Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/qGF4yHxcqwjzQZWWAURGNkU5l0A.roa
File: qGF4yHxcqwjzQZWWAURGNkU5l0A.roa (raw, json)
Hash identifier: athzh18+BdRY+taYBbE235c1JuMR16rJt5xKfQnFkIo=
Subject key identifier: A8:61:78:C8:7C:5C:AB:08:F3:41:95:96:01:44:46:36:45:39:97:40
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 018FE88DF2987CDDFAAD4F804737ADDCC230
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/qGF4yHxcqwjzQZWWAURGNkU5l0A.roa
Signing time: Wed 05 Jun 2024 13:19:27 +0000
ROA not before: Wed 05 Jun 2024 13:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200780
IP address blocks: 5.42.200.0/24 maxlen: 24
45.9.104.0/22 maxlen: 24
45.85.132.0/22 maxlen: 24
45.155.228.0/22 maxlen: 24
45.156.188.0/22 maxlen: 24
46.19.104.0/21 maxlen: 24
77.236.98.0/23 maxlen: 24
88.218.32.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
91.227.36.0/22 maxlen: 24
91.234.104.0/22 maxlen: 24
93.177.69.0/24 maxlen: 24
93.177.70.0/23 maxlen: 24
95.178.108.0/22 maxlen: 24
185.40.102.0/23 maxlen: 24
185.73.204.0/22 maxlen: 24
185.73.204.0/24 maxlen: 24
185.144.24.0/22 maxlen: 24
194.11.255.0/24 maxlen: 24
194.13.1.0/24 maxlen: 24
194.13.64.0/24 maxlen: 24
194.13.67.0/24 maxlen: 24
194.106.208.0/23 maxlen: 24
195.35.96.0/24 maxlen: 24
195.133.148.0/22 maxlen: 24
2a05:46c0::/29 maxlen: 29
2a10:780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:8d:f2:98:7c:dd:fa:ad:4f:80:47:37:ad:dc:c2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jun 5 13:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a86178c87c5cab08f34195960144463645399740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:61:92:27:3a:96:0d:da:37:b8:c8:f5:00:
c5:f1:b4:f0:98:f0:5f:98:9d:42:8b:b9:17:c1:8b:
2c:e4:42:c8:5e:ea:5e:03:03:bc:0f:16:bd:5e:fe:
63:7e:c7:d5:41:da:b9:e5:5c:3d:e6:2f:c8:d7:0f:
6d:85:6d:fc:fe:28:20:97:85:35:99:c8:1b:08:2f:
60:d5:7c:68:ff:68:c7:8e:5e:8b:fe:04:53:33:ce:
92:61:6c:a8:57:53:cf:3b:57:08:8f:ad:f0:67:60:
52:b7:6d:0a:89:fa:01:da:e1:4d:91:79:ed:7b:1b:
5f:bf:9e:2c:99:a5:6e:dc:ee:12:bb:cc:8b:56:c4:
d4:dd:6e:a0:5b:73:99:16:21:fa:79:fa:b2:a2:8f:
a6:b2:70:43:23:91:e9:25:e2:28:97:92:86:65:37:
a3:3e:51:ea:76:7e:69:13:8d:6b:31:d0:39:26:9d:
fd:71:10:4a:61:bf:f2:8b:07:fd:72:c5:cd:89:d2:
1b:28:24:ae:1c:a1:3a:d8:4f:60:22:3f:e2:e7:80:
c3:c5:1a:36:18:a1:96:4f:e5:c1:7d:76:48:50:19:
17:c1:e1:bc:cb:37:8f:b7:36:05:a2:7b:7a:43:12:
20:0c:4a:23:e6:20:e1:d0:07:47:0c:93:21:42:7e:
96:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:61:78:C8:7C:5C:AB:08:F3:41:95:96:01:44:46:36:45:39:97:40
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/qGF4yHxcqwjzQZWWAURGNkU5l0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.200.0/24
45.9.104.0/22
45.85.132.0/22
45.155.228.0/22
45.156.188.0/22
46.19.104.0/21
77.236.98.0/23
88.218.32.0/23
89.40.220.0/23
91.227.36.0/22
91.234.104.0/22
93.177.69.0-93.177.71.255
95.178.108.0/22
185.40.102.0/23
185.73.204.0/22
185.144.24.0/22
194.11.255.0/24
194.13.1.0/24
194.13.64.0/24
194.13.67.0/24
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a05:46c0::/29
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
52:b2:13:a3:39:5e:80:da:c2:de:31:30:84:47:bf:86:e5:08:
76:fc:67:8c:64:fe:67:34:10:77:90:98:a3:09:e4:2a:2e:cf:
f1:5c:ff:09:3b:9a:f9:fc:2d:62:16:f8:26:74:cf:73:cf:0a:
1e:ef:a7:dc:a9:8f:2c:3f:6e:e0:d0:00:e4:c9:c2:e1:95:98:
cc:d9:08:22:d7:97:d3:ee:20:e6:bb:f3:bb:7b:c8:8f:e3:a7:
03:29:54:2a:e9:39:1e:7e:fc:6c:28:56:62:07:39:b8:71:8c:
3b:64:b0:32:f6:f0:02:49:38:cb:8c:01:d5:78:41:6e:1b:ce:
62:a3:e3:02:fc:a5:e8:52:6c:6c:55:3d:e2:86:bd:ba:0a:0e:
06:07:2a:92:2d:ea:eb:68:b4:1d:8d:b3:f5:6a:d2:39:4c:5f:
4d:5f:df:1a:88:ce:ce:26:49:43:46:2f:85:70:66:41:df:f3:
9c:34:73:c4:ca:3d:f7:65:3f:ff:c6:04:fa:95:d0:86:26:21:
8d:78:d3:e9:d9:74:e1:89:52:2b:8b:51:76:db:4a:07:28:21:
9c:d3:2b:3d:f4:97:27:5a:18:0c:e5:e4:3b:ae:b6:17:01:ad:
67:3a:22:35:d9:dd:74:ab:05:79:4f:ef:73:f9:72:d3:7d:3f:
c8:b7:c1:88
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAY/ojfKYfN36rU+ARzet3MIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNjA1MTMxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYxNzhjODdjNWNhYjA4ZjM0MTk1OTYwMTQ0NDYzNjQ1Mzk5NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIJhkic6lg3aN7jI9QDF8bTwmPBf
mJ1Ci7kXwYss5ELIXupeAwO8Dxa9Xv5jfsfVQdq55Vw95i/I1w9thW38/iggl4U1
mcgbCC9g1Xxo/2jHjl6L/gRTM86SYWyoV1PPO1cIj63wZ2BSt20KifoB2uFNkXnt
extfv54smaVu3O4Su8yLVsTU3W6gW3OZFiH6efqyoo+msnBDI5HpJeIol5KGZTej
PlHqdn5pE41rMdA5Jp39cRBKYb/yiwf9csXNidIbKCSuHKE62E9gIj/i54DDxRo2
GKGWT+XBfXZIUBkXweG8yzePtzYFont6QxIgDEoj5iDh0AdHDJMhQn6WuwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFKhheMh8XKsI80GVlgFERjZFOZdAMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvcUdGNHlIeGNxd2p6UVpXV0FVUkdOa1U1bDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBmQQCAAEwgZIDBAAF
KsgDBAItCWgDBAItVYQDBAItm+QDBAItnLwDBAMuE2gDBAFN7GIDBAFY2iADBAFZ
KNwDBAJb4yQDBAJb6mgwDAMEAF2xRQMEA12xQAMEAl+ybAMEAbkoZgMEArlJzAME
ArmQGAMEAMIL/wMEAMINAQMEAMINQAMEAMINQwMEAcJq0AMEAMMjYAMEAsOFlDAU
BAIAAjAOAwUDKgVGwAMFACoQB4AwDQYJKoZIhvcNAQELBQADggEBAFKyE6M5XoDa
wt4xMIRHv4blCHb8Z4xk/mc0EHeQmKMJ5Couz/Fc/wk7mvn8LWIW+CZ0z3PPCh7v
p9ypjyw/buDQAOTJwuGVmMzZCCLXl9PuIOa787t7yI/jpwMpVCrpOR5+/GwoVmIH
ObhxjDtksDL28AJJOMuMAdV4QW4bzmKj4wL8pehSbGxVPeKGvboKDgYHKpIt6uto
tB2Ns/Vq0jlMX01f3xqIzs4mSUNGL4VwZkHf85w0c8TKPfdlP//GBPqV0IYmIY14
0+nZdOGJUiuLUXbbSgcoIZzTKz30lydaGAzl5DuuthcBrWc6IjXZ3XSrBXlP73P5
ctN9P8i3wYg=
-----END CERTIFICATE-----
Generated at Sun Jun 23 14:52:25 2024 by rpki-client on console-ams.rpki-client.org