Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/giQyqryYqFNPvoXG0DutU6vOxxg.roa
File: giQyqryYqFNPvoXG0DutU6vOxxg.roa (raw, json)
Hash identifier: 42+oZJZf6sqHGIo8owN1ZZZKQFvoNmO629sY7pNFWM8=
Subject key identifier: 82:24:32:AA:BC:98:A8:53:4F:BE:85:C6:D0:3B:AD:53:AB:CE:C7:18
Certificate issuer: /CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Certificate serial: 018CC801DD937331446416CD6CDF7332F161
Authority key identifier: 14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/giQyqryYqFNPvoXG0DutU6vOxxg.roa
Signing time: Tue 02 Jan 2024 02:30:14 +0000
ROA not before: Tue 02 Jan 2024 02:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15617
IP address blocks: 212.152.112.0/20 maxlen: 20
188.73.232.0/21 maxlen: 21
212.152.66.0/24 maxlen: 24
212.152.64.0/18 maxlen: 22
188.73.244.0/22 maxlen: 22
212.152.68.0/23 maxlen: 23
212.152.72.0/21 maxlen: 22
188.73.249.0/24 maxlen: 24
188.73.252.0/22 maxlen: 22
212.152.76.0/22 maxlen: 22
188.73.248.0/24 maxlen: 24
212.152.82.0/23 maxlen: 24
212.152.80.0/22 maxlen: 23
212.152.91.0/24 maxlen: 24
212.152.96.0/19 maxlen: 19
188.73.192.0/22 maxlen: 22
188.73.192.0/18 maxlen: 24
188.73.196.0/22 maxlen: 22
2a00:a880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:dd:93:73:31:44:64:16:cd:6c:df:73:32:f1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=148a0c4067ca33ac76573fc86cfd75b7ecd200ff
Validity
Not Before: Jan 2 02:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822432aabc98a8534fbe85c6d03bad53abcec718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:b9:c1:23:a1:38:24:e2:bb:09:d0:ce:9b:
d8:0f:2a:25:43:9d:8a:cb:0b:72:0c:32:b9:8f:3d:
b9:6b:3e:4a:83:53:74:1a:9d:eb:a0:66:b5:ca:a7:
9d:9e:13:7c:48:68:d1:f1:50:f0:6e:6d:4b:38:02:
ac:52:15:e2:92:2a:a0:06:c2:6d:cc:d4:69:3f:4c:
34:26:f5:51:49:73:2f:39:1e:a5:c4:74:0e:97:be:
e4:b8:04:e1:4f:70:8b:d5:a4:94:4a:75:93:ee:5b:
95:d7:6d:56:34:08:84:61:3c:ec:56:9b:c6:69:4d:
97:7c:25:33:db:07:72:03:78:39:93:4c:60:aa:4f:
6d:71:4a:36:dc:4a:6d:43:6d:85:99:a4:94:c3:53:
6b:49:22:73:28:72:3d:fa:36:8c:04:3e:50:f8:11:
2e:2e:7c:2f:e6:c3:de:13:e4:42:d8:97:7e:6d:0b:
57:f1:96:d3:aa:ea:cf:bd:7c:a8:11:ab:68:b5:cb:
45:f4:43:1c:99:5c:4c:61:c7:7c:d8:60:a6:84:c4:
8b:49:62:05:83:e5:78:e7:0e:f8:4f:fd:39:c7:98:
e9:5b:da:c2:d9:f8:ab:c6:c6:a6:b4:4c:0b:74:ee:
7d:23:99:34:b5:53:c9:06:39:3e:d0:9e:d3:f4:ca:
aa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:24:32:AA:BC:98:A8:53:4F:BE:85:C6:D0:3B:AD:53:AB:CE:C7:18
X509v3 Authority Key Identifier:
keyid:14:8A:0C:40:67:CA:33:AC:76:57:3F:C8:6C:FD:75:B7:EC:D2:00:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FIoMQGfKM6x2Vz_IbP11t-zSAP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/giQyqryYqFNPvoXG0DutU6vOxxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/009fb7-9ed0-44ff-b7db-9e07b56b57b8/1/FIoMQGfKM6x2Vz_IbP11t-zSAP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.73.192.0/18
212.152.64.0/18
IPv6:
2a00:a880::/32
Signature Algorithm: sha256WithRSAEncryption
15:cd:1c:d4:b8:8b:f0:1c:ae:95:33:f5:ef:e4:d4:09:81:83:
a2:39:9d:9e:5f:8f:6e:93:0e:6c:5a:8b:51:d5:03:75:ae:cb:
2b:76:83:f3:89:cc:6b:3e:41:5e:85:ca:16:aa:28:04:e2:94:
96:66:7c:9b:3f:70:2d:38:3f:92:3c:79:4b:1b:ec:37:58:2e:
a7:bd:7e:cf:66:18:9e:c8:7b:2e:9a:24:77:45:29:95:c6:08:
f5:e3:8c:24:c3:4e:0a:f0:ae:44:b8:60:03:5f:3f:7d:bf:63:
18:25:2a:db:ae:d3:55:b3:c9:01:ce:c8:e0:67:ee:75:ac:61:
7a:17:15:4f:99:6b:bc:31:74:ff:3c:73:77:5c:73:c1:4c:4a:
07:c1:63:51:ee:68:a3:75:2a:81:47:de:04:5e:8e:91:d9:5a:
98:df:45:17:56:b3:18:34:c9:0b:20:66:e5:4b:4c:31:6e:f0:
81:e0:b1:92:1a:dc:d7:10:41:9b:f7:59:69:f7:8c:3f:75:1f:
5f:7c:06:80:9b:9c:97:16:29:6c:9e:ca:48:87:2a:64:5a:4d:
47:eb:5c:57:56:54:55:71:94:17:f7:c0:e0:8c:da:cd:88:f9:
1d:03:08:b5:25:04:c5:a1:30:29:94:2b:97:f1:36:e9:71:5a:
d8:42:89:50
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAd2TczFEZBbNbN9zMvFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OGEwYzQwNjdjYTMzYWM3NjU3M2ZjODZjZmQ3NWI3ZWNk
MjAwZmYwHhcNMjQwMTAyMDIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjI0MzJhYWJjOThhODUzNGZiZTg1YzZkMDNiYWQ1M2FiY2VjNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaK5wSOhOCTiuwnQzpvYDyolQ52K
ywtyDDK5jz25az5Kg1N0Gp3roGa1yqednhN8SGjR8VDwbm1LOAKsUhXikiqgBsJt
zNRpP0w0JvVRSXMvOR6lxHQOl77kuAThT3CL1aSUSnWT7luV121WNAiEYTzsVpvG
aU2XfCUz2wdyA3g5k0xgqk9tcUo23EptQ22FmaSUw1NrSSJzKHI9+jaMBD5Q+BEu
Lnwv5sPeE+RC2Jd+bQtX8ZbTqurPvXyoEatotctF9EMcmVxMYcd82GCmhMSLSWIF
g+V45w74T/05x5jpW9rC2firxsamtEwLdO59I5k0tVPJBjk+0J7T9MqqowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIIkMqq8mKhTT76FxtA7rVOrzscYMB8GA1UdIwQY
MBaAFBSKDEBnyjOsdlc/yGz9dbfs0gD/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRklvTVFHZktNNngyVnpfSWJQMTF0LXpTQVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wMDlmYjctOWVkMC00NGZmLWI3ZGIt
OWUwN2I1NmI1N2I4LzEvZ2lReXFyeVlxRk5Qdm9YRzBEdXRVNnZPeHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wMDlmYjctOWVkMC00NGZmLWI3ZGItOWUwN2I1NmI1N2I4
LzEvRklvTVFHZktNNngyVnpfSWJQMTF0LXpTQVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGvEnAAwQG
1JhAMA0EAgACMAcDBQAqAKiAMA0GCSqGSIb3DQEBCwUAA4IBAQAVzRzUuIvwHK6V
M/Xv5NQJgYOiOZ2eX49ukw5sWotR1QN1rssrdoPzicxrPkFehcoWqigE4pSWZnyb
P3AtOD+SPHlLG+w3WC6nvX7PZhieyHsumiR3RSmVxgj144wkw04K8K5EuGADXz99
v2MYJSrbrtNVs8kBzsjgZ+51rGF6FxVPmWu8MXT/PHN3XHPBTEoHwWNR7mijdSqB
R94EXo6R2VqY30UXVrMYNMkLIGblS0wxbvCB4LGSGtzXEEGb91lp94w/dR9ffAaA
m5yXFilsnspIhypkWk1H61xXVlRVcZQX98DgjNrNiPkdAwi1JQTFoTAplCuX8Tbp
cVrYQolQ
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:20:22 2024 by rpki-client on console-fra.rpki-client.org