66:
ed:f6:78:1a:a1:5b:22:47:fb:4d:ae:5e:95:2f:91:
77:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AA:DC:84:C6:57:A0:8B:CD:A1:A7:9F:08:F0:F3:39:6D:33:CE:B7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qKrchMZXoIvNoaefCPDzOW0zzrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.35.0/24
185.121.15.0/24
185.196.43.0/24
185.230.54.0/23
193.17.183.0/24
193.37.64.0/23
194.35.41.0-194.35.42.255
Signature Algorithm: sha256WithRSAEncryption
03:cc:07:af:b8:ae:7d:61:81:74:5f:8b:fb:dd:73:e2:e5:94:
14:ab:e3:58:37:db:91:98:1a:da:15:61:3a:4b:03:6f:1b:ff:
6c:e9:99:a7:eb:50:49:00:9d:7a:b5:af:24:55:d3:7a:30:dd:
69:f8:87:7b:6a:15:ef:87:91:8c:11:0d:3a:ca:62:a6:33:e6:
b8:28:37:2c:40:9f:8f:41:54:2a:1f:f2:14:e7:d0:99:47:6a:
0d:07:f0:5c:52:ee:ef:06:7b:a2:38:e1:a8:99:13:51:c6:32:
1b:24:55:98:7e:ac:53:f3:4f:8e:78:61:09:42:ab:23:b8:57:
b3:e3:24:98:3d:4b:12:4d:03:50:4d:6b:27:d0:0e:63:21:5d:
52:ea:ae:23:4f:89:0b:67:ed:14:e8:9e:5c:f8:03:5b:5e:57:
f6:55:26:c2:05:f1:4d:a3:8b:56:82:45:05:74:0f:e1:e6:e8:
e4:ae:8d:fa:01:2e:3e:42:6a:dc:4c:ae:22:6d:ec:1d:b1:7e:
a8:a3:e9:c9:98:cc:39:69:ee:99:c1:43:5f:3e:a8:47:38:5c:
ea:cd:bf:92:0b:3d:20:b9:b2:fe:c4:1a:ea:e3:49:9c:48:b9:
a8:46:dd:f9:a0:33:38:97:5a:99:f5:2a:a3:ae:5b:ea:1f:3d:
96:6c:3f:22
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZLSq4s6INd2J1FB68C1nup+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDI4MTAyODMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFhZGM4NGM2NTdhMDhiY2RhMWE3OWYwOGYwZjMzOTZkMzNjZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17ZQ1Tq4S6Oir/KmhUxBl4Oahb13
WDVLPygFFQql1YBCKYXNewO9MKLUmNdrCgQjNgzL8S9pDNv0MRqG2T7s5LelZZBc
H6O7qYo8yZ3y7qsGbIEKvAvr5al/mb51LJ6rIPrZ4DLGAWNdXVPqVp2OwKoTcY/M
tiltn4XFlGFYkee0se+4w4NInL7J62Bd05EfpgliGkUOziey1j+uR0DYmgA2numK
fCHWNo6ft/O6n1oks6Cf1m5CSsk+F+suxadp7FE8ZHeYpNxVe8yCYBOT6I9Xkbj9
DyReLI+HQtTsl9rrxvNugtXY39vE0DGHFmbt9ngaoVsiR/tNrl6VL5F3RQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKiq3ITGV6CLzaGnnwjw8zltM863MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcUtyY2hNWlhvSXZOb2FlZkNQRHpPVzB6enJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAXDwjAwQA
uXkPAwQAucQrAwQBueY2AwQAwRG3AwQBwSVAMAwDBADCIykDBADCIyowDQYJKoZI
hvcNAQELBQADggEBAAPMB6+4rn1hgXRfi/vdc+LllBSr41g325GYGtoVYTpLA28b
/2zpmafrUEkAnXq1ryRV03ow3Wn4h3tqFe+HkYwRDTrKYqYz5rgoNyxAn49BVCof
8hTn0JlHag0H8FxS7u8Ge6I44aiZE1HGMhskVZh+rFPzT454YQlCqyO4V7PjJJg9
SxJNA1BNayfQDmMhXVLqriNPiQtn7RTonlz4A1teV/ZVJsIF8U2ji1aCRQV0D+Hm
6OSujfoBLj5CatxMriJt7B2xfqij6cmYzDlp7pnBQ18+qEc4XOrNv5ILPSC5sv7E
GurjSZxIuahG3fmgMziXWpn1KqOuW+ofPZZsPyI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:05:35 2024 by rpki-client on console-fra.rpki-client.org