Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/mqB1uWV4FRPivd-giPowINYBT_o.roa
File: mqB1uWV4FRPivd-giPowINYBT_o.roa (raw, json)
Hash identifier: lYWj8PP9NeZEQD9cklGMg+6kBo6SonTUii41cQLDbqo=
Subject key identifier: 9A:A0:75:B9:65:78:15:13:E2:BD:DF:A0:88:FA:30:20:D6:01:4F:FA
Certificate issuer: /CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Certificate serial: 018CC64A6C05B0D290908BECA1F241116C48
Authority key identifier: 4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/mqB1uWV4FRPivd-giPowINYBT_o.roa
Signing time: Mon 01 Jan 2024 18:30:15 +0000
ROA not before: Mon 01 Jan 2024 18:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210269
IP address blocks: 178.237.56.0/24 maxlen: 24
178.237.59.0/24 maxlen: 24
2a0d:5540::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:6c:05:b0:d2:90:90:8b:ec:a1:f2:41:11:6c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba9afd21cb8fbe6b850800cd4b49f2562c92ba0
Validity
Not Before: Jan 1 18:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aa075b965781513e2bddfa088fa3020d6014ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a7:9d:32:76:58:6f:7e:d8:3e:64:9c:fa:ca:
5d:f2:04:eb:9f:ba:a7:6f:12:73:eb:b9:67:05:3d:
22:85:da:41:ea:2d:a1:bd:8e:02:5f:19:28:f2:3a:
55:11:51:3b:e6:57:64:27:6c:e4:c7:2d:23:63:17:
5f:7e:58:e9:c1:25:7e:2f:ef:be:e0:bc:01:87:36:
27:60:43:c1:34:a3:ef:e4:c6:34:12:0f:22:d4:ca:
25:11:2f:cc:c0:45:16:95:d0:a7:00:8c:d2:b5:61:
38:16:54:4b:ea:be:5a:d7:c9:85:b7:5c:91:b3:45:
04:37:cb:b4:f7:bd:9c:39:35:40:ff:26:33:01:67:
ff:df:94:b8:54:be:3f:3e:2a:4f:7a:bd:e2:81:d7:
cc:08:8e:a3:46:76:58:c3:10:ab:fb:22:4f:ed:57:
fe:7e:3a:cc:b9:d9:f5:b2:01:b0:72:05:a3:5c:32:
bd:a3:ff:f9:81:87:4b:8c:eb:88:59:db:38:dc:61:
9a:12:de:6a:1b:11:25:24:0e:ac:30:cd:ef:1f:08:
15:ac:99:40:38:5c:13:93:4e:38:1f:7c:0c:73:5e:
30:ac:27:43:77:16:ec:98:6f:32:69:6e:ac:f2:8f:
2a:a2:e9:e4:ef:e3:bb:39:15:c1:02:9f:67:b5:8e:
b8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A0:75:B9:65:78:15:13:E2:BD:DF:A0:88:FA:30:20:D6:01:4F:FA
X509v3 Authority Key Identifier:
keyid:4B:A9:AF:D2:1C:B8:FB:E6:B8:50:80:0C:D4:B4:9F:25:62:C9:2B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6mv0hy4--a4UIAM1LSfJWLJK6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/mqB1uWV4FRPivd-giPowINYBT_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d5bd39-bea6-447b-83bb-f69622425651/1/S6mv0hy4--a4UIAM1LSfJWLJK6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.56.0/24
178.237.59.0/24
IPv6:
2a0d:5540::/48
Signature Algorithm: sha256WithRSAEncryption
53:18:e9:2d:66:0c:44:b7:7e:48:16:6f:4b:39:12:af:21:b4:
c2:e7:c1:60:80:52:cf:32:6a:59:fe:9e:d6:43:bf:be:bd:f4:
ac:ee:b7:07:73:dc:4b:4c:3e:56:da:50:0b:a7:ae:fb:f4:a7:
73:45:cb:92:ad:4f:33:99:7e:7e:bd:bf:36:8a:81:6b:98:4a:
37:03:59:40:31:f9:1a:15:3d:ff:bd:a0:3c:47:46:c1:56:6c:
e1:4f:ca:73:b5:11:2e:9e:a2:d4:30:55:85:8d:31:f9:fd:9f:
17:90:4a:1d:63:96:b9:41:53:59:2b:a6:f6:1d:f9:84:56:31:
35:ca:02:48:89:00:83:32:46:99:1e:c1:b0:71:c1:93:50:d9:
f6:66:c0:48:f3:78:68:cc:14:bf:a4:4d:e4:2c:1a:91:ff:26:
61:a4:e9:75:3d:d3:1c:2b:4f:11:7c:bc:df:73:46:da:09:2a:
f7:68:1f:22:f4:99:3c:39:a3:3e:c3:d2:b3:b0:6a:7c:a7:d3:
58:4c:93:ad:4f:20:aa:ce:6b:bb:71:70:c1:90:b9:cc:45:04:
a9:a6:27:7f:83:c4:df:fc:6a:69:79:79:60:6a:ea:3a:19:03:
e7:55:55:a0:a9:06:e5:89:e0:05:7e:c0:52:4b:c2:2c:eb:b0:
f0:24:92:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSmwFsNKQkIvsofJBEWxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTlhZmQyMWNiOGZiZTZiODUwODAwY2Q0YjQ5ZjI1NjJj
OTJiYTAwHhcNMjQwMTAxMTgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWEwNzViOTY1NzgxNTEzZTJiZGRmYTA4OGZhMzAyMGQ2MDE0ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKedMnZYb37YPmSc+spd8gTrn7qn
bxJz67lnBT0ihdpB6i2hvY4CXxko8jpVEVE75ldkJ2zkxy0jYxdffljpwSV+L+++
4LwBhzYnYEPBNKPv5MY0Eg8i1MolES/MwEUWldCnAIzStWE4FlRL6r5a18mFt1yR
s0UEN8u0972cOTVA/yYzAWf/35S4VL4/PipPer3igdfMCI6jRnZYwxCr+yJP7Vf+
fjrMudn1sgGwcgWjXDK9o//5gYdLjOuIWds43GGaEt5qGxElJA6sMM3vHwgVrJlA
OFwTk044H3wMc14wrCdDdxbsmG8yaW6s8o8qounk7+O7ORXBAp9ntY641QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJqgdblleBUT4r3foIj6MCDWAU/6MB8GA1UdIwQY
MBaAFEupr9IcuPvmuFCADNS0nyViySugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmIt
ZjY5NjIyNDI1NjUxLzEvbXFCMXVXVjRGUlBpdmQtZ2lQb3dJTllCVF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kNWJkMzktYmVhNi00NDdiLTgzYmItZjY5NjIyNDI1NjUx
LzEvUzZtdjBoeTQtLWE0VUlBTTFMU2ZKV0xKSzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsu04AwQA
su07MA8EAgACMAkDBwAqDVVAAAAwDQYJKoZIhvcNAQELBQADggEBAFMY6S1mDES3
fkgWb0s5Eq8htMLnwWCAUs8yaln+ntZDv7699Kzutwdz3EtMPlbaUAunrvv0p3NF
y5KtTzOZfn69vzaKgWuYSjcDWUAx+RoVPf+9oDxHRsFWbOFPynO1ES6eotQwVYWN
Mfn9nxeQSh1jlrlBU1krpvYd+YRWMTXKAkiJAIMyRpkewbBxwZNQ2fZmwEjzeGjM
FL+kTeQsGpH/JmGk6XU90xwrTxF8vN9zRtoJKvdoHyL0mTw5oz7D0rOwanyn01hM
k61PIKrOa7txcMGQucxFBKmmJ3+DxN/8aml5eWBq6joZA+dVVaCpBuWJ4AV+wFJL
wizrsPAkkqY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:50 2024 by rpki-client on console-ams.rpki-client.org