Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/DtSCQQMt1uOsf6LsQziC7BfiQuQ.roa
File: DtSCQQMt1uOsf6LsQziC7BfiQuQ.roa (raw, json)
Hash identifier: eYounHGEgdqZyNKTYc5bURJKqcUcbsBHYqAfkD7guvk=
Subject key identifier: 0E:D4:82:41:03:2D:D6:E3:AC:7F:A2:EC:43:38:82:EC:17:E2:42:E4
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 01919428B9B845D2345F6C6029F61D1FAFCB
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/DtSCQQMt1uOsf6LsQziC7BfiQuQ.roa
Signing time: Tue 27 Aug 2024 14:06:22 +0000
ROA not before: Tue 27 Aug 2024 14:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/20 maxlen: 24
77.92.64.0/19 maxlen: 23
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/20 maxlen: 24
176.67.169.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:28:b9:b8:45:d2:34:5f:6c:60:29:f6:1d:1f:af:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Aug 27 14:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed48241032dd6e3ac7fa2ec433882ec17e242e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0b:a9:5f:e6:56:a2:21:a0:01:26:7c:eb:83:
62:f0:80:29:2a:39:1b:0e:5c:49:75:2d:d8:3c:2e:
02:33:c8:ff:c9:0b:c3:f0:4d:27:5e:11:af:7b:69:
c3:83:57:19:72:f2:e3:26:b5:41:62:f9:b9:db:a6:
cc:78:e6:14:80:ab:ea:60:20:1c:5d:b0:2b:04:ab:
36:93:d0:1b:f3:24:7f:de:00:54:67:87:8f:a3:87:
02:42:1c:79:97:0f:04:c9:2e:ec:66:84:2b:b2:37:
bf:f7:90:00:91:47:0f:3e:99:15:ae:8e:ab:03:e7:
76:46:48:70:91:77:5e:bf:72:8e:24:47:01:63:5a:
90:de:b3:e9:75:1c:f4:6a:d4:2d:b5:9c:97:e8:81:
ce:43:51:6c:b5:0b:ff:d2:ee:24:11:3b:7b:ad:b1:
cc:b7:f5:3a:3b:fc:7b:2c:65:9c:3a:cc:00:93:92:
a2:32:e4:e8:3d:ec:45:c9:3b:07:b3:96:da:13:70:
c6:1f:35:0a:3c:eb:9c:08:df:26:76:cb:a8:da:67:
d4:ae:27:a9:d6:4b:f5:ab:21:11:3d:7a:24:2a:cc:
f2:f2:05:db:98:85:74:d5:52:83:e0:81:42:bc:ca:
0e:c5:d7:8e:87:cb:aa:28:cd:80:e9:e3:bf:ba:ee:
9e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D4:82:41:03:2D:D6:E3:AC:7F:A2:EC:43:38:82:EC:17:E2:42:E4
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/DtSCQQMt1uOsf6LsQziC7BfiQuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/20
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
0b:7e:60:60:e6:97:ec:20:7b:c1:63:09:57:e6:46:f0:ba:a5:
fa:17:c3:e6:0b:78:b9:2c:32:55:62:8e:02:45:80:e6:37:8b:
73:5b:7d:d1:6c:7a:02:2e:da:a6:a1:b8:44:24:02:d9:65:16:
b6:88:29:ae:1e:85:09:39:ba:f4:f1:f3:85:10:34:4d:b3:96:
9c:68:ce:fc:d4:26:84:fa:22:29:00:7d:c0:8e:67:b5:fe:d3:
dc:bd:f6:0f:fa:9b:02:7a:5b:34:91:41:a0:68:35:75:b0:9f:
12:21:d1:17:1a:03:f2:05:01:71:5a:13:77:b4:6d:91:af:b2:
1d:db:fc:08:b6:b2:52:4e:9b:66:7f:e8:73:ce:9d:f1:0c:1b:
2b:8b:65:38:a2:28:18:39:80:00:c1:19:db:08:bf:25:a6:50:
41:0b:ed:0b:b0:46:30:d8:be:ed:a3:8f:59:b3:1d:76:85:e9:
a7:98:9b:69:9d:d1:57:11:09:f1:31:af:38:e4:c6:9f:86:07:
71:c6:03:36:ec:0e:11:4b:48:6a:da:89:4b:80:43:8e:85:e2:
cb:e6:68:8d:e4:0b:39:31:c8:ac:29:09:9c:4a:ab:e4:e4:fc:
29:05:ba:91:90:05:ea:1a:9d:7f:ba:15:f9:b6:2b:43:4d:7f:
a1:02:78:c0
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZGUKLm4RdI0X2xgKfYdH6/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjQwODI3MTQwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ0ODI0MTAzMmRkNmUzYWM3ZmEyZWM0MzM4ODJlYzE3ZTI0MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwupX+ZWoiGgASZ864Ni8IApKjkb
DlxJdS3YPC4CM8j/yQvD8E0nXhGve2nDg1cZcvLjJrVBYvm526bMeOYUgKvqYCAc
XbArBKs2k9Ab8yR/3gBUZ4ePo4cCQhx5lw8EyS7sZoQrsje/95AAkUcPPpkVro6r
A+d2RkhwkXdev3KOJEcBY1qQ3rPpdRz0atQttZyX6IHOQ1FstQv/0u4kETt7rbHM
t/U6O/x7LGWcOswAk5KiMuToPexFyTsHs5baE3DGHzUKPOucCN8mdsuo2mfUriep
1kv1qyERPXokKszy8gXbmIV01VKD4IFCvMoOxdeOh8uqKM2A6eO/uu6eLQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFA7UgkEDLdbjrH+i7EM4guwX4kLkMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvRHRTQ1FRTXQxdU9zZjZMc1F6aUM3QmZpUXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQALfmBg5pfsIHvBYwlX5kbwuqX6F8PmC3i5LDJVYo4CRYDmN4tzW33RbHoCLtqm
obhEJALZZRa2iCmuHoUJObr08fOFEDRNs5acaM781CaE+iIpAH3Ajme1/tPcvfYP
+psCels0kUGgaDV1sJ8SIdEXGgPyBQFxWhN3tG2Rr7Id2/wItrJSTptmf+hzzp3x
DBsri2U4oigYOYAAwRnbCL8lplBBC+0LsEYw2L7to49Zsx12hemnmJtpndFXEQnx
Ma845MafhgdxxgM27A4RS0hq2olLgEOOheLL5miN5As5McisKQmcSqvk5PwpBbqR
kAXqGp1/uhX5titDTX+hAnjA
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:32 2024 by rpki-client on console-fra.rpki-client.org