Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/V8mKElAdzp2QC2oAo44uMeAA-qc.roa
File: V8mKElAdzp2QC2oAo44uMeAA-qc.roa (raw, json)
Hash identifier: 2OwkYfjwl+pdOAnJfJ84BB+uTY6jaVSAqVMovSXwiYA=
Subject key identifier: 57:C9:8A:12:50:1D:CE:9D:90:0B:6A:00:A3:8E:2E:31:E0:00:FA:A7
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 0190973FB976C848C35CE8E18EE62E6B1134
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/V8mKElAdzp2QC2oAo44uMeAA-qc.roa
Signing time: Tue 09 Jul 2024 11:27:34 +0000
ROA not before: Tue 09 Jul 2024 11:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212216
IP address blocks: 80.249.115.0/24 maxlen: 24
185.73.226.0/24 maxlen: 32
185.223.160.0/24 maxlen: 24
195.28.10.0/24 maxlen: 24
195.28.168.0/24 maxlen: 24
195.28.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:3f:b9:76:c8:48:c3:5c:e8:e1:8e:e6:2e:6b:11:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Jul 9 11:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57c98a12501dce9d900b6a00a38e2e31e000faa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7d:2d:29:2e:01:e4:06:6b:f7:f1:39:2a:87:
75:0d:5d:2a:f9:e0:58:cc:9b:5c:d0:2a:cb:ee:67:
47:b8:92:88:71:01:06:b1:7c:e7:d7:ac:93:a6:8a:
03:25:ff:0f:17:90:08:8b:69:fa:7d:2a:6b:0a:ad:
72:d5:a2:0a:c2:a4:76:fb:6e:42:b0:71:cb:ad:92:
15:ce:6d:59:a1:21:21:d5:28:a0:54:49:c4:20:53:
57:bf:1a:e3:f5:08:be:c4:3b:87:e4:7b:a9:34:e4:
62:66:66:ea:e7:f6:ef:b9:d1:29:25:52:3e:1e:40:
86:02:6d:ac:94:85:f9:10:53:35:a6:a8:79:c0:b9:
70:52:6f:db:37:85:b0:aa:1f:8d:06:00:36:e2:1e:
3b:37:53:a6:14:a3:8f:4f:ef:41:d2:6d:44:da:c0:
dd:c8:94:2d:56:6e:57:c5:ba:3b:59:b5:eb:c0:46:
18:24:97:f8:7b:7b:24:25:eb:c3:f2:9e:cd:0d:c7:
39:48:ed:be:66:d1:57:b8:6d:b2:03:ff:ad:69:8d:
fe:72:c8:95:70:01:3e:d4:48:d0:35:d7:28:de:62:
f6:cd:17:0d:bb:01:b2:d5:83:4d:dd:55:c9:31:a6:
ac:45:ca:cd:15:45:1c:dc:d0:78:35:d6:c4:d4:b7:
82:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C9:8A:12:50:1D:CE:9D:90:0B:6A:00:A3:8E:2E:31:E0:00:FA:A7
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/V8mKElAdzp2QC2oAo44uMeAA-qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.115.0/24
185.73.226.0/24
185.223.160.0/24
195.28.10.0/24
195.28.168.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:bf:a3:e6:04:c9:8f:ab:c0:1e:2d:86:6e:b9:77:2a:e9:b8:
82:7a:3a:5e:d0:07:2e:d6:bb:68:0b:44:8d:0e:16:37:ab:8a:
37:ad:60:48:c0:66:f3:83:df:2f:ae:02:dd:ae:b0:dc:72:32:
7c:13:50:40:18:0b:f5:b0:1c:85:84:86:d8:dd:fd:24:a2:4e:
9d:ab:61:bb:ae:b4:b6:6b:1c:25:8e:bc:2a:c6:4c:ad:7a:69:
41:63:74:21:2d:03:3d:d4:2d:1e:bb:58:cf:a7:c3:8e:e9:b0:
3b:1f:ff:ef:5d:69:c5:83:66:96:58:8c:5e:3d:8e:f8:12:ff:
bf:37:91:e3:ce:25:99:b0:99:e1:46:18:a9:06:6f:f8:bc:c7:
5d:19:d1:a5:6e:05:ea:6d:85:89:71:5e:c4:ad:db:7a:92:ef:
ff:2c:21:c9:0f:8b:2c:e7:f0:14:4f:97:ed:9f:e9:8c:75:97:
01:61:0b:19:e3:63:94:89:d8:79:a3:fe:47:99:f4:d8:bf:bd:
ee:2d:ed:3b:d4:52:bb:e5:68:7e:63:de:d3:bf:90:60:3a:13:
d7:f8:cb:85:31:22:72:02:5d:86:cc:1b:b2:4d:fa:a3:cb:dc:
0a:a0:6e:e0:23:16:24:f6:6d:15:22:2b:01:d8:5a:87:c0:70:
09:de:69:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCXP7l2yEjDXOjhjuYuaxE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjQwNzA5MTEyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2M5OGExMjUwMWRjZTlkOTAwYjZhMDBhMzhlMmUzMWUwMDBmYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX0tKS4B5AZr9/E5Kod1DV0q+eBY
zJtc0CrL7mdHuJKIcQEGsXzn16yTpooDJf8PF5AIi2n6fSprCq1y1aIKwqR2+25C
sHHLrZIVzm1ZoSEh1SigVEnEIFNXvxrj9Qi+xDuH5HupNORiZmbq5/bvudEpJVI+
HkCGAm2slIX5EFM1pqh5wLlwUm/bN4Wwqh+NBgA24h47N1OmFKOPT+9B0m1E2sDd
yJQtVm5Xxbo7WbXrwEYYJJf4e3skJevD8p7NDcc5SO2+ZtFXuG2yA/+taY3+csiV
cAE+1EjQNdco3mL2zRcNuwGy1YNN3VXJMaasRcrNFUUc3NB4NdbE1LeC9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFfJihJQHc6dkAtqAKOOLjHgAPqnMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvVjhtS0VsQWR6cDJRQzJvQW80NHVNZUFBLXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUPlzAwQA
uUniAwQAud+gAwQAwxwKAwQBwxyoMA0GCSqGSIb3DQEBCwUAA4IBAQCfv6PmBMmP
q8AeLYZuuXcq6biCejpe0Acu1rtoC0SNDhY3q4o3rWBIwGbzg98vrgLdrrDccjJ8
E1BAGAv1sByFhIbY3f0kok6dq2G7rrS2axwljrwqxkytemlBY3QhLQM91C0eu1jP
p8OO6bA7H//vXWnFg2aWWIxePY74Ev+/N5HjziWZsJnhRhipBm/4vMddGdGlbgXq
bYWJcV7Erdt6ku//LCHJD4ss5/AUT5ftn+mMdZcBYQsZ42OUidh5o/5HmfTYv73u
Le071FK75Wh+Y97Tv5BgOhPX+MuFMSJyAl2GzBuyTfqjy9wKoG7gIxYk9m0VIisB
2FqHwHAJ3mke
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:18:27 2024 by rpki-client on console-fra.rpki-client.org