Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QZdNq9asDJKrK93Op_usnZhs_WE.roa
File: QZdNq9asDJKrK93Op_usnZhs_WE.roa (raw, json)
Hash identifier: 0P2ocwclFuNVSG+G3FQxglfRkbzZ7oh0eXfFBPuZHQs=
Subject key identifier: 41:97:4D:AB:D6:AC:0C:92:AB:2B:DD:CE:A7:FB:AC:9D:98:6C:FD:61
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F0659A4D8D4CE7FED2CB4CE301934FE60
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QZdNq9asDJKrK93Op_usnZhs_WE.roa
Signing time: Mon 22 Apr 2024 15:08:09 +0000
ROA not before: Mon 22 Apr 2024 15:08:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203061
IP address blocks: 185.239.244.0/24 maxlen: 24
185.239.246.0/23 maxlen: 23
185.244.105.0/24 maxlen: 24
185.246.236.0/22 maxlen: 24
185.254.16.0/24 maxlen: 24
185.254.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:59:a4:d8:d4:ce:7f:ed:2c:b4:ce:30:19:34:fe:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 22 15:08:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41974dabd6ac0c92ab2bddcea7fbac9d986cfd61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:51:83:be:f8:6d:b1:80:81:3f:9e:8b:cb:
8b:14:17:a2:61:ad:4c:c1:63:4e:61:cc:ad:c4:ee:
40:ff:1c:59:61:34:fe:62:dd:f3:0e:ec:be:9d:c6:
29:48:af:fd:ae:48:3f:76:9c:28:f9:20:af:7c:a4:
ad:d5:ec:6e:e1:4d:89:47:83:68:13:15:2c:00:72:
ff:b2:4b:e1:13:37:13:4b:72:3a:09:a2:3c:dc:7a:
8d:83:95:87:a8:08:ff:df:1f:aa:c9:8d:02:d0:f5:
55:f5:2a:84:4d:d1:27:01:c4:e3:6e:a1:02:9b:52:
54:f8:49:6b:7e:72:3d:b4:24:6d:58:06:2d:68:9c:
8b:23:95:ba:ab:58:4a:c0:2f:1d:4c:6f:55:f0:66:
66:dd:56:8c:48:b7:83:eb:ac:65:39:8d:aa:fb:c5:
0e:f4:f2:ff:6a:d6:b8:2a:e1:78:14:c9:52:0f:ce:
70:13:3f:36:0d:14:dd:6b:79:b4:65:20:d4:58:3f:
05:d1:c3:b7:07:32:fa:a0:97:1a:6c:65:85:d3:2e:
1d:8a:b1:10:e1:69:c7:6e:d2:2b:6a:e2:2e:60:f8:
b1:74:5d:92:24:61:33:f8:6c:1a:05:c4:5e:71:59:
f6:85:28:1b:e2:42:bf:13:8a:bd:5c:d2:99:1a:3b:
fc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:97:4D:AB:D6:AC:0C:92:AB:2B:DD:CE:A7:FB:AC:9D:98:6C:FD:61
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/QZdNq9asDJKrK93Op_usnZhs_WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.244.0/24
185.239.246.0/23
185.244.105.0/24
185.246.236.0/22
185.254.16.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:94:a8:c8:93:c0:10:2a:be:ea:8e:b7:03:38:87:13:66:d6:
94:0e:19:ba:b6:70:d2:4c:9e:a7:0a:a4:af:22:2b:e1:e8:76:
7a:ee:7c:1a:af:f9:a6:ac:06:4c:c0:22:b5:34:b3:1d:8e:95:
d8:37:08:8c:79:d0:07:57:06:eb:73:76:4a:48:41:30:06:20:
23:f2:9c:fa:75:2d:49:af:3d:93:e8:a8:02:2d:c7:2a:73:41:
21:f8:27:15:f7:57:23:bc:1c:4f:ff:48:d7:85:43:21:13:b0:
1c:20:c3:cb:e6:73:43:80:9a:e1:60:86:79:86:65:b8:4b:ce:
c2:c9:b5:5c:bc:50:84:6c:57:5b:0b:01:da:f7:91:e1:b7:5f:
3f:fd:f9:7e:97:64:e8:69:1f:82:49:19:d2:04:21:63:30:22:
30:13:b3:95:10:80:7d:75:7b:30:ae:dc:bb:63:3a:81:58:58:
f9:77:3a:f5:6b:50:e8:8a:2b:9d:22:74:54:81:1d:9d:d9:98:
05:c8:1a:62:7a:c5:80:2a:a3:f3:21:11:37:19:77:9f:c4:d0:
96:02:45:fb:42:86:40:49:aa:b6:aa:b5:6c:4a:c9:e8:1e:98:
6f:74:7a:2a:29:a8:6e:e0:6c:d1:b1:65:d3:48:bf:cb:f8:f2:
68:ae:ba:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8GWaTY1M5/7Sy0zjAZNP5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIyMTUwODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk3NGRhYmQ2YWMwYzkyYWIyYmRkY2VhN2ZiYWM5ZDk4NmNmZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9xRg774bbGAgT+ei8uLFBeiYa1M
wWNOYcytxO5A/xxZYTT+Yt3zDuy+ncYpSK/9rkg/dpwo+SCvfKSt1exu4U2JR4No
ExUsAHL/skvhEzcTS3I6CaI83HqNg5WHqAj/3x+qyY0C0PVV9SqETdEnAcTjbqEC
m1JU+ElrfnI9tCRtWAYtaJyLI5W6q1hKwC8dTG9V8GZm3VaMSLeD66xlOY2q+8UO
9PL/ata4KuF4FMlSD85wEz82DRTda3m0ZSDUWD8F0cO3BzL6oJcabGWF0y4dirEQ
4WnHbtIrauIuYPixdF2SJGEz+GwaBcRecVn2hSgb4kK/E4q9XNKZGjv8ZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEGXTavWrAySqyvdzqf7rJ2YbP1hMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvUVpkTnE5YXNESktySzkzT3BfdXNuWmhzX1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAue/0AwQB
ue/2AwQAufRpAwQCufbsAwQBuf4QMA0GCSqGSIb3DQEBCwUAA4IBAQBalKjIk8AQ
Kr7qjrcDOIcTZtaUDhm6tnDSTJ6nCqSvIivh6HZ67nwar/mmrAZMwCK1NLMdjpXY
NwiMedAHVwbrc3ZKSEEwBiAj8pz6dS1Jrz2T6KgCLccqc0Eh+CcV91cjvBxP/0jX
hUMhE7AcIMPL5nNDgJrhYIZ5hmW4S87CybVcvFCEbFdbCwHa95Hht18//fl+l2To
aR+CSRnSBCFjMCIwE7OVEIB9dXswrty7YzqBWFj5dzr1a1DoiiudInRUgR2d2ZgF
yBpiesWAKqPzIRE3GXefxNCWAkX7QoZASaq2qrVsSsnoHphvdHoqKahu4GzRsWXT
SL/L+PJorrou
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:48 2024 by rpki-client on console-ams.rpki-client.org