Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1QgDRG4WoNGo9c4vRIcTTBkl3pg.roa
File: 1QgDRG4WoNGo9c4vRIcTTBkl3pg.roa (raw, json)
Hash identifier: 72gePvhbLAvVY/oGs7kSEFRnyBACZ5yMHJSZrT+FymY=
Subject key identifier: D5:08:03:44:6E:16:A0:D1:A8:F5:CE:2F:44:87:13:4C:19:25:DE:98
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E12C9B68104A9D75DC8028CCCF06BC0EF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1QgDRG4WoNGo9c4vRIcTTBkl3pg.roa
Signing time: Wed 06 Mar 2024 08:03:13 +0000
ROA not before: Wed 06 Mar 2024 08:03:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25417
IP address blocks: 194.103.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:c9:b6:81:04:a9:d7:5d:c8:02:8c:cc:f0:6b:c0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 6 08:03:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d50803446e16a0d1a8f5ce2f4487134c1925de98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f3:7c:91:3c:6b:53:2f:ca:11:76:ff:9a:a5:
b8:2f:21:f5:26:69:fe:4c:6d:54:16:14:e2:3b:30:
61:f5:23:27:1a:85:63:ae:92:49:2f:f0:ec:05:83:
da:33:03:82:90:87:91:83:0d:12:c4:92:af:ab:97:
16:9c:02:4d:7f:08:5d:05:4a:9a:ea:8c:2c:6b:eb:
18:98:2f:b6:f6:49:1d:82:38:d8:70:e0:a0:0c:67:
da:ce:2e:e7:3b:bc:74:a4:65:92:cc:37:63:ae:86:
3e:e8:7d:59:36:f3:f8:8b:16:f2:35:6e:61:24:9f:
b3:3d:ae:53:25:bb:c5:79:d7:f4:e9:15:6c:9d:79:
1d:b6:45:39:f8:70:1d:e2:1c:0e:5a:91:ae:ce:02:
d1:97:a1:c8:e9:b0:d3:96:46:be:9f:08:98:7b:94:
ea:9a:22:b0:51:51:63:92:d4:62:9d:cf:28:0c:3e:
22:2a:70:3c:89:bb:08:e9:1a:e3:ea:93:e8:79:0f:
f7:07:65:d4:1a:ca:d6:9d:7c:69:e5:9b:bb:4a:ae:
a7:cb:e8:91:d7:5b:88:12:df:20:7b:be:2b:23:26:
dc:a7:0d:94:02:e6:08:f5:d6:08:82:72:44:03:31:
b8:a7:32:ea:38:24:c1:73:62:7d:3b:50:17:e7:c0:
c8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:08:03:44:6E:16:A0:D1:A8:F5:CE:2F:44:87:13:4C:19:25:DE:98
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1QgDRG4WoNGo9c4vRIcTTBkl3pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.103.35.0/24
Signature Algorithm: sha256WithRSAEncryption
70:24:c7:ec:02:3c:57:0c:83:99:f6:24:46:20:19:0f:92:06:
b3:f5:d5:5a:2e:4c:5e:24:db:c6:e1:55:55:1c:52:04:b9:20:
0b:78:6e:9c:a7:1e:1d:d1:a8:96:ba:3c:6d:69:32:3a:6f:ac:
90:28:10:fd:4a:95:45:25:58:5a:2b:9e:ff:66:b9:6a:44:86:
c6:c2:52:78:38:7f:5e:37:b0:d1:78:ea:05:80:e3:56:80:ca:
ba:84:f2:15:1a:e7:54:cc:fe:37:4e:cd:c8:f7:7b:18:01:b8:
da:fd:1b:e4:28:ba:ee:a7:a6:0a:56:d0:67:82:32:f8:db:96:
1d:f7:82:be:91:1a:0f:22:3c:0a:2b:3d:a6:41:ea:34:2b:7d:
13:fb:24:07:3d:1b:c0:dd:ec:a8:b0:6c:4b:52:28:36:f1:96:
bb:aa:f7:d3:5f:08:a3:0e:5e:80:8a:d4:0a:dc:d2:1a:f6:48:
bd:3b:50:25:90:e5:92:8d:4e:56:7e:f4:30:d9:1b:2b:24:b2:
37:c4:58:46:66:3d:5b:20:b4:91:03:a3:ac:1f:48:fa:18:5a:
11:e0:fd:dd:e8:e5:da:b5:6d:b2:3b:f2:84:c9:9f:22:29:4f:
2e:4e:b2:f3:3b:11:95:1d:0a:9d:79:9d:a9:71:8b:0d:53:6c:
1e:94:85:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4SybaBBKnXXcgCjMzwa8DvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzA2MDgwMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA4MDM0NDZlMTZhMGQxYThmNWNlMmY0NDg3MTM0YzE5MjVkZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPN8kTxrUy/KEXb/mqW4LyH1Jmn+
TG1UFhTiOzBh9SMnGoVjrpJJL/DsBYPaMwOCkIeRgw0SxJKvq5cWnAJNfwhdBUqa
6owsa+sYmC+29kkdgjjYcOCgDGfazi7nO7x0pGWSzDdjroY+6H1ZNvP4ixbyNW5h
JJ+zPa5TJbvFedf06RVsnXkdtkU5+HAd4hwOWpGuzgLRl6HI6bDTlka+nwiYe5Tq
miKwUVFjktRinc8oDD4iKnA8ibsI6Rrj6pPoeQ/3B2XUGsrWnXxp5Zu7Sq6ny+iR
11uIEt8ge74rIybcpw2UAuYI9dYIgnJEAzG4pzLqOCTBc2J9O1AX58DIWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUIA0RuFqDRqPXOL0SHE0wZJd6YMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMVFnRFJHNFdvTkdvOWM0dlJJY1RUQmtsM3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmcjMA0G
CSqGSIb3DQEBCwUAA4IBAQBwJMfsAjxXDIOZ9iRGIBkPkgaz9dVaLkxeJNvG4VVV
HFIEuSALeG6cpx4d0aiWujxtaTI6b6yQKBD9SpVFJVhaK57/ZrlqRIbGwlJ4OH9e
N7DReOoFgONWgMq6hPIVGudUzP43Ts3I93sYAbja/RvkKLrup6YKVtBngjL425Yd
94K+kRoPIjwKKz2mQeo0K30T+yQHPRvA3eyosGxLUig28Za7qvfTXwijDl6AitQK
3NIa9ki9O1AlkOWSjU5WfvQw2RsrJLI3xFhGZj1bILSRA6OsH0j6GFoR4P3d6OXa
tW2yO/KEyZ8iKU8uTrLzOxGVHQqdeZ2pcYsNU2welIW1
-----END CERTIFICATE-----
Generated at Sat May 18 17:02:14 2024 by rpki-client on console-fra.rpki-client.org