Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa
File: pQTCWqKgEYZZ6dViM25bl6iBYQY.roa (raw, json)
Hash identifier: 35HVEfzznfOd0Hwn+i/XM4iq99CPrJdxPeDOeBfp0xA=
Subject key identifier: A5:04:C2:5A:A2:A0:11:86:59:E9:D5:62:33:6E:5B:97:A8:81:61:06
Certificate issuer: /CN=79730b9ea010d832f940efb589c51889132f4c94
Certificate serial: 018CC9BCC9E01414492630F6A98BE9B2AD33
Authority key identifier: 79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa
Signing time: Tue 02 Jan 2024 10:34:01 +0000
ROA not before: Tue 02 Jan 2024 10:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41955
IP address blocks: 194.26.188.0/22 maxlen: 24
185.199.216.0/22 maxlen: 24
2a0a:a3c0::/32 maxlen: 32
2a0a:a3c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c9:e0:14:14:49:26:30:f6:a9:8b:e9:b2:ad:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79730b9ea010d832f940efb589c51889132f4c94
Validity
Not Before: Jan 2 10:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a504c25aa2a0118659e9d562336e5b97a8816106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:93:54:c4:2f:69:4f:59:89:e8:04:0e:9c:
55:b4:41:f0:6c:3b:02:0f:9e:4e:18:a6:93:90:77:
da:44:63:d8:16:98:1c:c9:c2:3c:05:d0:22:27:94:
fb:2c:a9:ed:00:fc:0d:f1:a1:76:6d:f4:88:9d:6a:
0d:e3:f1:09:43:22:87:db:27:99:ca:94:e8:96:24:
3e:69:91:7b:3d:3d:3b:88:e2:22:d0:bf:21:ca:a9:
ec:62:f4:65:ff:6a:e5:fd:0a:ea:eb:9d:82:f1:eb:
66:f9:be:1f:5a:3e:00:1c:10:16:30:85:26:c0:8a:
d6:4c:f9:9e:76:f9:31:07:78:4e:99:79:33:2a:81:
31:0e:0e:15:ce:ae:c5:c0:44:ae:8f:ab:02:5a:45:
75:ba:29:78:0c:65:69:f0:62:78:57:91:59:f3:8f:
0a:3f:76:1c:ae:db:80:4b:06:e3:d2:0b:3e:7d:9c:
65:e6:1d:47:c9:7a:c4:2f:9f:93:a4:40:ee:f7:a9:
9c:59:d8:1b:d1:98:79:5a:b5:fc:18:f2:91:92:0f:
31:9a:5c:d5:1a:4c:4c:a9:0f:21:2d:0e:b8:7b:64:
af:9c:2d:90:3c:ff:dd:10:f3:c2:25:36:43:6f:32:
5b:bf:75:59:f8:0e:a5:60:11:72:00:ed:9d:e0:50:
2f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:04:C2:5A:A2:A0:11:86:59:E9:D5:62:33:6E:5B:97:A8:81:61:06
X509v3 Authority Key Identifier:
keyid:79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/pQTCWqKgEYZZ6dViM25bl6iBYQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.216.0/22
194.26.188.0/22
IPv6:
2a0a:a3c0::/32
Signature Algorithm: sha256WithRSAEncryption
76:3f:b3:be:92:2a:18:39:24:83:58:d8:7d:0d:92:e2:49:61:
de:b2:51:df:28:9a:51:f8:6c:95:40:3a:31:b9:63:77:82:06:
76:b7:95:ce:4a:e9:5d:05:6f:e8:ff:ff:26:17:d8:4f:21:75:
0b:23:0a:c0:ac:88:4a:5f:d0:7a:2a:25:2d:d0:51:3e:1e:8a:
5b:7d:6c:c5:66:d9:5d:31:ea:1f:d3:72:3b:fe:f9:94:45:80:
90:03:72:be:2f:c1:7b:6c:89:c3:c4:c4:4f:ab:7e:d5:1d:5c:
eb:04:a9:74:56:05:02:76:01:51:a3:3d:37:ae:f4:cb:c5:03:
7e:52:20:81:0d:21:50:ae:7c:28:04:40:c7:f2:ca:18:0f:f1:
14:da:94:c8:71:73:c5:72:07:52:c6:44:dc:69:23:ad:0f:e6:
30:ed:7c:00:f8:11:73:3a:a2:37:6d:e5:67:fa:b1:87:af:d9:
dc:6a:ca:86:89:57:bc:6c:a9:19:da:2f:2b:be:cf:75:c6:2d:
6b:f1:0c:61:5f:b3:bc:94:13:42:e3:d3:8e:6c:6f:83:6b:b6:
8c:12:cd:0e:14:21:72:f9:cd:69:00:19:b4:39:e4:0a:b7:fd:
ef:56:2d:61:f2:05:e6:46:24:7c:6b:8a:e5:29:3a:de:62:96:
33:79:84:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvMngFBRJJjD2qYvpsq0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzMwYjllYTAxMGQ4MzJmOTQwZWZiNTg5YzUxODg5MTMy
ZjRjOTQwHhcNMjQwMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA0YzI1YWEyYTAxMTg2NTllOWQ1NjIzMzZlNWI5N2E4ODE2MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjmTVMQvaU9ZiegEDpxVtEHwbDsC
D55OGKaTkHfaRGPYFpgcycI8BdAiJ5T7LKntAPwN8aF2bfSInWoN4/EJQyKH2yeZ
ypToliQ+aZF7PT07iOIi0L8hyqnsYvRl/2rl/Qrq652C8etm+b4fWj4AHBAWMIUm
wIrWTPmedvkxB3hOmXkzKoExDg4Vzq7FwESuj6sCWkV1uil4DGVp8GJ4V5FZ848K
P3YcrtuASwbj0gs+fZxl5h1HyXrEL5+TpEDu96mcWdgb0Zh5WrX8GPKRkg8xmlzV
GkxMqQ8hLQ64e2SvnC2QPP/dEPPCJTZDbzJbv3VZ+A6lYBFyAO2d4FAvlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUEwlqioBGGWenVYjNuW5eogWEGMB8GA1UdIwQY
MBaAFHlzC56gENgy+UDvtYnFGIkTL0yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODct
Mzk2MDVmOTA4MWI3LzEvcFFUQ1dxS2dFWVpaNmRWaU0yNWJsNmlCWVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODctMzk2MDVmOTA4MWI3
LzEvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucfYAwQC
whq8MA0EAgACMAcDBQAqCqPAMA0GCSqGSIb3DQEBCwUAA4IBAQB2P7O+kioYOSSD
WNh9DZLiSWHeslHfKJpR+GyVQDoxuWN3ggZ2t5XOSuldBW/o//8mF9hPIXULIwrA
rIhKX9B6KiUt0FE+HopbfWzFZtldMeof03I7/vmURYCQA3K+L8F7bInDxMRPq37V
HVzrBKl0VgUCdgFRoz03rvTLxQN+UiCBDSFQrnwoBEDH8soYD/EU2pTIcXPFcgdS
xkTcaSOtD+Yw7XwA+BFzOqI3beVn+rGHr9ncasqGiVe8bKkZ2i8rvs91xi1r8Qxh
X7O8lBNC49OObG+Da7aMEs0OFCFy+c1pABm0OeQKt/3vVi1h8gXmRiR8a4rlKTre
YpYzeYRk
-----END CERTIFICATE-----
Generated at Sun May 19 15:45:33 2024 by rpki-client on console-ams.rpki-client.org