Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa
File: qDoqqGP6jRvPzJpnPEGaJODMi0U.roa (raw, json)
Hash identifier: CQSFOXpR14qQDZUJOLR4R8Ax6P1opVaXng6laRK1euo=
Subject key identifier: A8:3A:2A:A8:63:FA:8D:1B:CF:CC:9A:67:3C:41:9A:24:E0:CC:8B:45
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E9B75FF02A3BBEF66553B6C8F9D0A87F6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa
Signing time: Mon 01 Apr 2024 20:59:45 +0000
ROA not before: Mon 01 Apr 2024 20:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:75:ff:02:a3:bb:ef:66:55:3b:6c:8f:9d:0a:87:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 1 20:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a83a2aa863fa8d1bcfcc9a673c419a24e0cc8b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:2d:c6:bc:12:df:e6:fd:9c:d7:84:5f:30:
8d:66:25:49:c0:d2:26:14:76:a3:e9:41:f4:64:06:
4f:40:9f:00:77:06:db:b6:0e:85:75:6c:a5:a8:5a:
e8:85:ab:a0:13:4d:2a:00:db:73:e4:a5:ed:4d:be:
c0:39:1a:93:3c:bd:92:ec:b9:e6:f2:5f:31:73:29:
f7:97:3d:2c:d1:c9:0e:91:57:8b:06:18:9a:66:83:
c2:74:6b:d3:3c:20:cf:77:3d:70:cc:70:4c:93:ab:
c7:3e:60:d4:85:6a:e2:9d:69:d5:ff:cf:66:99:68:
69:35:5e:6d:92:d7:8a:e0:ad:fb:3a:d9:f5:67:05:
da:d1:a5:56:25:3b:d8:58:01:80:8a:8e:6e:71:6b:
d6:e4:25:33:aa:48:02:52:e5:92:17:2b:4c:86:21:
05:82:1c:ca:57:8d:bd:f2:3d:e3:2a:fd:5b:15:e2:
37:f9:ee:5e:cd:9e:df:fa:f2:d3:3a:3d:06:01:17:
5e:89:cf:56:b9:15:f7:b9:c9:fc:49:c7:7f:5f:15:
33:39:c3:2d:cc:4b:43:79:c2:44:c0:7a:d2:c6:33:
0a:86:a3:67:f0:31:8d:e2:c2:66:11:5f:bf:7e:f9:
9d:a7:37:b9:88:26:9b:15:a5:57:03:dc:37:80:09:
02:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3A:2A:A8:63:FA:8D:1B:CF:CC:9A:67:3C:41:9A:24:E0:CC:8B:45
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qDoqqGP6jRvPzJpnPEGaJODMi0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.210.235.0/24
185.214.102.0/24
185.218.20.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f6:0b:2d:a0:a5:36:57:81:0e:de:35:68:75:38:10:4a:b3:
15:62:57:48:2b:9a:30:d9:8b:0d:8a:9d:a1:11:2e:13:42:b2:
48:9e:76:8d:5b:cf:14:17:cb:8e:16:d9:ac:c6:24:38:fa:d7:
27:5e:e4:e1:f8:06:e3:95:9d:72:29:43:cd:00:5a:4a:02:19:
07:79:b1:55:2b:fc:ac:2a:6b:fe:94:22:e2:73:66:3a:69:ec:
6b:4a:07:8c:4b:f0:ad:80:b0:92:5f:b9:3d:1e:d9:e9:c2:3e:
ff:f5:71:a7:2b:a6:99:59:15:95:6d:2f:b8:75:3f:43:58:94:
6a:14:39:20:93:47:16:eb:be:69:32:2e:48:24:e1:e6:c2:9b:
a9:26:2d:65:cf:3a:ae:50:77:a6:df:31:ca:a7:78:e6:3f:cb:
a2:8c:43:db:01:ad:af:3d:fc:51:0b:50:db:fc:7d:63:0e:94:
e8:6e:cd:9f:a6:98:1e:f8:64:f9:6a:bc:08:00:0b:f0:d3:29:
3f:d1:9e:bf:f6:69:3a:ca:67:23:b0:21:10:c5:fa:d5:9a:77:
4f:5b:73:b0:ba:84:eb:b0:12:c1:57:81:68:a4:d9:83:0e:22:
71:aa:98:5e:5a:d2:96:5f:f0:f7:9d:60:49:4e:f9:2d:ea:cd:
d4:b5:a0:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6bdf8Co7vvZlU7bI+dCof2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAxMjA1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODNhMmFhODYzZmE4ZDFiY2ZjYzlhNjczYzQxOWEyNGUwY2M4YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhotxrwS3+b9nNeEXzCNZiVJwNIm
FHaj6UH0ZAZPQJ8Adwbbtg6FdWylqFrohaugE00qANtz5KXtTb7AORqTPL2S7Lnm
8l8xcyn3lz0s0ckOkVeLBhiaZoPCdGvTPCDPdz1wzHBMk6vHPmDUhWrinWnV/89m
mWhpNV5tkteK4K37Otn1ZwXa0aVWJTvYWAGAio5ucWvW5CUzqkgCUuWSFytMhiEF
ghzKV4298j3jKv1bFeI3+e5ezZ7f+vLTOj0GARdeic9WuRX3ucn8Scd/XxUzOcMt
zEtDecJEwHrSxjMKhqNn8DGN4sJmEV+/fvmdpze5iCabFaVXA9w3gAkCCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKg6Kqhj+o0bz8yaZzxBmiTgzItFMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcURvcXFHUDZqUnZQekpwblBFR2FKT0RNaTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAsH34AwQA
udLoAwQAudLrAwQAudZmAwQAudoUAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUA
A4IBAQBF9gstoKU2V4EO3jVodTgQSrMVYldIK5ow2YsNip2hES4TQrJInnaNW88U
F8uOFtmsxiQ4+tcnXuTh+AbjlZ1yKUPNAFpKAhkHebFVK/ysKmv+lCLic2Y6aexr
SgeMS/CtgLCSX7k9Htnpwj7/9XGnK6aZWRWVbS+4dT9DWJRqFDkgk0cW675pMi5I
JOHmwpupJi1lzzquUHem3zHKp3jmP8uijEPbAa2vPfxRC1Db/H1jDpTobs2fppge
+GT5arwIAAvw0yk/0Z6/9mk6ymcjsCEQxfrVmndPW3OwuoTrsBLBV4FopNmDDiJx
qpheWtKWX/D3nWBJTvkt6s3UtaAE
-----END CERTIFICATE-----
Generated at Tue Apr 30 11:44:32 2024 by rpki-client on console-fra.rpki-client.org