Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/1-QOHhnX0MWOXDBwnjh6i_Rt3f8A.roa
File: 1-QOHhnX0MWOXDBwnjh6i_Rt3f8A.roa (raw, json)
Hash identifier: gDZGghoG/0w9zq8EkvGc1lK8gjK3Id3lZ4U6M/EGs70=
Subject key identifier: F9:03:87:86:75:F4:31:63:97:0C:1C:27:8E:1E:A2:FD:1B:77:7F:C0
Certificate issuer: /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial: 018CC56EDA2DB1FB8F44671E5421FE8BDBE7
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/1-QOHhnX0MWOXDBwnjh6i_Rt3f8A.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206119
IP address blocks: 82.129.32.0/22 maxlen: 24
212.20.136.0/21 maxlen: 24
82.138.108.0/22 maxlen: 24
212.20.144.0/22 maxlen: 24
82.138.120.0/21 maxlen: 24
80.91.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:da:2d:b1:fb:8f:44:67:1e:54:21:fe:8b:db:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f903878675f43163970c1c278e1ea2fd1b777fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c7:c8:0b:6f:30:3c:f3:cd:bf:4f:6c:02:1f:
52:c0:5c:ed:06:f1:4f:b8:15:11:f2:44:c5:b2:e2:
97:ad:d8:1a:81:53:d7:df:c0:eb:6f:87:c1:b7:ed:
81:ec:62:29:1c:30:ab:7c:29:0c:c7:5c:ed:59:37:
d2:15:84:33:ec:c4:f9:14:58:69:20:e5:a3:11:7f:
b9:0e:33:d8:74:cc:3a:7a:16:7c:8b:cd:5a:6f:df:
78:e0:48:e0:d3:dc:29:93:fc:1a:07:ad:9c:25:d8:
73:71:09:06:4f:3d:7c:66:c8:e9:76:6a:d6:3b:cb:
52:de:7c:5c:71:d2:36:ca:25:b0:77:a0:ab:15:9f:
34:d2:ec:f3:38:af:a1:08:b2:69:bd:a0:b8:5c:e4:
21:78:70:c1:b8:13:a8:0a:10:ce:a5:7e:e5:f8:f8:
db:30:9e:e4:a9:62:b1:88:94:f8:71:2f:22:ea:45:
89:fd:07:10:ac:58:5a:e3:d1:14:1e:1b:86:86:8f:
05:7f:75:ce:2c:1c:54:94:43:65:11:59:97:5f:15:
63:9d:f8:d4:db:45:6c:3e:ae:e2:b4:04:0a:d5:a4:
7d:41:70:78:2e:c0:bd:25:e7:ee:9f:dc:bc:b2:2c:
0d:12:83:2b:d6:50:c0:b6:01:4c:f1:21:6a:36:dc:
a8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:03:87:86:75:F4:31:63:97:0C:1C:27:8E:1E:A2:FD:1B:77:7F:C0
X509v3 Authority Key Identifier:
keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/1-QOHhnX0MWOXDBwnjh6i_Rt3f8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.92.0/22
82.129.32.0/22
82.138.108.0/22
82.138.120.0/21
212.20.136.0-212.20.147.255
Signature Algorithm: sha256WithRSAEncryption
5f:6b:af:05:84:4a:7f:f1:37:34:fe:45:af:e7:de:b1:06:18:
f1:31:67:ee:7d:94:9b:72:bd:b9:6e:16:11:d7:f0:bb:a4:fc:
e4:20:99:4b:5c:46:38:2c:82:21:9f:69:21:0a:a1:f9:ce:81:
b9:4c:c5:f8:8a:87:f5:2e:41:56:57:b8:da:fa:5d:eb:18:c1:
27:1d:8f:27:06:bf:54:ce:b3:9c:11:1b:66:34:af:15:cb:f1:
60:5a:81:bf:89:a0:9a:62:f8:43:1c:ec:7d:07:9a:0e:92:60:
da:a2:f1:4e:cb:92:a4:4f:aa:06:98:ab:a5:49:af:fc:8b:fe:
c9:b0:03:c8:01:0b:4a:b1:3b:c7:8a:6f:13:15:bb:71:a8:81:
29:82:dd:43:e7:89:03:74:f2:f8:ac:8d:b3:eb:8a:70:66:df:
6c:2c:1d:3b:cc:8b:d5:86:63:a6:fb:1d:dd:17:5a:64:52:c8:
c1:d2:af:05:89:6c:6e:65:f8:f2:3f:b1:33:a6:72:03:6e:26:
08:37:89:39:cb:ab:b6:3e:8f:66:57:06:77:dd:0c:21:74:96:
76:3d:00:70:57:2e:58:63:26:2e:a5:76:fd:e2:a4:49:45:d6:
ef:00:17:cd:1a:38:41:9d:5d:81:83:c0:a4:ab:ac:a1:81:10:
68:44:aa:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbtotsfuPRGceVCH+i9vnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAzODc4Njc1ZjQzMTYzOTcwYzFjMjc4ZTFlYTJmZDFiNzc3ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8fIC28wPPPNv09sAh9SwFztBvFP
uBUR8kTFsuKXrdgagVPX38Drb4fBt+2B7GIpHDCrfCkMx1ztWTfSFYQz7MT5FFhp
IOWjEX+5DjPYdMw6ehZ8i81ab9944Ejg09wpk/waB62cJdhzcQkGTz18ZsjpdmrW
O8tS3nxccdI2yiWwd6CrFZ800uzzOK+hCLJpvaC4XOQheHDBuBOoChDOpX7l+Pjb
MJ7kqWKxiJT4cS8i6kWJ/QcQrFha49EUHhuGho8Ff3XOLBxUlENlEVmXXxVjnfjU
20VsPq7itAQK1aR9QXB4LsC9Jefun9y8siwNEoMr1lDAtgFM8SFqNtyouQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPkDh4Z19DFjlwwcJ44eov0bd3/AMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvMS1RT0hoblgwTVdPWERCd25qaDZpX1J0M2Y4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvZDU2MjhhLWQ5YjEtNGRhOS1hNzQ0LTk1NmY2YjVjNjE3
MC8xLzVZQWt0eW5abndVVFBzYlJRNURIUHJOdHVaNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAlBbXAME
AlKBIAMEAlKKbAMEA1KKeDAMAwQD1BSIAwQC1BSQMA0GCSqGSIb3DQEBCwUAA4IB
AQBfa68FhEp/8Tc0/kWv596xBhjxMWfufZSbcr25bhYR1/C7pPzkIJlLXEY4LIIh
n2khCqH5zoG5TMX4iof1LkFWV7ja+l3rGMEnHY8nBr9UzrOcERtmNK8Vy/FgWoG/
iaCaYvhDHOx9B5oOkmDaovFOy5KkT6oGmKulSa/8i/7JsAPIAQtKsTvHim8TFbtx
qIEpgt1D54kDdPL4rI2z64pwZt9sLB07zIvVhmOm+x3dF1pkUsjB0q8FiWxuZfjy
P7EzpnIDbiYIN4k5y6u2Po9mVwZ33QwhdJZ2PQBwVy5YYyYupXb94qRJRdbvABfN
GjhBnV2Bg8Ckq6yhgRBoRKp0
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:34:31 2024 by rpki-client on console-ams.rpki-client.org