Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/q3fcLz7-yMl9t9YsM_WsuH9SvMM.roa
File: q3fcLz7-yMl9t9YsM_WsuH9SvMM.roa (raw, json)
Hash identifier: kZRSDAIRV5iOjdH7Ti0HQa6pP+9uIRrCr4KRvGelt14=
Subject key identifier: AB:77:DC:2F:3E:FE:C8:C9:7D:B7:D6:2C:33:F5:AC:B8:7F:52:BC:C3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018EC1B81DA5CA0DC420256DF77F934E9B69
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/q3fcLz7-yMl9t9YsM_WsuH9SvMM.roa
Signing time: Tue 09 Apr 2024 07:17:32 +0000
ROA not before: Tue 09 Apr 2024 07:17:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209243
IP address blocks: 45.157.34.0/24 maxlen: 24
80.64.216.0/24 maxlen: 24
80.64.217.0/24 maxlen: 24
194.146.44.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
194.156.177.0/24 maxlen: 24
195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c1:b8:1d:a5:ca:0d:c4:20:25:6d:f7:7f:93:4e:9b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 9 07:17:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab77dc2f3efec8c97db7d62c33f5acb87f52bcc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:23:73:44:e6:12:6e:4a:ee:5f:df:fc:5c:
5c:0b:11:ef:b3:97:b1:a6:fb:84:1f:98:8a:39:05:
30:b7:23:a2:4f:8c:0c:e2:5c:e9:aa:9a:31:d5:37:
da:59:8c:36:7a:b9:f6:95:15:f5:df:89:6a:fe:d3:
22:9d:ba:a2:6b:9b:17:92:1d:92:c4:08:11:6d:5d:
f7:e3:2b:df:52:b5:60:9c:31:38:a7:13:46:47:2b:
db:19:53:a3:26:71:cb:91:03:3c:19:c3:2b:79:cd:
8e:10:2b:0f:95:e3:a8:ec:33:60:0e:66:fc:3c:21:
a4:71:15:33:fe:cb:d8:e3:ca:64:e0:78:e7:f8:80:
e9:a8:06:65:5b:7c:72:49:74:05:51:b4:ca:1b:f2:
dc:74:2b:44:04:1a:df:56:d8:29:bb:b1:7d:7d:f9:
3f:ea:8a:86:72:d9:15:bf:68:0e:16:b9:e8:36:9d:
d5:86:02:ea:58:f1:66:35:54:67:e5:82:52:13:71:
3d:61:93:e4:27:5a:7a:6e:57:2c:28:a8:ee:27:b0:
e5:0d:00:4c:f7:7d:87:8b:d7:84:91:b5:ef:a3:53:
fa:e5:60:5e:55:02:95:80:97:3e:53:64:e9:8a:f3:
92:63:b9:ff:e7:8a:d7:57:c1:f9:32:63:1f:a8:b7:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:77:DC:2F:3E:FE:C8:C9:7D:B7:D6:2C:33:F5:AC:B8:7F:52:BC:C3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/q3fcLz7-yMl9t9YsM_WsuH9SvMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.34.0/24
80.64.216.0/23
194.146.44.0/24
194.146.49.0/24
194.156.177.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
24:3c:5c:c7:94:d7:ce:d8:82:24:64:94:cc:23:5c:24:93:bf:
17:16:3b:94:ba:af:57:05:7a:fd:cd:22:1e:ce:6d:8b:dc:ee:
cf:c6:69:27:ce:8d:69:aa:b3:a7:60:0c:95:3b:28:43:99:36:
2b:22:c6:be:0c:7e:eb:1c:6c:3b:2b:bb:60:ac:cd:32:04:76:
42:a6:5e:47:0d:94:89:d3:25:6a:72:01:70:b6:e3:54:ad:af:
59:31:0a:91:57:b8:1e:7f:74:a9:22:3b:0a:46:b2:f1:a6:13:
ad:61:2e:28:a1:f0:18:8b:5f:c0:c8:e7:73:92:f7:4e:03:4a:
e7:e7:0c:b3:90:46:f6:75:09:90:67:a2:c7:f4:b2:d9:f9:98:
1e:c9:69:d7:f6:d6:7e:4b:6a:ef:cc:c7:59:3d:1d:3c:e5:81:
0e:8b:71:10:18:4d:b2:3f:a0:b8:85:bc:c5:73:a4:43:7e:53:
ac:54:f1:56:dc:90:71:0e:7b:92:f4:e4:62:40:66:ac:9f:39:
d7:62:dd:de:95:23:0f:41:aa:bf:f2:3e:d4:44:35:95:0c:74:
fb:bf:e0:3f:f9:0f:72:a2:42:62:16:1f:4c:70:b4:c2:e0:ab:
10:54:45:b4:e9:a5:d7:02:bc:3e:c0:1e:21:04:e6:a4:07:67:
38:f4:d7:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7BuB2lyg3EICVt93+TTptpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNDA5MDcxNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc3ZGMyZjNlZmVjOGM5N2RiN2Q2MmMzM2Y1YWNiODdmNTJiY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWUjc0TmEm5K7l/f/FxcCxHvs5ex
pvuEH5iKOQUwtyOiT4wM4lzpqpox1TfaWYw2ern2lRX134lq/tMinbqia5sXkh2S
xAgRbV334yvfUrVgnDE4pxNGRyvbGVOjJnHLkQM8GcMrec2OECsPleOo7DNgDmb8
PCGkcRUz/svY48pk4Hjn+IDpqAZlW3xySXQFUbTKG/LcdCtEBBrfVtgpu7F9ffk/
6oqGctkVv2gOFrnoNp3VhgLqWPFmNVRn5YJSE3E9YZPkJ1p6blcsKKjuJ7DlDQBM
932Hi9eEkbXvo1P65WBeVQKVgJc+U2TpivOSY7n/54rXV8H5MmMfqLeFpQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKt33C8+/sjJfbfWLDP1rLh/UrzDMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcTNmY0x6Ny15TWw5dDlZc01fV3N1SDlTdk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ0iAwQB
UEDYAwQAwpIsAwQAwpIxAwQAwpyxAwQBwxacMA0GCSqGSIb3DQEBCwUAA4IBAQAk
PFzHlNfO2IIkZJTMI1wkk78XFjuUuq9XBXr9zSIezm2L3O7Pxmknzo1pqrOnYAyV
OyhDmTYrIsa+DH7rHGw7K7tgrM0yBHZCpl5HDZSJ0yVqcgFwtuNUra9ZMQqRV7ge
f3SpIjsKRrLxphOtYS4oofAYi1/AyOdzkvdOA0rn5wyzkEb2dQmQZ6LH9LLZ+Zge
yWnX9tZ+S2rvzMdZPR085YEOi3EQGE2yP6C4hbzFc6RDflOsVPFW3JBxDnuS9ORi
QGasnznXYt3elSMPQaq/8j7URDWVDHT7v+A/+Q9yokJiFh9McLTC4KsQVEW06aXX
Arw+wB4hBOakB2c49NdC
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:50:55 2024 by rpki-client on console-fra.rpki-client.org