Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qjih2glBF2RTM7Wk6jgpUGwi1N0.roa
File: qjih2glBF2RTM7Wk6jgpUGwi1N0.roa (raw, json)
Hash identifier: 1W/ZAB71nRSFEt2W5wWe1rKCAtyMBrMZ0FVbko5Mipg=
Subject key identifier: AA:38:A1:DA:09:41:17:64:53:33:B5:A4:EA:38:29:50:6C:22:D4:DD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DD110B108758B0A632755470728288BBE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qjih2glBF2RTM7Wk6jgpUGwi1N0.roa
Signing time: Thu 22 Feb 2024 13:45:48 +0000
ROA not before: Thu 22 Feb 2024 13:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 83.137.152.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:10:b1:08:75:8b:0a:63:27:55:47:07:28:28:8b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 22 13:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa38a1da094117645333b5a4ea3829506c22d4dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:58:90:36:7c:c1:17:48:85:92:c9:26:95:ff:
b7:0a:cb:b0:89:b9:b8:d7:57:4c:fc:d4:15:b8:99:
20:9a:0b:74:a7:82:c7:b6:6f:1c:d7:a6:90:80:e2:
92:07:9e:24:8d:11:aa:c5:43:35:ad:04:16:d4:64:
67:67:3e:c9:ea:08:ff:f6:35:46:2c:7f:03:28:a9:
1f:e0:7c:94:fc:3b:8d:cb:d6:5d:e2:1f:25:ed:82:
b3:82:29:a9:b7:7c:b7:98:8f:18:f5:29:71:5f:70:
50:0f:0f:1e:08:ed:22:03:72:42:64:7d:32:9b:7c:
b6:00:98:30:bf:8d:5e:75:95:19:c4:8b:6b:ca:7d:
83:2e:eb:8a:4d:6c:ca:72:0c:ae:93:52:97:81:f6:
9a:be:e2:a6:fd:43:bc:41:1c:b3:1b:66:39:91:6d:
cc:89:bf:43:55:79:c2:5b:45:84:91:2b:2b:8c:f2:
57:e3:8d:bb:b2:87:31:51:71:28:6d:49:21:c7:6b:
31:6f:f9:8f:1a:6a:5e:13:66:53:90:00:48:16:03:
cc:1e:9d:4d:8b:0c:04:c4:0b:8d:f3:d9:9c:da:8a:
d3:e2:73:86:12:97:19:f5:0e:11:7c:df:71:97:c2:
68:ee:bf:ed:80:da:59:2a:45:98:cb:1a:bf:a3:06:
70:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:38:A1:DA:09:41:17:64:53:33:B5:A4:EA:38:29:50:6C:22:D4:DD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qjih2glBF2RTM7Wk6jgpUGwi1N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
88.209.201.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:1d:bd:a7:e4:c2:3a:90:a1:5d:25:09:86:1f:32:f4:35:0a:
81:99:02:ad:74:19:1c:cc:29:fb:87:dc:b8:df:de:1e:82:96:
d8:68:a7:68:f3:cb:61:ca:6f:c3:fb:17:6d:fa:29:2b:78:2b:
40:95:81:25:d5:07:fa:9e:cf:cb:63:cf:be:03:5d:4c:ae:e0:
f1:20:a6:e4:7d:86:ae:c0:58:51:b8:4d:8d:84:40:55:fd:e3:
5c:4a:41:0a:7c:2c:f1:ed:8d:97:f3:39:50:bc:e4:ce:30:45:
23:76:5a:4a:c3:b9:ba:25:db:6a:cd:60:35:d9:60:0a:55:a9:
ba:7b:18:ca:28:3b:e4:93:aa:f1:ad:68:8c:03:55:18:a4:09:
67:5a:6e:9d:98:a0:6a:6a:18:3e:81:c0:98:7c:62:ef:9e:d0:
c2:14:ba:dc:a0:bd:00:fa:60:48:e1:37:a6:28:7e:35:32:23:
26:ac:2f:6b:54:c4:e9:c9:42:1b:84:5e:ad:42:03:bd:8a:4d:
f2:6d:f9:73:16:aa:06:27:3e:b2:3f:55:d2:49:cf:f0:82:0e:
d9:a0:e7:87:a9:39:ef:66:00:f6:f9:58:74:7b:73:3b:de:26:
a7:44:35:2b:0c:35:84:fb:21:9b:96:08:a6:de:8f:83:35:f0:
65:61:b2:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3RELEIdYsKYydVRwcoKIu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjIyMTM0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM4YTFkYTA5NDExNzY0NTMzM2I1YTRlYTM4Mjk1MDZjMjJkNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqViQNnzBF0iFkskmlf+3Csuwibm4
11dM/NQVuJkgmgt0p4LHtm8c16aQgOKSB54kjRGqxUM1rQQW1GRnZz7J6gj/9jVG
LH8DKKkf4HyU/DuNy9Zd4h8l7YKzgimpt3y3mI8Y9SlxX3BQDw8eCO0iA3JCZH0y
m3y2AJgwv41edZUZxItryn2DLuuKTWzKcgyuk1KXgfaavuKm/UO8QRyzG2Y5kW3M
ib9DVXnCW0WEkSsrjPJX4427socxUXEobUkhx2sxb/mPGmpeE2ZTkABIFgPMHp1N
iwwExAuN89mc2orT4nOGEpcZ9Q4RfN9xl8Jo7r/tgNpZKkWYyxq/owZwpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKo4odoJQRdkUzO1pOo4KVBsItTdMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcWppaDJnbEJGMlJUTTdXazZqZ3BVR3dpMU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU4mYAwQA
WNHJMA0GCSqGSIb3DQEBCwUAA4IBAQBtHb2n5MI6kKFdJQmGHzL0NQqBmQKtdBkc
zCn7h9y4394egpbYaKdo88thym/D+xdt+ikreCtAlYEl1Qf6ns/LY8++A11MruDx
IKbkfYauwFhRuE2NhEBV/eNcSkEKfCzx7Y2X8zlQvOTOMEUjdlpKw7m6JdtqzWA1
2WAKVam6exjKKDvkk6rxrWiMA1UYpAlnWm6dmKBqahg+gcCYfGLvntDCFLrcoL0A
+mBI4TemKH41MiMmrC9rVMTpyUIbhF6tQgO9ik3ybflzFqoGJz6yP1XSSc/wgg7Z
oOeHqTnvZgD2+Vh0e3M73ianRDUrDDWE+yGblgim3o+DNfBlYbJy
-----END CERTIFICATE-----
Generated at Fri May 3 03:42:35 2024 by rpki-client on console-ams.rpki-client.org