Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/IQYaVRY2tkXtKCUmRU_jpkZNYY4.roa
File: IQYaVRY2tkXtKCUmRU_jpkZNYY4.roa (raw, json)
Hash identifier: aKHy2MFSUytl79JnzWwvKjUGlm58eMlCEv5tUz3IQw4=
Subject key identifier: 21:06:1A:55:16:36:B6:45:ED:28:25:26:45:4F:E3:A6:46:4D:61:8E
Certificate issuer: /CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Certificate serial: 018CCA29CC1642B494993EFFDDA57EFB2C8A
Authority key identifier: DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/IQYaVRY2tkXtKCUmRU_jpkZNYY4.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 80.172.0.0/16 maxlen: 18
80.172.250.0/24 maxlen: 24
80.172.251.0/24 maxlen: 24
188.93.224.0/21 maxlen: 21
77.91.200.0/21 maxlen: 21
195.22.0.0/19 maxlen: 19
195.72.136.0/22 maxlen: 22
194.62.240.0/22 maxlen: 22
2001:4cc0::/32 maxlen: 48
2a03:73c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:cc:16:42:b4:94:99:3e:ff:dd:a5:7e:fb:2c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21061a551636b645ed282526454fe3a6464d618e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:30:9c:f5:b5:45:7d:c6:8a:e2:58:2f:b3:60:
80:d2:1a:a3:6a:c0:32:7f:15:07:e2:96:34:52:3f:
27:b6:3a:15:0a:8c:7f:b0:9c:5a:ca:b6:b7:d6:5a:
c6:c3:29:3f:48:1c:56:39:75:fb:3f:20:1e:d6:98:
ac:95:ce:8e:82:4b:10:be:80:e9:23:15:e9:36:8b:
df:e4:27:71:2e:57:c2:72:01:2f:d1:b7:d9:39:cd:
32:6f:bd:fe:52:18:ba:57:41:a3:8a:58:a2:cf:14:
86:2e:53:17:50:c1:99:54:b2:c7:5c:e4:3e:60:2a:
a5:e3:84:96:ca:d0:9e:f1:be:85:25:12:48:3e:fc:
68:42:e7:2d:48:9f:e2:b3:72:fe:26:7b:76:7a:d2:
00:87:c7:3b:9a:87:85:ed:2e:d6:ea:ff:45:ac:1b:
87:da:cc:21:2c:a9:4d:07:67:29:0a:7d:27:cf:28:
b6:74:4a:7c:37:dc:72:e1:4a:42:2f:d1:4a:6e:c0:
b6:69:d6:20:3b:06:12:dc:ca:d5:5f:17:54:e8:6b:
e0:6a:57:4f:88:e2:93:2d:e9:f6:54:31:b8:71:36:
cb:0b:9b:27:4e:fa:50:fe:7b:2b:98:65:19:6a:5b:
62:9b:35:63:6e:80:5c:ff:ea:99:82:7d:04:02:80:
8e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:06:1A:55:16:36:B6:45:ED:28:25:26:45:4F:E3:A6:46:4D:61:8E
X509v3 Authority Key Identifier:
keyid:DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/IQYaVRY2tkXtKCUmRU_jpkZNYY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.200.0/21
80.172.0.0/16
188.93.224.0/21
194.62.240.0/22
195.22.0.0/19
195.72.136.0/22
IPv6:
2001:4cc0::/32
2a03:73c0::/48
Signature Algorithm: sha256WithRSAEncryption
a5:5c:cd:32:51:75:2a:eb:a9:d1:e1:da:de:c4:12:cb:58:b4:
a3:87:0e:26:58:b1:13:55:c9:d5:46:37:2f:28:c5:09:6c:b5:
8f:d4:b5:b8:24:8b:6f:2d:41:5f:73:f1:f0:54:f3:b5:c1:d3:
5f:df:17:d9:6a:ba:36:85:5e:4d:cd:78:0e:b6:ab:51:08:fe:
64:e2:ec:73:66:9a:78:4f:68:09:de:5f:f8:85:d4:1b:88:17:
c4:86:11:87:84:1c:7d:b7:dd:6e:38:a7:9f:22:ce:8a:80:2d:
ae:06:22:99:8d:d1:e9:04:75:b9:a8:2c:c6:aa:52:65:3c:af:
3a:70:e7:80:b7:14:7c:80:34:a0:65:cd:82:37:d2:b8:53:51:
c8:c0:05:06:3d:37:d6:84:d8:6d:f7:19:76:e6:b1:18:6a:22:
c1:1b:17:9d:db:b3:d5:a8:58:e5:3a:4e:e0:63:a6:f9:6a:54:
c8:19:35:f0:40:f6:55:6f:40:26:49:b9:57:35:d1:e8:46:c3:
b0:2c:1e:24:94:cb:0d:10:22:17:3b:92:af:df:df:81:d9:82:
bc:e1:ed:e7:68:d8:8b:b1:6f:6e:17:e9:1e:f4:32:9f:e3:12:
a9:f6:df:49:c3:49:eb:b1:0a:61:7e:53:74:f0:8b:ba:08:ee:
03:bb:1e:17
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzKKcwWQrSUmT7/3aV++yyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNjQxZmM5MDNkNWI0Y2M5NzE2NDkzMjRhNGIzNGU0Zjgy
NDIyYzUwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA2MWE1NTE2MzZiNjQ1ZWQyODI1MjY0NTRmZTNhNjQ2NGQ2MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDCc9bVFfcaK4lgvs2CA0hqjasAy
fxUH4pY0Uj8ntjoVCox/sJxayra31lrGwyk/SBxWOXX7PyAe1pislc6OgksQvoDp
IxXpNovf5CdxLlfCcgEv0bfZOc0yb73+Uhi6V0GjiliizxSGLlMXUMGZVLLHXOQ+
YCql44SWytCe8b6FJRJIPvxoQuctSJ/is3L+Jnt2etIAh8c7moeF7S7W6v9FrBuH
2swhLKlNB2cpCn0nzyi2dEp8N9xy4UpCL9FKbsC2adYgOwYS3MrVXxdU6GvgaldP
iOKTLen2VDG4cTbLC5snTvpQ/nsrmGUZaltimzVjboBc/+qZgn0EAoCOEQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFCEGGlUWNrZF7SglJkVP46ZGTWGOMB8GA1UdIwQY
MBaAFNtkH8kD1bTMlxZJMkpLNOT4JCLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzkt
N2ZlZTU5MWEyMDljLzEvSVFZYVZSWTJ0a1h0S0NVbVJVX2pwa1pOWVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzktN2ZlZTU5MWEyMDlj
LzEvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzApBAIAATAjAwQDTVvIAwMA
UKwDBAO8XeADBALCPvADBAXDFgADBALDSIgwFgQCAAIwEAMFACABTMADBwAqA3PA
AAAwDQYJKoZIhvcNAQELBQADggEBAKVczTJRdSrrqdHh2t7EEstYtKOHDiZYsRNV
ydVGNy8oxQlstY/Utbgki28tQV9z8fBU87XB01/fF9lqujaFXk3NeA62q1EI/mTi
7HNmmnhPaAneX/iF1BuIF8SGEYeEHH233W44p58izoqALa4GIpmN0ekEdbmoLMaq
UmU8rzpw54C3FHyANKBlzYI30rhTUcjABQY9N9aE2G33GXbmsRhqIsEbF53bs9Wo
WOU6TuBjpvlqVMgZNfBA9lVvQCZJuVc10ehGw7AsHiSUyw0QIhc7kq/f34HZgrzh
7edo2Iuxb24X6R70Mp/jEqn230nDSeuxCmF+U3Twi7oI7gO7Hhc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:11 2024 by rpki-client on console-ams.rpki-client.org