Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/Q4RoWzENmXnrQFDTqZQwrkJkMsc.roa
File: Q4RoWzENmXnrQFDTqZQwrkJkMsc.roa (raw, json)
Hash identifier: tmuq9DvZFoRB56eK5D/uoFLk4fZBtQIcCKGcl9WuthQ=
Subject key identifier: 43:84:68:5B:31:0D:99:79:EB:40:50:D3:A9:94:30:AE:42:64:32:C7
Certificate issuer: /CN=294bfb4ac4886011f06d9dc4efd45533264ed788
Certificate serial: 018CC649AB6DC02F748A3AD0BB4422C07F25
Authority key identifier: 29:4B:FB:4A:C4:88:60:11:F0:6D:9D:C4:EF:D4:55:33:26:4E:D7:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUv7SsSIYBHwbZ3E79RVMyZO14g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/Q4RoWzENmXnrQFDTqZQwrkJkMsc.roa
Signing time: Mon 01 Jan 2024 18:29:25 +0000
ROA not before: Mon 01 Jan 2024 18:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44615
IP address blocks: 91.202.64.0/24 maxlen: 24
91.202.67.0/24 maxlen: 24
91.202.66.0/24 maxlen: 24
91.202.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/KUv7SsSIYBHwbZ3E79RVMyZO14g.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/KUv7SsSIYBHwbZ3E79RVMyZO14g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KUv7SsSIYBHwbZ3E79RVMyZO14g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ab:6d:c0:2f:74:8a:3a:d0:bb:44:22:c0:7f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294bfb4ac4886011f06d9dc4efd45533264ed788
Validity
Not Before: Jan 1 18:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4384685b310d9979eb4050d3a99430ae426432c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:64:6f:6f:2f:e5:d9:8d:43:34:42:27:c4:cb:
0e:e4:30:e2:85:76:a9:ca:6d:8d:73:d2:8f:79:8c:
9c:69:59:65:ef:fc:e2:b0:9c:9a:f3:8b:4b:8f:b4:
6d:fa:cc:85:02:8d:75:ba:d8:b6:e9:f3:9d:dc:08:
c6:91:6f:ed:9d:35:13:01:e2:1f:f8:60:e0:da:b9:
d6:80:9d:c6:38:4a:a4:3b:0c:a7:fc:a9:11:48:22:
b1:1e:5c:56:f2:4e:ca:18:1d:bf:35:ff:d4:00:fa:
8b:42:69:51:a9:c8:1c:7e:ea:6e:4b:0c:7e:53:6b:
94:6f:2e:f9:a6:8b:3d:f5:9c:54:f3:28:b4:88:76:
ee:c1:88:28:74:48:84:97:65:6a:96:86:06:70:fb:
fc:ca:11:39:bb:dd:5c:63:00:21:09:94:fe:45:5d:
e6:d9:52:e6:76:ab:65:40:ef:c3:a4:71:1c:b6:64:
94:a5:18:11:6a:8a:40:05:f0:2e:73:b4:69:a4:a0:
bd:79:31:cf:f3:91:e6:3a:53:75:9b:51:5b:f4:cd:
c6:17:28:24:1a:ef:90:71:56:f5:e0:19:65:23:de:
b0:01:eb:2a:93:e0:4f:fa:7d:ef:3b:54:02:bf:87:
ff:ae:6b:19:ca:59:27:f6:e5:a5:0f:4c:84:89:49:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:84:68:5B:31:0D:99:79:EB:40:50:D3:A9:94:30:AE:42:64:32:C7
X509v3 Authority Key Identifier:
keyid:29:4B:FB:4A:C4:88:60:11:F0:6D:9D:C4:EF:D4:55:33:26:4E:D7:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUv7SsSIYBHwbZ3E79RVMyZO14g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/Q4RoWzENmXnrQFDTqZQwrkJkMsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b0da06-1ba7-49f0-a569-909fe7c80d98/1/KUv7SsSIYBHwbZ3E79RVMyZO14g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.64.0/22
Signature Algorithm: sha256WithRSAEncryption
59:40:b7:94:27:23:9e:0f:d9:c5:e1:b2:1e:e4:0a:00:7a:fc:
2d:fb:db:44:5b:2b:c6:dd:bf:10:58:f6:24:23:02:25:9f:0e:
b0:b0:8b:81:81:cf:54:8e:3e:bc:41:e5:fe:f2:fe:3b:69:b8:
80:ee:37:b3:d8:15:bf:4e:e6:44:ad:d3:50:f1:6c:7f:4d:ae:
39:53:f0:b7:0b:12:c4:23:fe:3f:a6:6d:88:7b:6e:ce:59:a4:
a9:4c:3c:e0:a4:b4:1f:28:c8:53:a0:1d:bd:50:79:67:1d:c1:
90:78:24:d9:6c:c6:34:e4:32:56:c0:53:f8:84:a3:64:7f:bf:
0b:65:95:28:17:fe:96:81:72:fe:be:b3:66:25:21:65:d8:7d:
e6:b1:16:ef:40:83:1a:28:e6:95:d8:9e:5a:a1:6d:f6:df:1e:
0c:66:3f:2b:57:ad:66:c4:65:09:0f:a7:25:97:a4:29:b1:63:
80:ff:f0:8c:ba:1e:8b:4f:97:d5:89:4d:e0:b8:d0:6c:79:87:
48:01:82:69:86:78:a7:f7:8d:78:e0:74:81:79:14:e9:d8:03:
9b:44:68:99:e4:42:4b:5d:82:15:a3:12:64:cf:21:96:83:cb:
65:2c:da:46:9d:47:4b:e3:9f:dd:07:03:ed:e2:4e:c5:a4:57:
f3:b0:a4:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSattwC90ijrQu0QiwH8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NGJmYjRhYzQ4ODYwMTFmMDZkOWRjNGVmZDQ1NTMzMjY0
ZWQ3ODgwHhcNMjQwMTAxMTgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg0Njg1YjMxMGQ5OTc5ZWI0MDUwZDNhOTk0MzBhZTQyNjQzMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWRvby/l2Y1DNEInxMsO5DDihXap
ym2Nc9KPeYycaVll7/zisJya84tLj7Rt+syFAo11uti26fOd3AjGkW/tnTUTAeIf
+GDg2rnWgJ3GOEqkOwyn/KkRSCKxHlxW8k7KGB2/Nf/UAPqLQmlRqcgcfupuSwx+
U2uUby75pos99ZxU8yi0iHbuwYgodEiEl2VqloYGcPv8yhE5u91cYwAhCZT+RV3m
2VLmdqtlQO/DpHEctmSUpRgRaopABfAuc7RppKC9eTHP85HmOlN1m1Fb9M3GFygk
Gu+QcVb14BllI96wAesqk+BP+n3vO1QCv4f/rmsZylkn9uWlD0yEiUmxlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOEaFsxDZl560BQ06mUMK5CZDLHMB8GA1UdIwQY
MBaAFClL+0rEiGAR8G2dxO/UVTMmTteIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1V2N1NzU0lZQkh3YlozRTc5UlZNeVpPMTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iMGRhMDYtMWJhNy00OWYwLWE1Njkt
OTA5ZmU3YzgwZDk4LzEvUTRSb1d6RU5tWG5yUUZEVHFaUXdya0prTXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iMGRhMDYtMWJhNy00OWYwLWE1NjktOTA5ZmU3YzgwZDk4
LzEvS1V2N1NzU0lZQkh3YlozRTc5UlZNeVpPMTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8pAMA0G
CSqGSIb3DQEBCwUAA4IBAQBZQLeUJyOeD9nF4bIe5AoAevwt+9tEWyvG3b8QWPYk
IwIlnw6wsIuBgc9Ujj68QeX+8v47abiA7jez2BW/TuZErdNQ8Wx/Ta45U/C3CxLE
I/4/pm2Ie27OWaSpTDzgpLQfKMhToB29UHlnHcGQeCTZbMY05DJWwFP4hKNkf78L
ZZUoF/6WgXL+vrNmJSFl2H3msRbvQIMaKOaV2J5aoW323x4MZj8rV61mxGUJD6cl
l6QpsWOA//CMuh6LT5fViU3guNBseYdIAYJphnin94144HSBeRTp2AObRGiZ5EJL
XYIVoxJkzyGWg8tlLNpGnUdL45/dBwPt4k7FpFfzsKQu
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:51:03 2024 by rpki-client on console-ams.rpki-client.org