Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/fqmQNG3B8FC5ZGCVUWO64H_j2bs.roa
File: fqmQNG3B8FC5ZGCVUWO64H_j2bs.roa (raw, json)
Hash identifier: vaSuZ/oTx9YGErJsgaCJfOWzlSCwc99EpVT4Efb6a1A=
Subject key identifier: 7E:A9:90:34:6D:C1:F0:50:B9:64:60:95:51:63:BA:E0:7F:E3:D9:BB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E8144AC504079A4C48BC17A4935CE15B9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/fqmQNG3B8FC5ZGCVUWO64H_j2bs.roa
Signing time: Wed 27 Mar 2024 18:55:45 +0000
ROA not before: Wed 27 Mar 2024 18:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13194
IP address blocks: 80.81.61.0/24 maxlen: 24
85.254.71.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/23 maxlen: 23
85.254.74.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.76.0/24 maxlen: 24
85.254.80.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.94.0/24 maxlen: 24
85.254.95.0/24 maxlen: 24
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.98.0/23 maxlen: 23
85.254.100.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.159.0/24 maxlen: 24
85.254.161.0/24 maxlen: 24
85.254.168.0/24 maxlen: 24
85.254.169.0/24 maxlen: 24
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
91.190.45.0/24 maxlen: 24
159.148.73.0/24 maxlen: 24
159.148.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 09:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:44:ac:50:40:79:a4:c4:8b:c1:7a:49:35:ce:15:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 27 18:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ea990346dc1f050b96460955163bae07fe3d9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:07:ed:7d:4d:79:f9:7c:0f:8f:8c:8e:fe:42:
ee:fc:7e:a0:e2:c8:45:b2:68:07:c8:d6:2d:44:f9:
26:9a:95:08:f2:2d:90:8a:4e:93:04:b0:d8:00:53:
9b:4a:0d:59:62:9b:20:32:88:88:fd:1c:3d:43:34:
24:40:da:e4:52:de:7d:b2:17:6f:0a:79:e6:51:a0:
0c:99:58:78:d5:5a:9d:cf:a1:e3:de:c1:3e:31:91:
76:17:09:da:b6:94:8b:0c:88:bc:cf:fe:6e:1c:3e:
39:88:b1:45:31:6e:2b:d8:72:a8:be:e2:c8:1f:9c:
da:db:f9:2b:37:2a:b2:a8:fe:95:9b:24:8e:d5:7b:
ca:0a:a1:2a:e5:4c:b8:a6:fd:ce:45:2d:7e:83:22:
00:74:b9:bc:08:26:e6:5b:17:39:50:df:93:35:c0:
8f:46:33:85:9a:f0:21:c2:48:8d:5e:6d:d9:8d:90:
39:52:03:41:08:bf:46:20:7d:83:15:e4:e9:65:11:
24:59:17:28:3a:35:02:d7:26:d8:50:37:3c:0e:2d:
32:39:42:e3:fe:8c:ad:64:b8:9a:6c:92:5c:c4:93:
24:ef:44:68:c5:70:3c:ec:f3:29:07:61:17:db:65:
fd:aa:01:1e:f3:77:10:00:ee:bf:34:76:a6:1b:76:
93:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A9:90:34:6D:C1:F0:50:B9:64:60:95:51:63:BA:E0:7F:E3:D9:BB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/fqmQNG3B8FC5ZGCVUWO64H_j2bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.102.255
85.254.124.0/23
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.159.0/24
85.254.161.0/24
85.254.168.0-85.254.170.255
85.254.176.0/23
91.190.45.0/24
159.148.73.0/24
159.148.249.0/24
Signature Algorithm: sha256WithRSAEncryption
26:66:9e:3c:3d:41:41:0d:82:9c:f9:98:47:ef:07:01:1e:6e:
91:25:36:46:28:c6:74:16:b3:8f:17:a8:e3:ae:36:13:eb:7a:
40:7f:01:4e:1a:55:5e:78:14:c9:aa:76:34:69:37:dc:02:60:
99:96:87:dd:ac:9a:18:10:a2:fa:8d:1d:45:85:54:5b:0f:3a:
af:25:53:28:67:3d:2f:65:4d:ce:ce:45:40:19:e0:d4:9a:40:
44:39:92:ee:15:f0:a0:10:62:e8:40:27:28:60:cc:bf:1d:15:
d0:50:2f:5e:d3:80:4b:31:78:aa:85:2f:1c:0b:e2:f6:6e:21:
09:f8:c9:4c:b9:ae:5e:d3:56:19:bb:db:60:a2:f3:71:33:f0:
12:1f:f9:56:2c:c1:ed:11:cc:f4:74:f9:a7:5f:41:40:a3:74:
0a:ca:b7:4d:2b:44:27:ec:b7:f3:a5:a7:17:77:ef:34:e3:8d:
12:31:81:c1:64:ff:e0:a7:4e:3a:92:44:1a:6d:ed:f9:83:64:
bd:c5:89:16:02:a8:e7:28:58:d1:ff:76:c4:f6:b6:32:77:8c:
7f:91:a6:fd:4d:a7:3d:8a:c6:90:73:09:e8:d2:2d:8f:42:8b:
8c:c0:68:6c:e4:a2:de:e4:0b:c4:6a:54:55:1d:73:1a:a8:1f:
92:79:5c:a8
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY6BRKxQQHmkxIvBekk1zhW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI3MTg1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE5OTAzNDZkYzFmMDUwYjk2NDYwOTU1MTYzYmFlMDdmZTNkOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwftfU15+XwPj4yO/kLu/H6g4shF
smgHyNYtRPkmmpUI8i2Qik6TBLDYAFObSg1ZYpsgMoiI/Rw9QzQkQNrkUt59shdv
CnnmUaAMmVh41Vqdz6Hj3sE+MZF2FwnatpSLDIi8z/5uHD45iLFFMW4r2HKovuLI
H5za2/krNyqyqP6VmySO1XvKCqEq5Uy4pv3ORS1+gyIAdLm8CCbmWxc5UN+TNcCP
RjOFmvAhwkiNXm3ZjZA5UgNBCL9GIH2DFeTpZREkWRcoOjUC1ybYUDc8Di0yOULj
/oytZLiabJJcxJMk70RoxXA87PMpB2EX22X9qgEe83cQAO6/NHamG3aT9QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFH6pkDRtwfBQuWRglVFjuuB/49m7MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZnFtUU5HM0I4RkM1WkdDVlVXTzY0SF9qMmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAFBR
PQMEAFX+RzAMAwQAVf5JAwQBVf5UMAwDBAJV/lwDBABV/mYDBAFV/nwDBABV/o0D
BABV/pUwDAMEAFX+lwMEAlX+mAMEAFX+nwMEAFX+oTAMAwQDVf6oAwQAVf6qAwQB
Vf6wAwQAW74tAwQAn5RJAwQAn5T5MA0GCSqGSIb3DQEBCwUAA4IBAQAmZp48PUFB
DYKc+ZhH7wcBHm6RJTZGKMZ0FrOPF6jjrjYT63pAfwFOGlVeeBTJqnY0aTfcAmCZ
lofdrJoYEKL6jR1FhVRbDzqvJVMoZz0vZU3OzkVAGeDUmkBEOZLuFfCgEGLoQCco
YMy/HRXQUC9e04BLMXiqhS8cC+L2biEJ+MlMua5e01YZu9tgovNxM/ASH/lWLMHt
Ecz0dPmnX0FAo3QKyrdNK0Qn7LfzpacXd+80440SMYHBZP/gp046kkQabe35g2S9
xYkWAqjnKFjR/3bE9rYyd4x/kab9Tac9isaQcwno0i2PQouMwGhs5KLe5AvEalRV
HXMaqB+SeVyo
-----END CERTIFICATE-----
Generated at Wed May 1 16:39:26 2024 by rpki-client on console-fra.rpki-client.org