Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/QuUruXsUC-ZT6rO4uYr8yx_2cLo.roa
File: QuUruXsUC-ZT6rO4uYr8yx_2cLo.roa (raw, json)
Hash identifier: 37p7F1TQ1Hf4UEG5wlN+go5IIY9DooVNSUqqWg3y7a4=
Subject key identifier: 42:E5:2B:B9:7B:14:0B:E6:53:EA:B3:B8:B9:8A:FC:CB:1F:F6:70:BA
Certificate issuer: /CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Certificate serial: 018F4D4CD3B329F9F3B4181C167B445E4044
Authority key identifier: FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/QuUruXsUC-ZT6rO4uYr8yx_2cLo.roa
Signing time: Mon 06 May 2024 09:47:11 +0000
ROA not before: Mon 06 May 2024 09:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6694
IP address blocks: 91.228.148.0/24 maxlen: 24
194.247.128.0/19 maxlen: 19
194.247.132.0/24 maxlen: 24
194.247.142.0/24 maxlen: 24
194.247.143.0/24 maxlen: 24
194.247.144.0/24 maxlen: 24
194.247.152.0/24 maxlen: 24
212.5.224.0/19 maxlen: 19
212.5.226.0/24 maxlen: 24
212.5.227.0/24 maxlen: 24
2a04:8240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/_ieWxamFRTLp7WONHDmlQcLYlSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/_ieWxamFRTLp7WONHDmlQcLYlSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:4c:d3:b3:29:f9:f3:b4:18:1c:16:7b:44:5e:40:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe2796c5a9854532e9ed638d1c39a541c2d8952c
Validity
Not Before: May 6 09:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42e52bb97b140be653eab3b8b98afccb1ff670ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:bb:05:87:23:dd:a6:9c:ad:58:2d:f4:f8:
c9:f7:7a:7f:02:34:6a:8e:f0:54:dc:57:93:38:38:
8a:08:96:82:94:39:41:ae:63:81:86:ad:da:77:8e:
1d:31:8d:6d:38:46:16:96:1c:6d:bf:b5:bc:d2:f3:
a9:11:96:d0:e1:7f:a0:93:ab:f7:bb:c8:6a:5a:56:
e8:7f:04:67:95:98:d4:5c:18:34:c0:e6:b9:95:37:
56:d9:02:2e:1a:be:c5:eb:4d:11:58:66:00:f2:af:
84:7e:34:33:5f:c2:19:7c:90:76:67:1d:2d:7a:28:
bb:55:3d:98:d5:1b:3f:39:06:0f:bc:0d:4c:16:30:
39:38:33:f8:e4:8a:70:4f:8a:5b:ab:6d:f6:ae:57:
db:fb:d4:c3:05:00:f2:0b:86:9b:68:62:01:16:c3:
60:f2:01:a9:09:a6:b4:b5:51:c6:da:18:6a:7d:cd:
52:c0:b2:36:75:82:92:03:e7:dd:2b:8a:bb:52:0a:
be:fd:e4:cb:f1:2a:07:6c:2c:f0:86:bc:b6:60:fb:
7b:99:2c:bf:f5:eb:1f:46:57:21:16:fa:2a:4e:f6:
a8:b8:54:32:29:f8:b9:bd:00:0c:15:e6:6f:ca:5f:
69:a9:dd:b0:9c:2a:d0:92:cb:d2:3d:9e:35:51:8d:
ba:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E5:2B:B9:7B:14:0B:E6:53:EA:B3:B8:B9:8A:FC:CB:1F:F6:70:BA
X509v3 Authority Key Identifier:
keyid:FE:27:96:C5:A9:85:45:32:E9:ED:63:8D:1C:39:A5:41:C2:D8:95:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ieWxamFRTLp7WONHDmlQcLYlSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/QuUruXsUC-ZT6rO4uYr8yx_2cLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cba186-e4d2-45e1-a938-0e4ab2637bed/1/_ieWxamFRTLp7WONHDmlQcLYlSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.148.0/24
194.247.128.0/19
212.5.224.0/19
IPv6:
2a04:8240::/29
Signature Algorithm: sha256WithRSAEncryption
dc:ec:98:e7:e0:08:3a:45:51:77:9a:2c:ec:5d:ac:05:30:6b:
c0:e3:ad:2d:e4:24:27:12:b8:67:58:40:e1:ac:c9:50:47:52:
77:f0:74:26:bc:9f:e6:82:93:95:ab:d4:65:e0:f7:25:b6:89:
9f:c1:9e:03:62:ac:fd:84:b5:87:88:57:14:d0:07:a8:f4:37:
53:7f:4f:ac:2f:af:a1:2c:02:1a:a5:2b:c6:4f:0b:fe:18:59:
bd:5a:48:1b:80:6d:81:72:ab:ce:3d:8b:d1:2f:e9:7f:fe:48:
42:3d:3d:85:4d:fb:0d:fc:06:35:4a:1f:97:60:a6:57:20:9e:
39:a5:f8:09:c6:b5:3c:9d:9c:ac:7a:4a:26:a4:09:b2:3e:a2:
61:c2:06:8b:ef:84:95:8b:73:71:78:21:dd:2b:57:8e:0a:07:
c6:fc:8c:47:6f:1c:25:ed:b4:c6:47:22:fc:a4:53:3c:2b:d7:
91:90:3e:76:24:ce:32:76:b4:1d:ba:5e:ee:da:23:3c:dc:1a:
c1:2c:a2:87:4b:d1:1b:20:f9:d2:c5:6e:32:fe:24:2f:04:4e:
a8:52:e5:da:5c:25:3d:25:79:17:c4:04:2d:01:c8:33:20:27:
5f:c9:dc:a2:06:48:7e:e1:36:8a:ba:ef:df:60:75:94:90:88:
56:be:93:1e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9NTNOzKfnztBgcFntEXkBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMjc5NmM1YTk4NTQ1MzJlOWVkNjM4ZDFjMzlhNTQxYzJk
ODk1MmMwHhcNMjQwNTA2MDk0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU1MmJiOTdiMTQwYmU2NTNlYWIzYjhiOThhZmNjYjFmZjY3MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjC7BYcj3aacrVgt9PjJ93p/AjRq
jvBU3FeTODiKCJaClDlBrmOBhq3ad44dMY1tOEYWlhxtv7W80vOpEZbQ4X+gk6v3
u8hqWlbofwRnlZjUXBg0wOa5lTdW2QIuGr7F600RWGYA8q+EfjQzX8IZfJB2Zx0t
eii7VT2Y1Rs/OQYPvA1MFjA5ODP45IpwT4pbq232rlfb+9TDBQDyC4abaGIBFsNg
8gGpCaa0tVHG2hhqfc1SwLI2dYKSA+fdK4q7Ugq+/eTL8SoHbCzwhry2YPt7mSy/
9esfRlchFvoqTvaouFQyKfi5vQAMFeZvyl9pqd2wnCrQksvSPZ41UY26zwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFELlK7l7FAvmU+qzuLmK/Msf9nC6MB8GA1UdIwQY
MBaAFP4nlsWphUUy6e1jjRw5pUHC2JUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5Mzgt
MGU0YWIyNjM3YmVkLzEvUXVVcnVYc1VDLVpUNnJPNHVZcjh5eF8yY0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYmExODYtZTRkMi00NWUxLWE5MzgtMGU0YWIyNjM3YmVk
LzEvX2llV3hhbUZSVExwN1dPTkhEbWxRY0xZbFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+SUAwQF
wveAAwQF1AXgMA0EAgACMAcDBQMqBIJAMA0GCSqGSIb3DQEBCwUAA4IBAQDc7Jjn
4Ag6RVF3mizsXawFMGvA460t5CQnErhnWEDhrMlQR1J38HQmvJ/mgpOVq9Rl4Pcl
tomfwZ4DYqz9hLWHiFcU0Aeo9DdTf0+sL6+hLAIapSvGTwv+GFm9WkgbgG2BcqvO
PYvRL+l//khCPT2FTfsN/AY1Sh+XYKZXIJ45pfgJxrU8nZysekompAmyPqJhwgaL
74SVi3NxeCHdK1eOCgfG/IxHbxwl7bTGRyL8pFM8K9eRkD52JM4ydrQdul7u2iM8
3BrBLKKHS9EbIPnSxW4y/iQvBE6oUuXaXCU9JXkXxAQtAcgzICdfydyiBkh+4TaK
uu/fYHWUkIhWvpMe
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:45 2024 by rpki-client on console-ams.rpki-client.org