Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/q1ZcYf_JT9N80meN4fls3Ej1Qzk.roa
File: q1ZcYf_JT9N80meN4fls3Ej1Qzk.roa (raw, json)
Hash identifier: UAg1NpJEoY46Kw1drG00gS5dW3iZ/CFxJltHjHzgqz0=
Subject key identifier: AB:56:5C:61:FF:C9:4F:D3:7C:D2:67:8D:E1:F9:6C:DC:48:F5:43:39
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 018CC56EFE0E00E23D90F88292587B7864D5
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/q1ZcYf_JT9N80meN4fls3Ej1Qzk.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33891
IP address blocks: 92.43.104.0/21 maxlen: 21
92.43.109.0/24 maxlen: 24
92.43.110.0/24 maxlen: 24
92.43.106.0/24 maxlen: 24
92.43.107.0/24 maxlen: 24
92.43.108.0/24 maxlen: 24
80.255.0.0/20 maxlen: 20
5.56.16.0/21 maxlen: 21
82.199.149.0/24 maxlen: 24
82.199.151.0/24 maxlen: 24
82.199.152.0/24 maxlen: 24
82.199.146.0/24 maxlen: 24
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
83.142.80.0/21 maxlen: 21
82.199.153.0/24 maxlen: 24
82.199.154.0/24 maxlen: 24
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
31.7.176.0/20 maxlen: 20
31.7.182.0/24 maxlen: 24
31.7.183.0/24 maxlen: 24
81.95.0.0/20 maxlen: 20
81.95.8.0/24 maxlen: 24
81.95.9.0/24 maxlen: 24
82.199.128.0/19 maxlen: 19
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.128.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
82.199.142.0/24 maxlen: 24
82.199.143.0/24 maxlen: 24
82.199.144.0/24 maxlen: 24
82.199.145.0/24 maxlen: 24
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:62::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:5::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a01:4a0::/32 maxlen: 32
2a01:4a0:42::/48 maxlen: 48
2a01:4a0:38::/48 maxlen: 48
2a01:4a0:56::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0::/29 maxlen: 29
2a01:4a0:17::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:43::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fe:0e:00:e2:3d:90:f8:82:92:58:7b:78:64:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab565c61ffc94fd37cd2678de1f96cdc48f54339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8d:6c:ca:29:b5:1d:9d:86:e4:d4:97:74:59:
c6:49:e2:92:12:f7:cd:ae:be:61:7d:40:6b:a4:7d:
e9:f5:f8:cf:cd:68:ce:ed:5b:4c:26:7d:0c:dc:d4:
15:45:b6:2a:50:5e:1c:7d:a9:08:74:2f:c2:dc:e5:
2a:4e:73:62:d3:53:bb:22:f5:c7:ff:f1:4b:30:dc:
bd:f1:76:91:07:57:2b:3d:f3:48:0d:e0:06:55:d6:
32:5d:cc:3c:89:d4:b5:d9:41:62:f5:05:fe:82:a8:
c2:f1:28:11:f4:3b:ab:06:33:41:68:b2:d9:39:ff:
28:08:ec:19:a9:26:11:c4:31:d6:78:36:79:75:57:
49:b7:96:ff:12:4f:0a:1e:ed:82:f8:a7:b8:0d:f1:
3f:5f:51:af:f5:fb:80:94:d7:fc:c6:32:ec:7c:17:
a7:25:2f:66:0b:99:b8:77:a4:8c:e5:0e:f2:da:be:
d3:52:25:44:d1:68:2e:b8:55:e5:5d:d0:dc:67:fb:
95:48:64:fa:21:a3:bb:f2:a1:8c:d9:0b:f6:eb:75:
c1:61:da:70:c7:21:7e:69:d1:57:2b:54:16:fd:aa:
03:1e:e4:5a:aa:b8:76:1c:6a:7b:e0:99:e5:88:e2:
6a:26:d0:b2:56:41:29:32:28:47:94:da:c9:57:b4:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:56:5C:61:FF:C9:4F:D3:7C:D2:67:8D:E1:F9:6C:DC:48:F5:43:39
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/q1ZcYf_JT9N80meN4fls3Ej1Qzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
195.138.248.0/21
IPv6:
2a01:4a0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:16:35:11:42:5d:76:9f:11:93:ae:50:f7:4b:86:93:99:38:
b2:53:36:14:eb:e0:43:71:e1:36:77:7f:68:02:e4:09:0e:9b:
d5:c9:8a:bc:13:3c:c4:0b:7a:c7:47:92:ab:17:08:a2:c5:da:
6c:91:c1:36:06:d4:31:e8:c9:8d:ec:c5:34:12:7e:88:78:b2:
08:71:36:bc:2c:c1:74:c4:c1:c8:74:3a:37:93:f2:47:e3:c2:
9b:33:d6:a9:1a:2b:d1:ab:3a:80:b4:1b:44:69:56:21:1a:f4:
c0:0c:ad:ea:e5:ae:87:57:be:42:1a:32:0f:5f:df:ca:d6:3c:
a2:2e:a5:ec:87:f9:67:7e:b7:b1:39:f1:1a:6c:8e:74:22:37:
1e:59:d2:46:c5:ad:36:ac:20:f6:e3:55:a5:1f:b1:b0:67:a4:
bc:57:c5:46:7b:5f:98:d3:99:7e:1b:75:39:47:f4:c8:29:03:
c7:d4:60:88:cd:b0:25:ed:33:d1:92:f9:b0:c6:f4:d0:0b:25:
3b:6a:41:0b:2f:bf:26:bb:45:06:ff:b2:06:b5:76:9a:20:d1:
6e:12:ed:38:1a:df:20:ed:98:1e:1c:b6:0d:ce:af:19:d4:c5:
42:38:ce:db:90:31:2d:f0:d5:e8:1e:8c:fc:ac:90:62:07:6c:
1d:b5:32:77
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFbv4OAOI9kPiCklh7eGTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU2NWM2MWZmYzk0ZmQzN2NkMjY3OGRlMWY5NmNkYzQ4ZjU0MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio1syim1HZ2G5NSXdFnGSeKSEvfN
rr5hfUBrpH3p9fjPzWjO7VtMJn0M3NQVRbYqUF4cfakIdC/C3OUqTnNi01O7IvXH
//FLMNy98XaRB1crPfNIDeAGVdYyXcw8idS12UFi9QX+gqjC8SgR9DurBjNBaLLZ
Of8oCOwZqSYRxDHWeDZ5dVdJt5b/Ek8KHu2C+Ke4DfE/X1Gv9fuAlNf8xjLsfBen
JS9mC5m4d6SM5Q7y2r7TUiVE0WguuFXlXdDcZ/uVSGT6IaO78qGM2Qv263XBYdpw
xyF+adFXK1QW/aoDHuRaqrh2HGp74JnliOJqJtCyVkEpMihHlNrJV7RxrwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKtWXGH/yU/TfNJnjeH5bNxI9UM5MB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvcTFaY1lmX0pUOU44MG1lTjRmbHMzRWoxUXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBTgQAwQE
HwewAwQEUP8AAwQEUV8AAwQFUseAAwQDU45QAwQDXCtoAwQDw4r4MA0EAgACMAcD
BQMqAQSgMA0GCSqGSIb3DQEBCwUAA4IBAQAOFjURQl12nxGTrlD3S4aTmTiyUzYU
6+BDceE2d39oAuQJDpvVyYq8EzzEC3rHR5KrFwiixdpskcE2BtQx6MmN7MU0En6I
eLIIcTa8LMF0xMHIdDo3k/JH48KbM9apGivRqzqAtBtEaVYhGvTADK3q5a6HV75C
GjIPX9/K1jyiLqXsh/lnfrexOfEabI50IjceWdJGxa02rCD241WlH7GwZ6S8V8VG
e1+Y05l+G3U5R/TIKQPH1GCIzbAl7TPRkvmwxvTQCyU7akELL78mu0UG/7IGtXaa
INFuEu04Gt8g7ZgeHLYNzq8Z1MVCOM7bkDEt8NXoHoz8rJBiB2wdtTJ3
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:45:19 2024 by rpki-client on console-fra.rpki-client.org