Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/QDUpSwq8QwJNdR-eygzSNRq38m4.roa
File: QDUpSwq8QwJNdR-eygzSNRq38m4.roa (raw, json)
Hash identifier: 9BlPVK0eaPxSOrIIeo6pcg/ACJ1n7z6Nb5He3gU4oGM=
Subject key identifier: 40:35:29:4B:0A:BC:43:02:4D:75:1F:9E:CA:0C:D2:35:1A:B7:F2:6E
Certificate issuer: /CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Certificate serial: 018CC50010CC18815021162AFE796A5B156E
Authority key identifier: 8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/QDUpSwq8QwJNdR-eygzSNRq38m4.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15510
IP address blocks: 91.192.192.0/22 maxlen: 24
193.200.80.0/23 maxlen: 24
194.116.174.0/23 maxlen: 24
195.8.126.0/24 maxlen: 24
46.17.88.0/21 maxlen: 24
91.215.184.0/22 maxlen: 24
185.27.244.0/22 maxlen: 24
193.164.206.0/23 maxlen: 24
2a03:be80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:10:cc:18:81:50:21:16:2a:fe:79:6a:5b:15:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4035294b0abc43024d751f9eca0cd2351ab7f26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a4:21:bc:41:ea:55:d1:9e:42:27:71:cf:88:
d9:91:23:fa:66:cc:af:88:23:99:58:0c:69:d2:d2:
f5:3a:74:ad:41:53:eb:d9:5e:4e:e6:d1:18:24:50:
79:90:1e:ae:1f:e4:b5:b1:26:6a:2b:81:9a:60:ee:
ca:34:6a:8e:d9:64:37:99:67:a6:28:a7:9f:29:f0:
f4:6c:ef:53:58:bc:87:39:46:21:5d:f2:1d:6b:b8:
56:ac:9d:95:cc:9f:23:fc:f5:72:bb:17:1b:48:bf:
63:8b:54:21:85:5e:1c:fd:34:cb:32:1c:9d:72:4b:
e4:58:a0:f3:7f:23:c5:9b:43:9a:2e:52:7b:a9:4a:
b4:b8:63:7f:ca:34:d2:2f:fd:48:ab:02:6a:e7:14:
d2:4e:f1:d1:73:31:fb:5a:ec:f4:49:7d:db:c1:46:
9e:95:e2:50:7c:83:72:5c:9b:10:ac:f8:38:ff:66:
d8:a1:7b:dc:d9:dc:0c:c6:6d:f1:3c:d5:96:0c:8a:
1a:53:83:b5:27:d1:d7:01:b8:9d:34:ab:77:8f:26:
b4:79:00:5d:27:a8:d2:4a:65:7e:0b:13:5a:2e:34:
71:6c:7b:35:3a:21:5f:fd:cb:61:80:fb:7d:07:ef:
4c:81:f0:55:ce:43:a6:bc:bb:87:ed:d5:d0:ff:7d:
22:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:35:29:4B:0A:BC:43:02:4D:75:1F:9E:CA:0C:D2:35:1A:B7:F2:6E
X509v3 Authority Key Identifier:
keyid:8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/QDUpSwq8QwJNdR-eygzSNRq38m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.88.0/21
91.192.192.0/22
91.215.184.0/22
185.27.244.0/22
193.164.206.0/23
193.200.80.0/23
194.116.174.0/23
195.8.126.0/24
IPv6:
2a03:be80::/32
Signature Algorithm: sha256WithRSAEncryption
30:44:ee:76:54:ab:5e:5c:ae:35:fa:c4:d1:dc:42:27:20:96:
ed:47:86:f4:5b:35:79:ee:b6:fc:1e:f7:2c:6f:84:51:ff:61:
7b:6a:44:eb:86:dc:48:29:00:6b:08:7e:7e:5b:b0:a1:f3:2d:
70:e5:d4:40:a3:53:f5:5c:58:16:60:e9:ad:b9:50:eb:e6:7f:
11:82:61:f4:33:f5:1e:d5:ef:67:f6:22:c2:96:e3:7d:5f:5f:
a5:d8:e1:a7:35:ee:7d:da:ef:68:14:df:f1:85:a6:f8:e9:9d:
f4:2d:21:8f:64:32:0e:92:c5:5e:d7:eb:7e:9d:7d:98:f0:2b:
41:5a:6c:24:f5:b3:87:f3:c5:92:20:76:36:5a:6b:a8:2b:2d:
60:cf:79:7f:d3:27:f4:6f:7b:8a:c8:15:dd:04:9b:84:fb:1d:
89:5b:14:ea:88:e0:3d:b6:69:83:f5:56:6e:61:97:f7:e5:44:
00:d9:dd:25:45:eb:9d:89:df:88:5a:59:1a:3a:2f:c6:2b:19:
c3:87:18:62:e7:6a:e8:8f:d4:6e:dc:92:67:65:6b:a7:26:22:
3c:c0:14:42:40:1c:1f:b9:5c:3e:72:38:3c:20:3e:b3:fd:13:
9d:19:55:61:73:90:c2:eb:44:af:05:88:fc:7c:be:a7:fa:ab:
b8:2c:e3:fc
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFABDMGIFQIRYq/nlqWxVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjUxZDA2NzA3MTVlYjY5ZWZhMmZiZmYxOTk4YzNiZGJk
OGE5ZjUwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDM1Mjk0YjBhYmM0MzAyNGQ3NTFmOWVjYTBjZDIzNTFhYjdmMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKQhvEHqVdGeQidxz4jZkSP6Zsyv
iCOZWAxp0tL1OnStQVPr2V5O5tEYJFB5kB6uH+S1sSZqK4GaYO7KNGqO2WQ3mWem
KKefKfD0bO9TWLyHOUYhXfIda7hWrJ2VzJ8j/PVyuxcbSL9ji1QhhV4c/TTLMhyd
ckvkWKDzfyPFm0OaLlJ7qUq0uGN/yjTSL/1IqwJq5xTSTvHRczH7Wuz0SX3bwUae
leJQfINyXJsQrPg4/2bYoXvc2dwMxm3xPNWWDIoaU4O1J9HXAbidNKt3jya0eQBd
J6jSSmV+CxNaLjRxbHs1OiFf/cthgPt9B+9MgfBVzkOmvLuH7dXQ/30i9wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEA1KUsKvEMCTXUfnsoM0jUat/JuMB8GA1UdIwQY
MBaAFI31HQZwcV62nvovv/GZjDvb2Kn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDkt
N2E3OTRkNWNlZDNkLzEvUURVcFN3cThRd0pOZFItZXlnelNOUnEzOG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDktN2E3OTRkNWNlZDNk
LzEvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLhFYAwQC
W8DAAwQCW9e4AwQCuRv0AwQBwaTOAwQBwchQAwQBwnSuAwQAwwh+MA0EAgACMAcD
BQAqA76AMA0GCSqGSIb3DQEBCwUAA4IBAQAwRO52VKteXK41+sTR3EInIJbtR4b0
WzV57rb8Hvcsb4RR/2F7akTrhtxIKQBrCH5+W7Ch8y1w5dRAo1P1XFgWYOmtuVDr
5n8RgmH0M/Ue1e9n9iLCluN9X1+l2OGnNe592u9oFN/xhab46Z30LSGPZDIOksVe
1+t+nX2Y8CtBWmwk9bOH88WSIHY2WmuoKy1gz3l/0yf0b3uKyBXdBJuE+x2JWxTq
iOA9tmmD9VZuYZf35UQA2d0lReudid+IWlkaOi/GKxnDhxhi52roj9Ru3JJnZWun
JiI8wBRCQBwfuVw+cjg8ID6z/ROdGVVhc5DC60SvBYj8fL6n+qu4LOP8
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:16 2024 by rpki-client on console-fra.rpki-client.org