Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/iblfuSt1iwYEJjrIfY_0cO__l6o.roa
File: iblfuSt1iwYEJjrIfY_0cO__l6o.roa (raw, json)
Hash identifier: OhQpZxYHk+5ZlO3P8Vt06qMH1TxKufMfUgw6N7+eVdc=
Subject key identifier: 89:B9:5F:B9:2B:75:8B:06:04:26:3A:C8:7D:8F:F4:70:EF:FF:97:AA
Certificate issuer: /CN=41e42d830eca98a533f4372da169c9c792c393b2
Certificate serial: 018CCA284F7EF1468C8A070A83C37DB56314
Authority key identifier: 41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/iblfuSt1iwYEJjrIfY_0cO__l6o.roa
Signing time: Tue 02 Jan 2024 12:31:28 +0000
ROA not before: Tue 02 Jan 2024 12:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200548
IP address blocks: 185.159.120.0/22 maxlen: 24
185.159.122.0/24 maxlen: 24
185.159.123.0/24 maxlen: 24
130.0.92.0/22 maxlen: 22
185.189.221.0/24 maxlen: 24
185.189.222.0/24 maxlen: 24
185.189.223.0/24 maxlen: 24
185.189.220.0/24 maxlen: 24
185.189.220.0/22 maxlen: 22
45.87.188.0/22 maxlen: 22
45.87.189.0/24 maxlen: 24
45.87.190.0/24 maxlen: 24
45.87.191.0/24 maxlen: 24
91.230.22.0/24 maxlen: 24
192.76.138.0/24 maxlen: 24
185.174.72.0/22 maxlen: 24
2a0b:f880::/32 maxlen: 32
2a0b:f880::/29 maxlen: 29
2a0b:fb00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:4f:7e:f1:46:8c:8a:07:0a:83:c3:7d:b5:63:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e42d830eca98a533f4372da169c9c792c393b2
Validity
Not Before: Jan 2 12:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89b95fb92b758b0604263ac87d8ff470efff97aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2a:ea:5a:69:48:b4:eb:35:88:03:d5:ad:83:
9f:87:e3:09:c3:e3:c1:be:6f:8e:f0:f1:12:55:34:
05:e4:7d:bf:5d:bd:5a:b1:5c:7c:0a:7a:ca:a5:fc:
cd:3b:50:f6:69:4c:97:38:50:7f:c5:a7:be:ce:99:
00:9e:6f:5e:ec:f0:31:9e:04:8d:34:45:fc:fd:c5:
28:3c:b7:81:f0:13:60:f6:93:96:ed:c0:cb:67:9b:
55:db:e8:47:0a:14:b4:42:8e:1e:30:c9:fe:5c:df:
3b:04:18:2b:9f:32:b7:7a:14:3a:be:07:04:42:dd:
5b:18:f5:b9:4a:cc:66:c0:7d:57:15:85:34:ef:1b:
3a:89:ed:a0:d9:e2:b2:f4:4c:ad:3a:29:29:0e:c9:
5b:ea:54:73:6b:bf:c9:98:a3:cc:4b:f1:60:11:4a:
be:a9:30:14:20:b8:e1:5c:00:27:fa:e8:81:b9:57:
7f:c0:e8:82:c2:94:c0:6b:ee:e0:0c:40:00:18:32:
16:88:64:77:fb:be:42:5c:1b:0e:b0:53:8a:f0:1f:
07:7e:ad:b5:4d:a0:6c:24:54:b2:61:9b:ee:1d:3b:
1b:7d:69:e1:95:3c:eb:57:76:76:64:b2:49:6f:f5:
c2:40:18:35:55:b1:ca:0c:18:3a:4c:73:cc:be:f6:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B9:5F:B9:2B:75:8B:06:04:26:3A:C8:7D:8F:F4:70:EF:FF:97:AA
X509v3 Authority Key Identifier:
keyid:41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/iblfuSt1iwYEJjrIfY_0cO__l6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.188.0/22
91.230.22.0/24
130.0.92.0/22
185.159.120.0/22
185.174.72.0/22
185.189.220.0/22
192.76.138.0/24
IPv6:
2a0b:f880::/29
2a0b:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
32:2e:d3:6b:8a:3d:58:89:91:76:83:01:e7:d2:04:33:46:31:
4a:71:6a:48:3c:ed:54:6e:b7:16:1e:6e:8a:8b:02:b2:83:f0:
37:18:03:6e:89:9b:43:13:2d:12:6a:32:40:d2:40:a2:1c:65:
2f:70:16:21:41:be:a6:c9:d4:98:c7:dd:62:ff:ff:a4:c3:c2:
4b:dd:72:7a:a1:37:17:07:a2:f9:8e:77:c5:e2:90:cd:8b:3d:
d8:a7:bf:6b:24:3f:69:8f:83:42:2b:27:e2:cd:96:3f:6b:ac:
ae:77:08:99:73:e3:02:57:9f:5e:04:20:72:e5:89:42:27:f9:
a7:cd:35:90:ec:ca:6c:e3:5a:30:0e:a7:6e:6f:e2:57:1c:70:
8f:29:c9:e4:e5:2b:fb:99:3d:48:b4:ec:20:db:fd:0b:36:0f:
32:c1:d7:48:13:eb:d8:42:1a:7b:32:db:d4:e2:b5:bc:2c:53:
d0:38:97:c2:a3:f6:8c:c7:53:be:b7:4c:bc:cb:49:19:e9:64:
d5:9a:f6:93:6d:67:88:76:81:bd:61:10:e0:f1:35:ba:64:aa:
14:5a:3e:24:53:5c:1d:8c:4e:de:ed:30:59:79:7b:86:bc:eb:
b4:b2:f0:58:8b:2f:c2:e9:71:7c:cd:ec:d7:5b:75:27:77:0c:
2a:c5:88:be
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzKKE9+8UaMigcKg8N9tWMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTQyZDgzMGVjYTk4YTUzM2Y0MzcyZGExNjljOWM3OTJj
MzkzYjIwHhcNMjQwMTAyMTIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI5NWZiOTJiNzU4YjA2MDQyNjNhYzg3ZDhmZjQ3MGVmZmY5N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgirqWmlItOs1iAPVrYOfh+MJw+PB
vm+O8PESVTQF5H2/Xb1asVx8CnrKpfzNO1D2aUyXOFB/xae+zpkAnm9e7PAxngSN
NEX8/cUoPLeB8BNg9pOW7cDLZ5tV2+hHChS0Qo4eMMn+XN87BBgrnzK3ehQ6vgcE
Qt1bGPW5SsxmwH1XFYU07xs6ie2g2eKy9EytOikpDslb6lRza7/JmKPMS/FgEUq+
qTAUILjhXAAn+uiBuVd/wOiCwpTAa+7gDEAAGDIWiGR3+75CXBsOsFOK8B8Hfq21
TaBsJFSyYZvuHTsbfWnhlTzrV3Z2ZLJJb/XCQBg1VbHKDBg6THPMvvbXjQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIm5X7krdYsGBCY6yH2P9HDv/5eqMB8GA1UdIwQY
MBaAFEHkLYMOypilM/Q3LaFpyceSw5OyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVRdGd3N0ttS1V6OURjdG9Xbkp4NUxEazdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80OTU2ZGYtOTFkYy00NDkwLTgzMzMt
MWFkNjFlZGUwYTRhLzEvaWJsZnVTdDFpd1lFSmpySWZZXzBjT19fbDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80OTU2ZGYtOTFkYy00NDkwLTgzMzMtMWFkNjFlZGUwYTRh
LzEvUWVRdGd3N0ttS1V6OURjdG9Xbkp4NUxEazdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLVe8AwQA
W+YWAwQCggBcAwQCuZ94AwQCua5IAwQCub3cAwQAwEyKMBQEAgACMA4DBQMqC/iA
AwUDKgv7ADANBgkqhkiG9w0BAQsFAAOCAQEAMi7Ta4o9WImRdoMB59IEM0YxSnFq
SDztVG63Fh5uiosCsoPwNxgDbombQxMtEmoyQNJAohxlL3AWIUG+psnUmMfdYv//
pMPCS91yeqE3Fwei+Y53xeKQzYs92Ke/ayQ/aY+DQisn4s2WP2usrncImXPjAlef
XgQgcuWJQif5p801kOzKbONaMA6nbm/iVxxwjynJ5OUr+5k9SLTsINv9CzYPMsHX
SBPr2EIaezLb1OK1vCxT0DiXwqP2jMdTvrdMvMtJGelk1Zr2k21niHaBvWEQ4PE1
umSqFFo+JFNcHYxO3u0wWXl7hrzrtLLwWIsvwulxfM3s11t1J3cMKsWIvg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:36:06 2024 by rpki-client on console-ams.rpki-client.org