Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/1q2bjLvXSw5RJXY2jb_aPYi9dNk.roa
File: 1q2bjLvXSw5RJXY2jb_aPYi9dNk.roa (raw, json)
Hash identifier: joTvv21VicCycxITkC6OzOCtAH+P8BRtEkXzkxu3e5c=
Subject key identifier: D6:AD:9B:8C:BB:D7:4B:0E:51:25:76:36:8D:BF:DA:3D:88:BD:74:D9
Certificate issuer: /CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Certificate serial: 018CC26D4FF8431AD04712279154FC697BC9
Authority key identifier: C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/1q2bjLvXSw5RJXY2jb_aPYi9dNk.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44942
IP address blocks: 92.63.224.0/20 maxlen: 22
185.114.116.0/22 maxlen: 22
185.157.216.0/22 maxlen: 22
92.246.104.0/22 maxlen: 22
92.246.108.0/22 maxlen: 22
92.246.111.0/24 maxlen: 24
92.246.108.0/24 maxlen: 24
92.246.110.0/24 maxlen: 24
92.246.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4f:f8:43:1a:d0:47:12:27:91:54:fc:69:7b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6ad9b8cbbd74b0e512576368dbfda3d88bd74d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:d3:f3:b7:1c:10:df:9d:8d:de:22:f9:69:
7a:8e:09:b1:ae:f7:83:01:6a:6d:21:00:48:73:97:
8c:ff:55:1c:f9:16:25:b0:ff:14:ad:a1:c8:df:e7:
51:b1:25:2a:48:d0:f2:68:99:60:56:71:71:2f:cc:
00:f3:92:29:3f:91:f1:38:89:bf:21:57:96:ac:1f:
09:11:c2:1d:f7:bf:b3:27:93:08:e5:6b:21:61:f3:
57:2b:50:37:23:0d:bf:e6:22:7e:91:6a:78:5f:ed:
a0:f0:5a:2a:e2:d1:f6:1b:41:93:27:16:e8:f6:2d:
7e:b4:bc:07:65:a6:13:b6:1a:52:be:db:17:2e:2e:
71:49:f6:67:b8:41:98:8b:f3:08:78:2f:50:25:06:
17:33:ce:78:94:ba:55:45:e9:a7:71:6e:28:c0:95:
de:7c:5d:24:01:58:33:42:29:2f:60:09:47:26:b5:
76:c2:99:60:a6:c7:6e:f4:39:74:83:9e:4a:8a:ac:
8c:5e:94:2e:d7:d1:e5:aa:b1:38:19:30:fa:4b:d3:
22:88:36:37:13:8e:c9:43:e0:67:bb:af:d8:15:3c:
47:d1:40:ec:cd:93:34:c8:32:fb:ab:44:e4:e3:f3:
60:09:99:4c:a6:82:45:31:a7:89:21:5d:4e:ac:a1:
71:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AD:9B:8C:BB:D7:4B:0E:51:25:76:36:8D:BF:DA:3D:88:BD:74:D9
X509v3 Authority Key Identifier:
keyid:C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/1q2bjLvXSw5RJXY2jb_aPYi9dNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.224.0/20
92.246.104.0/21
185.114.116.0/22
185.157.216.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:6f:93:e9:7d:9f:d8:46:e1:5f:67:d8:d4:3d:9e:85:bd:0a:
9d:07:28:b6:e8:09:aa:cd:89:29:c7:bf:72:50:73:7f:3b:58:
b2:3e:fa:74:fd:a0:41:7a:b6:e7:74:44:03:e9:c0:23:1e:d3:
09:79:fc:4d:a3:2c:57:aa:9f:e2:bb:11:18:6f:9d:75:23:88:
a1:c6:32:df:84:f9:a1:cd:f5:24:24:95:ef:0b:fe:e5:66:8e:
aa:cf:d9:90:ef:a7:5d:19:ac:4c:72:e5:c0:c9:16:a3:04:d0:
50:26:50:44:01:06:4f:82:36:07:89:f1:51:7d:41:25:e0:22:
31:fd:9d:9a:43:d6:64:9c:f8:4f:d6:b4:79:fe:84:bb:d8:8b:
85:c8:ed:6d:b2:b4:64:d9:78:df:28:de:f9:7c:63:8a:22:9e:
78:0a:f3:01:c4:10:84:0b:18:5e:97:b4:ea:67:53:ca:43:e1:
85:a0:5a:83:9a:88:37:3d:68:6c:77:03:a6:3e:36:52:c8:54:
b0:0a:a5:55:29:c0:92:28:3b:f8:72:b3:7a:8a:42:37:52:22:
4c:a8:0c:ef:df:73:8d:97:e8:8a:41:42:57:07:c2:35:b1:a5:
b5:ab:5c:57:f7:e4:ae:83:0b:ed:08:e4:96:cf:88:22:de:27:
b5:f9:82:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbU/4QxrQRxInkVT8aXvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTZlMjJmNGUyMzk2NWY2YzRhMDI1YzZjOTJlZmMwYjY2
MmU3OTMwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFkOWI4Y2JiZDc0YjBlNTEyNTc2MzY4ZGJmZGEzZDg4YmQ3NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlErT87ccEN+djd4i+Wl6jgmxrveD
AWptIQBIc5eM/1Uc+RYlsP8UraHI3+dRsSUqSNDyaJlgVnFxL8wA85IpP5HxOIm/
IVeWrB8JEcId97+zJ5MI5WshYfNXK1A3Iw2/5iJ+kWp4X+2g8Foq4tH2G0GTJxbo
9i1+tLwHZaYTthpSvtsXLi5xSfZnuEGYi/MIeC9QJQYXM854lLpVRemncW4owJXe
fF0kAVgzQikvYAlHJrV2wplgpsdu9Dl0g55KiqyMXpQu19HlqrE4GTD6S9MiiDY3
E47JQ+Bnu6/YFTxH0UDszZM0yDL7q0Tk4/NgCZlMpoJFMaeJIV1OrKFx3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNatm4y710sOUSV2No2/2j2IvXTZMB8GA1UdIwQY
MBaAFMam4i9OI5ZfbEoCXGyS78C2YueTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYt
MDZhZjZkYmEzNGY3LzEvMXEyYmpMdlhTdzVSSlhZMmpiX2FQWWk5ZE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYtMDZhZjZkYmEzNGY3
LzEveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXD/gAwQD
XPZoAwQCuXJ0AwQCuZ3YMA0GCSqGSIb3DQEBCwUAA4IBAQAbb5PpfZ/YRuFfZ9jU
PZ6FvQqdByi26AmqzYkpx79yUHN/O1iyPvp0/aBBerbndEQD6cAjHtMJefxNoyxX
qp/iuxEYb511I4ihxjLfhPmhzfUkJJXvC/7lZo6qz9mQ76ddGaxMcuXAyRajBNBQ
JlBEAQZPgjYHifFRfUEl4CIx/Z2aQ9ZknPhP1rR5/oS72IuFyO1tsrRk2XjfKN75
fGOKIp54CvMBxBCECxhel7TqZ1PKQ+GFoFqDmog3PWhsdwOmPjZSyFSwCqVVKcCS
KDv4crN6ikI3UiJMqAzv33ONl+iKQUJXB8I1saW1q1xX9+SugwvtCOSWz4gi3ie1
+YLL
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:00:27 2024 by rpki-client on console-ams.rpki-client.org