Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qwCXL4dhBaBgF9phuNcAAHZaM3o.roa
File: qwCXL4dhBaBgF9phuNcAAHZaM3o.roa (raw, json)
Hash identifier: NXQRB/BupIKHTSiICAEWM3w4N1TiaeeX1XhJH0jR3BY=
Subject key identifier: AB:00:97:2F:87:61:05:A0:60:17:DA:61:B8:D7:00:00:76:5A:33:7A
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCE26A0672447E0F491D80783D93C
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qwCXL4dhBaBgF9phuNcAAHZaM3o.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25408
IP address blocks: 185.42.80.0/22 maxlen: 24
37.112.248.0/21 maxlen: 24
88.204.96.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ce:26:a0:67:24:47:e0:f4:91:d8:07:83:d9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab00972f876105a06017da61b8d70000765a337a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:44:68:4a:f0:45:55:13:fe:b5:ef:48:86:a2:
ea:4e:2e:25:c7:bc:1e:50:fe:9c:86:5c:36:88:34:
76:73:26:9b:95:42:d5:60:68:1c:1a:51:34:ea:ce:
ba:52:dc:64:ab:e9:f5:be:55:a5:6b:6b:99:cc:39:
55:aa:ff:94:73:f8:b7:c4:10:d4:e1:39:1e:64:d2:
88:90:1b:72:9f:a0:42:df:f1:cb:ed:86:65:26:b6:
23:78:51:fa:bc:b8:54:6e:69:1b:9f:b8:43:d1:e8:
9b:16:5b:eb:38:cd:0d:d0:8b:5e:88:7e:88:38:30:
ce:f9:35:79:e8:e8:be:48:ed:57:b7:66:8d:f0:ce:
65:3d:be:03:cf:75:48:34:03:ec:90:6f:10:d4:a6:
b0:2b:05:f6:6d:2b:40:4a:86:78:0d:1e:44:1b:df:
db:00:53:9a:a3:36:2a:8f:34:5c:8d:93:7e:1a:d0:
36:f5:c5:4b:36:cf:be:e2:50:d6:1c:bf:ed:50:b9:
15:1b:fe:7e:f4:c2:95:ea:89:8a:f0:b2:86:4b:b4:
e3:9f:87:fc:4a:71:eb:69:b7:1d:4f:94:9c:7a:a2:
55:42:51:80:ea:9c:8b:f9:3e:ab:9c:50:26:c2:0b:
e4:47:75:28:38:f0:a6:dc:0a:8f:b6:09:7d:09:26:
33:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:00:97:2F:87:61:05:A0:60:17:DA:61:B8:D7:00:00:76:5A:33:7A
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qwCXL4dhBaBgF9phuNcAAHZaM3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.112.248.0/21
88.204.96.0/23
185.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:cd:c6:70:c8:f6:9b:89:a7:8d:c6:0f:0a:59:82:42:b3:af:
f1:a2:19:65:e7:c4:8a:85:d0:94:c4:45:0f:71:24:04:d2:60:
98:62:a2:34:c2:0f:b2:2d:2d:52:dc:de:f5:3f:8d:86:11:a2:
df:68:3e:02:f6:82:78:42:72:3a:ba:7d:90:92:37:ab:74:b1:
86:54:f7:7b:7e:98:68:34:9e:dc:af:b2:6e:04:f8:9c:9f:30:
78:7c:24:79:d7:e0:d6:e1:d7:fc:30:70:b7:41:f9:45:9f:cf:
15:f7:a9:b1:f3:b6:ec:e8:66:79:b9:c1:62:b4:c3:50:a2:2f:
7b:ec:84:c2:07:3c:88:db:23:4f:80:c9:2b:f0:86:16:81:76:
73:6e:f2:42:63:29:95:e1:cf:b8:32:65:f6:85:c2:87:01:c7:
4b:66:e2:16:fb:35:4e:3a:a8:c3:f9:20:d9:79:24:1a:22:c2:
b0:35:6c:bf:0c:7e:f8:ea:85:7a:4c:78:26:98:d5:b2:49:ff:
a8:79:a9:87:e4:40:33:7b:9e:46:ea:dd:8c:9b:f3:fe:78:59:
85:1d:04:f3:ba:5c:dd:1f:64:1d:49:e9:63:82:bc:52:a9:73:
71:be:36:bb:8c:39:ac:67:1b:a9:32:f8:cc:82:11:04:b2:67:
23:d6:ea:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvM4moGckR+D0kdgHg9k8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAwOTcyZjg3NjEwNWEwNjAxN2RhNjFiOGQ3MDAwMDc2NWEzMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kRoSvBFVRP+te9IhqLqTi4lx7we
UP6chlw2iDR2cyablULVYGgcGlE06s66Utxkq+n1vlWla2uZzDlVqv+Uc/i3xBDU
4TkeZNKIkBtyn6BC3/HL7YZlJrYjeFH6vLhUbmkbn7hD0eibFlvrOM0N0IteiH6I
ODDO+TV56Oi+SO1Xt2aN8M5lPb4Dz3VINAPskG8Q1KawKwX2bStASoZ4DR5EG9/b
AFOaozYqjzRcjZN+GtA29cVLNs++4lDWHL/tULkVG/5+9MKV6omK8LKGS7Tjn4f8
SnHrabcdT5SceqJVQlGA6pyL+T6rnFAmwgvkR3UoOPCm3AqPtgl9CSYzmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKsAly+HYQWgYBfaYbjXAAB2WjN6MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvcXdDWEw0ZGhCYUJnRjlwaHVOY0FBSFphTTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJXD4AwQB
WMxgAwQCuSpQMA0GCSqGSIb3DQEBCwUAA4IBAQClzcZwyPabiaeNxg8KWYJCs6/x
ohll58SKhdCUxEUPcSQE0mCYYqI0wg+yLS1S3N71P42GEaLfaD4C9oJ4QnI6un2Q
kjerdLGGVPd7fphoNJ7cr7JuBPicnzB4fCR51+DW4df8MHC3QflFn88V96mx87bs
6GZ5ucFitMNQoi977ITCBzyI2yNPgMkr8IYWgXZzbvJCYymV4c+4MmX2hcKHAcdL
ZuIW+zVOOqjD+SDZeSQaIsKwNWy/DH746oV6THgmmNWySf+oeamH5EAze55G6t2M
m/P+eFmFHQTzulzdH2QdSeljgrxSqXNxvja7jDmsZxupMvjMghEEsmcj1up4
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:45 2024 by rpki-client on console-fra.rpki-client.org