Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/QMG_1qznitDdCrUKHWUaYymDwd4.roa
File: QMG_1qznitDdCrUKHWUaYymDwd4.roa (raw, json)
Hash identifier: YpWrEA/DI6MK6bIOwCqbCskZTmz6UyP0aLWQFOBcO2o=
Subject key identifier: 40:C1:BF:D6:AC:E7:8A:D0:DD:0A:B5:0A:1D:65:1A:63:29:83:C1:DE
Certificate issuer: /CN=c83670987d01d41ee2b564698c8271f50dee4ce1
Certificate serial: 01904AA17875AE18D817B60EF5A4082781DC
Authority key identifier: C8:36:70:98:7D:01:D4:1E:E2:B5:64:69:8C:82:71:F5:0D:EE:4C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDZwmH0B1B7itWRpjIJx9Q3uTOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/QMG_1qznitDdCrUKHWUaYymDwd4.roa
Signing time: Mon 24 Jun 2024 14:23:34 +0000
ROA not before: Mon 24 Jun 2024 14:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212097
IP address blocks: 62.133.36.0/22 maxlen: 22
62.133.36.0/24 maxlen: 24
62.133.37.0/24 maxlen: 24
62.133.38.0/24 maxlen: 24
62.133.39.0/24 maxlen: 24
185.230.102.0/24 maxlen: 24
193.46.32.0/22 maxlen: 22
193.46.32.0/24 maxlen: 24
193.46.33.0/24 maxlen: 24
193.46.34.0/24 maxlen: 24
193.46.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/yDZwmH0B1B7itWRpjIJx9Q3uTOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/yDZwmH0B1B7itWRpjIJx9Q3uTOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yDZwmH0B1B7itWRpjIJx9Q3uTOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:a1:78:75:ae:18:d8:17:b6:0e:f5:a4:08:27:81:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c83670987d01d41ee2b564698c8271f50dee4ce1
Validity
Not Before: Jun 24 14:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c1bfd6ace78ad0dd0ab50a1d651a632983c1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:1c:81:0a:dd:47:1f:d9:70:3f:b6:d0:62:
d3:ba:a2:f2:31:89:f2:5d:26:ae:06:1d:67:ee:22:
43:c5:73:fe:a1:1f:4d:5f:ad:4b:e8:13:c0:26:06:
ea:fa:d3:27:0e:8b:d1:1e:48:a7:fe:ef:e2:92:15:
5b:a3:1e:cf:87:17:c3:db:b1:19:ac:bc:ad:1f:39:
c4:95:68:e4:d1:0a:51:2a:81:16:b8:6c:67:78:96:
83:58:e0:75:cd:ff:df:c1:08:e9:64:c1:54:2c:9f:
13:25:bb:7a:61:c1:c5:d3:40:29:f9:bb:1c:0c:af:
b3:57:bb:1a:9b:e0:d5:da:72:3f:f0:5e:9d:2e:b3:
c5:c4:cf:ac:d0:e4:ee:87:0c:87:c9:36:e3:17:26:
6e:26:11:fb:56:c0:15:e9:82:5e:2e:1c:68:da:3f:
93:56:3e:ab:46:4a:fb:6f:46:40:36:a3:ba:cc:e2:
af:5f:eb:06:3f:8f:4f:f6:4a:31:0a:0a:0a:39:45:
03:79:64:8a:36:e2:0d:4d:7d:df:56:e2:19:10:a9:
cb:d3:42:1d:48:6f:9e:16:a1:7c:e5:19:28:45:2c:
4f:46:c3:f2:08:30:a6:71:00:1b:65:9d:ce:0f:32:
b6:01:61:db:80:70:0a:29:47:44:d3:03:d6:ef:e5:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C1:BF:D6:AC:E7:8A:D0:DD:0A:B5:0A:1D:65:1A:63:29:83:C1:DE
X509v3 Authority Key Identifier:
keyid:C8:36:70:98:7D:01:D4:1E:E2:B5:64:69:8C:82:71:F5:0D:EE:4C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDZwmH0B1B7itWRpjIJx9Q3uTOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/QMG_1qznitDdCrUKHWUaYymDwd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/yDZwmH0B1B7itWRpjIJx9Q3uTOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.36.0/22
185.230.102.0/24
193.46.32.0/22
Signature Algorithm: sha256WithRSAEncryption
78:b6:fe:9f:d2:ec:e4:32:02:2c:49:36:0e:aa:81:84:36:9e:
9e:52:ea:a2:6c:17:f9:92:3c:5c:b7:72:8c:62:d5:48:58:f7:
ca:87:05:11:b2:8c:9d:fa:dc:c7:fb:be:99:59:e0:84:5a:c6:
30:6a:b0:e9:22:40:cf:fd:5b:3f:63:91:55:f1:8a:d2:43:e8:
3e:45:77:0a:fc:89:43:d3:20:32:85:bb:1c:d1:6f:08:e6:96:
0d:bd:ce:ab:d9:fe:91:42:8c:ba:fc:52:03:65:89:d9:98:d3:
0b:b5:dd:8d:69:67:32:dd:2f:18:0f:da:78:bd:dd:c1:7d:1a:
db:a6:5d:2e:39:e3:42:b1:22:9b:18:a3:14:39:30:40:6f:46:
c4:96:88:05:91:5b:c8:d5:d1:b0:b0:d7:7c:78:36:29:cf:cf:
33:4d:d0:b3:47:1a:76:8b:1d:8d:77:dd:18:8c:1f:9b:86:8f:
62:9d:fb:44:be:53:08:60:02:a5:78:16:8a:28:fb:bc:5d:9f:
a5:4a:bc:e4:60:1f:d2:00:71:de:54:ac:bc:b0:fa:a7:2f:29:
20:f2:ae:f3:c6:5a:aa:84:d7:f0:3c:f2:8b:69:1b:4d:03:f0:
d2:7d:dd:54:8a:1e:eb:a8:27:db:2a:de:12:d9:af:23:c5:d9:
e4:41:7f:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBKoXh1rhjYF7YO9aQIJ4HcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MzY3MDk4N2QwMWQ0MWVlMmI1NjQ2OThjODI3MWY1MGRl
ZTRjZTEwHhcNMjQwNjI0MTQyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMxYmZkNmFjZTc4YWQwZGQwYWI1MGExZDY1MWE2MzI5ODNjMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHscgQrdRx/ZcD+20GLTuqLyMYny
XSauBh1n7iJDxXP+oR9NX61L6BPAJgbq+tMnDovRHkin/u/ikhVbox7PhxfD27EZ
rLytHznElWjk0QpRKoEWuGxneJaDWOB1zf/fwQjpZMFULJ8TJbt6YcHF00Ap+bsc
DK+zV7sam+DV2nI/8F6dLrPFxM+s0OTuhwyHyTbjFyZuJhH7VsAV6YJeLhxo2j+T
Vj6rRkr7b0ZANqO6zOKvX+sGP49P9koxCgoKOUUDeWSKNuINTX3fVuIZEKnL00Id
SG+eFqF85RkoRSxPRsPyCDCmcQAbZZ3ODzK2AWHbgHAKKUdE0wPW7+XSDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDBv9as54rQ3Qq1Ch1lGmMpg8HeMB8GA1UdIwQY
MBaAFMg2cJh9AdQe4rVkaYyCcfUN7kzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveURad21IMEIxQjdpdFdScGpJSng5UTN1VE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82MThkNWUtM2YyOC00MThkLWJmNGYt
MmE2MGNjOThhOGQzLzEvUU1HXzFxem5pdERkQ3JVS0hXVWFZeW1Ed2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82MThkNWUtM2YyOC00MThkLWJmNGYtMmE2MGNjOThhOGQz
LzEveURad21IMEIxQjdpdFdScGpJSng5UTN1VE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPoUkAwQA
ueZmAwQCwS4gMA0GCSqGSIb3DQEBCwUAA4IBAQB4tv6f0uzkMgIsSTYOqoGENp6e
UuqibBf5kjxct3KMYtVIWPfKhwURsoyd+tzH+76ZWeCEWsYwarDpIkDP/Vs/Y5FV
8YrSQ+g+RXcK/IlD0yAyhbsc0W8I5pYNvc6r2f6RQoy6/FIDZYnZmNMLtd2NaWcy
3S8YD9p4vd3BfRrbpl0uOeNCsSKbGKMUOTBAb0bElogFkVvI1dGwsNd8eDYpz88z
TdCzRxp2ix2Nd90YjB+bho9inftEvlMIYAKleBaKKPu8XZ+lSrzkYB/SAHHeVKy8
sPqnLykg8q7zxlqqhNfwPPKLaRtNA/DSfd1Uih7rqCfbKt4S2a8jxdnkQX+e
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:12 2024 by rpki-client on console-fra.rpki-client.org