Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/QJAybcEDagp1cDbutRur8ImGGRY.roa
File: QJAybcEDagp1cDbutRur8ImGGRY.roa (raw, json)
Hash identifier: C8rgOnUv3lG1C9Bb6TDJVxoAefsuw/zwG3q66FbcOTo=
Subject key identifier: 40:90:32:6D:C1:03:6A:0A:75:70:36:EE:B5:1B:AB:F0:89:86:19:16
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 0192E2E96C5D57C1D2582A8D2B9B2CC48528
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/QJAybcEDagp1cDbutRur8ImGGRY.roa
Signing time: Thu 31 Oct 2024 14:10:01 +0000
ROA not before: Thu 31 Oct 2024 14:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
185.159.128.0/24 maxlen: 32
185.159.131.0/24 maxlen: 32
185.228.235.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:e9:6c:5d:57:c1:d2:58:2a:8d:2b:9b:2c:c4:85:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Oct 31 14:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4090326dc1036a0a757036eeb51babf089861916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cc:17:f1:6c:15:1d:b6:99:aa:5e:85:15:67:
8a:25:49:e5:9c:d7:68:c6:0a:6d:54:7d:17:30:45:
ba:b7:bd:10:0a:95:04:13:6e:84:4a:36:a6:be:0d:
77:83:77:c0:ee:53:21:1a:a4:7e:e5:58:15:e3:f9:
72:f9:e6:ba:6e:19:f8:9c:12:bb:92:d1:ac:11:30:
81:95:e3:f7:55:04:dc:b3:64:d6:dc:83:65:09:98:
1f:56:ed:11:cd:c1:de:9b:24:6d:d5:7c:34:6a:52:
e0:a9:52:b9:40:73:8f:c0:15:a0:79:49:26:7e:a2:
30:bd:8d:29:f5:5e:05:6b:06:e7:87:e9:77:41:35:
a2:6d:ca:53:09:c1:e8:81:d0:83:a1:e6:d1:fe:bc:
83:3b:d1:95:8f:50:c5:21:b0:8d:f7:d5:ef:88:e9:
cf:ae:0b:53:df:98:c1:b8:af:8e:05:91:b6:bb:01:
d2:93:7c:8e:d9:24:90:ae:74:ab:f7:11:7e:96:e4:
b5:c8:46:c5:0c:8c:0d:5c:87:57:c1:45:fb:8b:56:
0c:ab:be:9c:35:12:44:4c:f3:d5:80:83:5b:67:9c:
b9:2c:cf:57:f4:65:6c:3d:6f:a5:34:a7:f8:5d:7b:
5e:ac:da:e0:64:3d:0d:d1:ea:90:6e:be:3d:ee:05:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:90:32:6D:C1:03:6A:0A:75:70:36:EE:B5:1B:AB:F0:89:86:19:16
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/QJAybcEDagp1cDbutRur8ImGGRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.22.0-45.156.25.255
45.156.27.0/24
178.255.222.0/24
185.92.180.0/22
185.159.128.0/24
185.159.131.0/24
185.228.235.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:6d:05:6d:7a:29:7d:f9:ea:db:56:cd:04:2f:41:f6:df:ad:
a8:27:97:c9:cc:00:46:b0:e3:5f:ea:37:f1:1c:df:cd:cf:7d:
c5:ce:c2:92:19:95:7e:91:dd:bf:31:c1:57:2e:a6:6a:34:5e:
ea:dd:7c:0a:c7:fb:a1:bc:05:ad:81:9b:cd:f4:d6:01:7e:0d:
55:24:6a:78:0f:80:3e:21:8b:d0:83:e6:62:5b:49:20:cb:c4:
cf:8b:02:b2:f4:2a:2e:6a:7f:1f:c3:50:37:28:3a:3d:71:fc:
35:4b:6d:99:97:56:66:ab:bc:29:f4:1f:22:b9:2d:84:87:f1:
a4:50:53:62:19:af:78:a9:7e:32:a7:54:1e:35:d9:93:82:d0:
e8:63:b0:5c:26:3b:4b:10:c0:b0:4e:cc:c4:9c:b1:da:a4:73:
9f:74:65:35:39:d8:89:63:f9:4f:96:51:98:28:69:c3:9d:83:
fb:ce:01:40:cb:46:2a:73:68:c6:04:ef:fb:eb:14:1d:e6:73:
0b:b9:22:20:5f:d4:04:f2:be:02:4b:44:e1:57:2c:bf:c5:2f:
f1:0a:f5:75:40:73:79:e5:44:82:6a:f3:be:9c:01:d5:b2:92:
33:8b:bd:21:5b:a3:27:78:7c:bb:ab:ba:50:1f:4c:fd:0d:3a:
6a:2c:ee:b3
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZLi6WxdV8HSWCqNK5ssxIUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjQxMDMxMTQxMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDkwMzI2ZGMxMDM2YTBhNzU3MDM2ZWViNTFiYWJmMDg5ODYxOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApswX8WwVHbaZql6FFWeKJUnlnNdo
xgptVH0XMEW6t70QCpUEE26ESjamvg13g3fA7lMhGqR+5VgV4/ly+ea6bhn4nBK7
ktGsETCBleP3VQTcs2TW3INlCZgfVu0RzcHemyRt1Xw0alLgqVK5QHOPwBWgeUkm
fqIwvY0p9V4Fawbnh+l3QTWibcpTCcHogdCDoebR/ryDO9GVj1DFIbCN99XviOnP
rgtT35jBuK+OBZG2uwHSk3yO2SSQrnSr9xF+luS1yEbFDIwNXIdXwUX7i1YMq76c
NRJETPPVgINbZ5y5LM9X9GVsPW+lNKf4XXterNrgZD0N0eqQbr497gUpOQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFECQMm3BA2oKdXA27rUbq/CJhhkWMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvUUpBeWJjRURhZ3AxY0RidXRSdXI4SW1HR1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwMAwDBAEt
nBYDBAEtnBgDBAAtnBsDBACy/94DBAK5XLQDBAC5n4ADBAC5n4MDBAC55OsDBADB
sJkDBADBsJ4DBADBsLMDBADBsL4DBAHCJKoDBADCJNEwDAMEAcJ01gMEAcJ02AME
AMJ4GAMEAMJ4dDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEAG20F
bXopffnq21bNBC9B9t+tqCeXycwARrDjX+o38Rzfzc99xc7CkhmVfpHdvzHBVy6m
ajRe6t18Csf7obwFrYGbzfTWAX4NVSRqeA+APiGL0IPmYltJIMvEz4sCsvQqLmp/
H8NQNyg6PXH8NUttmZdWZqu8KfQfIrkthIfxpFBTYhmveKl+MqdUHjXZk4LQ6GOw
XCY7SxDAsE7MxJyx2qRzn3RlNTnYiWP5T5ZRmChpw52D+84BQMtGKnNoxgTv++sU
HeZzC7kiIF/UBPK+AktE4Vcsv8Uv8Qr1dUBzeeVEgmrzvpwB1bKSM4u9IVujJ3h8
u6u6UB9M/Q06aizusw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:59:42 2024 by rpki-client on console-ams.rpki-client.org