Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/V2g3snmxkncxB4w_yntz3CXLyMI.roa
File: V2g3snmxkncxB4w_yntz3CXLyMI.roa (raw, json)
Hash identifier: QShKRzf8J+4da+8TnNjwXL0Y7Rrxw4slJwZIxoHVLAI=
Subject key identifier: 57:68:37:B2:79:B1:92:77:31:07:8C:3F:CA:7B:73:DC:25:CB:C8:C2
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 018CC56E6B71BF8A94A9CA8B478DDB350E42
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/V2g3snmxkncxB4w_yntz3CXLyMI.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197580
IP address blocks: 83.174.148.0/22 maxlen: 22
83.174.152.0/21 maxlen: 21
185.42.208.0/22 maxlen: 22
46.245.136.0/21 maxlen: 21
185.254.216.0/22 maxlen: 22
2a05:dec0::/29 maxlen: 29
2a01:6320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6b:71:bf:8a:94:a9:ca:8b:47:8d:db:35:0e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=576837b279b1927731078c3fca7b73dc25cbc8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5a:7a:43:11:ab:20:b2:fc:e2:ea:f5:90:0e:
4e:ac:0a:a6:da:68:d5:ab:11:3f:40:00:1f:c7:4d:
1d:42:9e:60:94:dd:df:4a:4a:6a:b5:95:83:31:47:
92:71:5b:45:b6:ab:7b:38:d3:30:1d:56:1b:36:74:
c6:15:db:02:74:89:e9:3c:87:0e:2a:cd:81:4d:4a:
6c:82:c5:4c:10:12:22:75:31:26:23:42:e1:d3:80:
dc:71:a4:0c:0d:4a:ca:31:06:06:55:13:33:f8:a3:
9e:21:56:99:c6:a2:d9:98:ad:45:04:a0:cd:68:cf:
bd:3a:d2:86:c4:4d:5d:45:ee:1e:de:e3:50:be:d3:
1b:96:52:2a:c5:e9:86:ab:73:87:93:c4:0f:4a:06:
5c:dd:6d:6c:8f:cc:2c:87:c8:57:21:16:77:08:03:
07:c2:45:11:c8:73:10:3a:13:20:44:e0:e5:73:3b:
b9:92:c4:9b:a0:4c:3f:e0:3f:5c:d8:8c:d9:ac:bc:
c6:73:6f:2d:5b:e8:ed:b7:e4:d7:f7:88:db:cf:98:
bf:f7:f2:20:05:ce:fa:e8:1d:57:41:49:47:3f:06:
7c:9d:55:bb:60:18:94:23:2b:4d:d8:7e:f9:f3:70:
93:5d:9a:b7:53:26:56:a4:e2:96:f3:8b:14:45:d5:
44:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:68:37:B2:79:B1:92:77:31:07:8C:3F:CA:7B:73:DC:25:CB:C8:C2
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/V2g3snmxkncxB4w_yntz3CXLyMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0-83.174.159.255
185.42.208.0/22
185.254.216.0/22
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
36:d0:47:be:a6:7a:b6:6e:4d:c2:45:52:9c:8c:9d:c6:d5:5a:
84:2b:4a:30:dc:a1:cc:b8:9a:4c:3e:c0:12:ac:bd:36:6f:6b:
9d:1d:75:71:3c:6f:25:02:ee:7b:2d:7f:56:f4:c1:0f:3d:8e:
35:8f:02:40:ff:fc:fe:10:86:f5:77:21:9b:ab:d7:a6:8d:6b:
d8:64:1b:16:cf:71:54:3a:43:f0:8a:d6:b5:ef:a7:a5:76:71:
93:59:24:98:ec:30:f7:6f:ee:d2:cc:80:e8:cb:9d:11:7a:9f:
ae:a3:92:35:81:19:ba:78:f6:f1:65:5f:cc:b2:5c:dd:f6:68:
a9:1a:31:b1:90:33:32:8e:43:3f:be:6d:49:c1:6f:51:f0:70:
7b:4d:1f:8a:73:61:6c:6e:fd:d3:6c:12:35:3a:13:5c:93:98:
74:9a:7e:c5:9b:54:f1:6a:a8:8e:15:5c:2b:7d:85:11:67:b1:
fa:68:61:78:fe:57:5b:4a:93:81:46:8a:a5:b7:e6:5d:2f:9a:
82:85:ea:55:04:4f:74:d9:4b:5c:1a:cd:2b:6c:be:04:ec:5d:
f9:01:62:bc:f2:b6:43:df:bf:5c:7f:37:e4:8d:ae:a7:0e:bb:
3a:02:aa:d0:81:f4:26:98:f2:e0:91:f0:3a:cf:4e:6d:f1:d4:
e9:ea:6b:52
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFbmtxv4qUqcqLR43bNQ5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzY4MzdiMjc5YjE5Mjc3MzEwNzhjM2ZjYTdiNzNkYzI1Y2JjOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVp6QxGrILL84ur1kA5OrAqm2mjV
qxE/QAAfx00dQp5glN3fSkpqtZWDMUeScVtFtqt7ONMwHVYbNnTGFdsCdInpPIcO
Ks2BTUpsgsVMEBIidTEmI0Lh04DccaQMDUrKMQYGVRMz+KOeIVaZxqLZmK1FBKDN
aM+9OtKGxE1dRe4e3uNQvtMbllIqxemGq3OHk8QPSgZc3W1sj8wsh8hXIRZ3CAMH
wkURyHMQOhMgRODlczu5ksSboEw/4D9c2IzZrLzGc28tW+jtt+TX94jbz5i/9/Ig
Bc766B1XQUlHPwZ8nVW7YBiUIytN2H7583CTXZq3UyZWpOKW84sURdVEZQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFdoN7J5sZJ3MQeMP8p7c9wly8jCMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvVjJnM3NubXhrbmN4QjR3X3ludHozQ1hMeU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQDLvWIMAwD
BAJTrpQDBAVTroADBAK5KtADBAK5/tgwFAQCAAIwDgMFACoBYyADBQMqBd7AMA0G
CSqGSIb3DQEBCwUAA4IBAQA20Ee+pnq2bk3CRVKcjJ3G1VqEK0ow3KHMuJpMPsAS
rL02b2udHXVxPG8lAu57LX9W9MEPPY41jwJA//z+EIb1dyGbq9emjWvYZBsWz3FU
OkPwita176eldnGTWSSY7DD3b+7SzIDoy50Rep+uo5I1gRm6ePbxZV/Mslzd9mip
GjGxkDMyjkM/vm1JwW9R8HB7TR+Kc2Fsbv3TbBI1OhNck5h0mn7Fm1TxaqiOFVwr
fYURZ7H6aGF4/ldbSpOBRoqlt+ZdL5qChepVBE902UtcGs0rbL4E7F35AWK88rZD
379cfzfkja6nDrs6AqrQgfQmmPLgkfA6z05t8dTp6mtS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:17 2024 by rpki-client on console-ams.rpki-client.org