Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/qJOnZ7dYiFv49AbH62Kw6Osb4eM.roa
File: qJOnZ7dYiFv49AbH62Kw6Osb4eM.roa (raw, json)
Hash identifier: UntCKVoK9Hko62xqcTATbMht5i7k706QWCya0Z7jPCQ=
Subject key identifier: A8:93:A7:67:B7:58:88:5B:F8:F4:06:C7:EB:62:B0:E8:EB:1B:E1:E3
Certificate issuer: /CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Certificate serial: 0190BFCFA3509AB4561541806537056831A2
Authority key identifier: 30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/qJOnZ7dYiFv49AbH62Kw6Osb4eM.roa
Signing time: Wed 17 Jul 2024 08:29:34 +0000
ROA not before: Wed 17 Jul 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198906
IP address blocks: 5.182.140.0/22 maxlen: 22
194.28.188.0/24 maxlen: 24
194.28.189.0/24 maxlen: 24
194.28.190.0/24 maxlen: 24
194.28.191.0/24 maxlen: 24
194.28.221.0/24 maxlen: 24
194.28.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 17:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:cf:a3:50:9a:b4:56:15:41:80:65:37:05:68:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Validity
Not Before: Jul 17 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a893a767b758885bf8f406c7eb62b0e8eb1be1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f9:8e:c8:fc:19:ad:71:af:2e:1e:55:ef:10:
c2:9a:02:56:cb:3f:4e:1f:77:1f:8a:de:14:37:de:
97:b2:73:55:2f:54:42:86:da:cd:15:7d:5f:6b:b9:
47:60:0e:d7:80:47:0e:e6:b1:24:b5:1c:0b:c9:85:
79:93:45:ff:02:83:f5:b5:c2:93:30:e9:a0:4f:a2:
28:8e:34:c3:75:d7:78:cb:34:d3:c7:f7:4a:33:80:
aa:34:cf:e0:b5:88:96:bd:8e:6c:73:1f:10:9e:fc:
b4:e2:fc:31:2c:70:60:bf:de:15:6b:a8:39:27:21:
30:af:df:d8:e5:6b:fe:47:5e:00:86:2a:87:da:d7:
b8:a6:44:47:39:0b:b6:8d:3e:7e:e4:2f:d5:13:64:
01:38:06:cd:82:38:33:2b:a8:4b:b4:ea:37:98:1d:
83:fa:7d:b0:19:f6:7c:4e:8f:a8:d3:a5:a2:f5:04:
88:96:25:22:a3:07:94:d1:c2:91:4b:d6:93:af:f5:
ba:2b:27:1f:86:f0:09:53:67:c0:d9:c0:fa:74:d2:
39:9f:9c:89:25:4d:e5:eb:4b:07:e7:b8:b1:4a:b7:
5c:02:82:05:36:97:fe:13:49:12:30:d9:1d:5e:38:
90:66:7a:50:36:51:1a:f2:b7:f0:d6:4d:48:80:6d:
fe:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:93:A7:67:B7:58:88:5B:F8:F4:06:C7:EB:62:B0:E8:EB:1B:E1:E3
X509v3 Authority Key Identifier:
keyid:30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/qJOnZ7dYiFv49AbH62Kw6Osb4eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.140.0/22
194.28.188.0/22
194.28.221.0-194.28.222.255
Signature Algorithm: sha256WithRSAEncryption
71:16:42:e0:28:2d:b8:4a:b9:29:34:81:93:ee:d1:77:3a:17:
4a:4a:60:40:30:4f:38:ed:45:e4:0b:01:51:2d:6e:d2:70:80:
cc:9f:b6:e2:8a:ea:2f:05:b1:e0:37:f1:31:d9:17:8f:69:33:
59:aa:4d:c6:77:ee:77:38:24:4a:33:ce:6d:92:d1:a9:0f:58:
d8:1e:79:10:3c:e0:30:dc:36:de:16:24:9f:1b:27:34:74:94:
62:e2:09:b5:a9:0d:be:9a:0b:e7:bc:aa:f3:ef:ae:04:88:f2:
0c:ae:16:f4:0a:05:6b:06:d6:48:ce:7c:1a:f1:26:a7:40:3c:
0f:0d:f3:99:5d:2f:17:38:a8:68:09:41:f0:b5:69:98:ae:2c:
45:0f:75:50:49:2f:49:2f:8d:12:80:d7:62:2a:d1:ee:30:e2:
6a:b3:4d:f8:06:55:84:0c:dd:02:e1:04:86:7b:af:da:fa:cf:
25:7c:c6:e1:fb:14:a8:e7:a6:6c:3f:bf:a5:a4:7d:35:6e:4b:
2c:0c:72:d7:9d:d6:c1:76:76:25:5d:b2:26:d3:2e:c1:63:77:
1a:0f:30:69:8c:bd:d2:ad:ba:13:3a:26:17:f1:bb:2a:35:2a:
7b:00:3e:17:fe:da:30:19:c2:c8:32:a6:8b:a1:aa:b3:30:d5:
6e:23:4b:bb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZC/z6NQmrRWFUGAZTcFaDGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzVkODdjMTk3YTBmYTA0ZGE4ZjIyNTM1OGQzZmFmNzg2
ZjdkMGIwHhcNMjQwNzE3MDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkzYTc2N2I3NTg4ODViZjhmNDA2YzdlYjYyYjBlOGViMWJlMWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/mOyPwZrXGvLh5V7xDCmgJWyz9O
H3cfit4UN96XsnNVL1RChtrNFX1fa7lHYA7XgEcO5rEktRwLyYV5k0X/AoP1tcKT
MOmgT6IojjTDddd4yzTTx/dKM4CqNM/gtYiWvY5scx8Qnvy04vwxLHBgv94Va6g5
JyEwr9/Y5Wv+R14AhiqH2te4pkRHOQu2jT5+5C/VE2QBOAbNgjgzK6hLtOo3mB2D
+n2wGfZ8To+o06Wi9QSIliUioweU0cKRS9aTr/W6KycfhvAJU2fA2cD6dNI5n5yJ
JU3l60sH57ixSrdcAoIFNpf+E0kSMNkdXjiQZnpQNlEa8rfw1k1IgG3+8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKiTp2e3WIhb+PQGx+tisOjrG+HjMB8GA1UdIwQY
MBaAFDB12HwZeg+gTajyJTWNP694b30LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEt
ODk5ODFjOGY5ZTdiLzEvcUpPblo3ZFlpRnY0OUFiSDYyS3c2T3NiNGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEtODk5ODFjOGY5ZTdi
LzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBbaMAwQC
why8MAwDBADCHN0DBADCHN4wDQYJKoZIhvcNAQELBQADggEBAHEWQuAoLbhKuSk0
gZPu0Xc6F0pKYEAwTzjtReQLAVEtbtJwgMyftuKK6i8FseA38THZF49pM1mqTcZ3
7nc4JEozzm2S0akPWNgeeRA84DDcNt4WJJ8bJzR0lGLiCbWpDb6aC+e8qvPvrgSI
8gyuFvQKBWsG1kjOfBrxJqdAPA8N85ldLxc4qGgJQfC1aZiuLEUPdVBJL0kvjRKA
12Iq0e4w4mqzTfgGVYQM3QLhBIZ7r9r6zyV8xuH7FKjnpmw/v6WkfTVuSywMcted
1sF2diVdsibTLsFjdxoPMGmMvdKtuhM6Jhfxuyo1KnsAPhf+2jAZwsgypouhqrMw
1W4jS7s=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:37:02 2024 by rpki-client on console-fra.rpki-client.org