Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qzn-irVgSPNsYBThkRix2BmLdoQ.roa
File: Qzn-irVgSPNsYBThkRix2BmLdoQ.roa (raw, json)
Hash identifier: ou+V9obaMrnCSF2xbgUhdMN7uy8Z6VFwNekScseBSnw=
Subject key identifier: 43:39:FE:8A:B5:60:48:F3:6C:60:14:E1:91:18:B1:D8:19:8B:76:84
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018EA51698B04FC2249D5E85ED83C82D38CC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qzn-irVgSPNsYBThkRix2BmLdoQ.roa
Signing time: Wed 03 Apr 2024 17:51:45 +0000
ROA not before: Wed 03 Apr 2024 17:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265770
IP address blocks: 5.253.228.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.128.20.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.32.126.0/24 maxlen: 24
89.40.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:16:98:b0:4f:c2:24:9d:5e:85:ed:83:c8:2d:38:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 3 17:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4339fe8ab56048f36c6014e19118b1d8198b7684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:d3:25:4c:01:a6:e6:07:89:60:61:c3:08:
bf:3a:70:a4:7d:5f:01:3a:a2:1b:d4:bd:80:84:e7:
1c:2a:56:59:bb:f2:e0:7f:3c:02:40:95:2b:c5:f6:
ab:de:a9:e4:4d:30:81:16:ae:27:46:91:ae:a6:e9:
73:2a:be:e1:a2:ee:80:f5:02:11:9f:3e:5e:5a:c2:
a6:b1:ff:22:0c:53:bb:e6:d8:17:8c:1e:5a:bd:11:
71:1a:20:f2:70:e6:ad:64:88:b8:f2:2b:92:8d:cb:
a9:c5:13:ec:ec:5a:5c:05:c5:d4:94:17:ac:91:a0:
dc:38:53:2f:8e:fe:9d:84:89:3a:ff:11:55:ce:12:
af:39:41:03:ec:80:c7:fa:7e:b0:6f:e8:7b:1c:f8:
f6:98:3a:19:28:2f:1e:36:5f:45:e5:4c:a1:3e:ac:
ce:84:e6:fc:80:22:ef:ab:12:d1:9b:ce:70:f1:16:
1f:e1:50:77:45:c5:ab:6f:b5:c1:54:f7:00:da:4a:
70:f9:04:72:ec:7d:4f:af:78:e2:11:b3:57:f1:37:
82:d1:6c:32:36:3d:23:aa:35:31:5d:32:d9:f8:1a:
ee:af:a8:9a:ea:9e:04:f8:f6:8b:a1:c1:99:88:12:
b2:db:a5:f3:cd:fe:1d:ed:db:3b:73:0b:1f:cc:08:
dd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:39:FE:8A:B5:60:48:F3:6C:60:14:E1:91:18:B1:D8:19:8B:76:84
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Qzn-irVgSPNsYBThkRix2BmLdoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.228.0/22
45.15.244.0/22
45.91.84.0/22
45.128.20.0/22
45.151.196.0/22
89.32.126.0/24
89.40.35.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:28:9c:6a:b9:22:7e:54:3e:cc:1b:88:a2:86:cc:82:83:f5:
3d:01:10:9e:91:f5:c4:08:0a:90:58:c2:6a:6a:c7:62:d1:aa:
e6:a5:f8:0a:64:5d:01:08:10:ac:df:cf:83:6f:d8:9c:ee:1c:
3b:b8:f2:09:57:32:8c:3c:4a:02:84:33:ed:f4:42:fa:d1:c8:
72:f6:cb:1a:0e:c2:cf:26:b2:e7:6a:16:8b:c1:9c:b2:9a:e6:
73:c1:fe:61:25:4f:da:b0:4a:77:82:fb:4e:e3:b3:32:0a:83:
0f:5b:04:d7:55:62:ca:42:a1:9c:69:13:61:2b:f5:59:25:a9:
71:f2:cd:ae:e6:cb:e0:eb:83:88:ba:04:87:a6:b4:44:e4:25:
40:52:05:f6:ad:9e:52:85:ff:fd:5c:b9:0f:7b:f1:0a:ef:8e:
cc:66:dc:54:90:5d:8a:aa:64:e8:c6:5f:2c:d7:a7:d2:7d:33:
43:fc:64:bd:12:ee:e8:83:6c:5c:c2:8f:04:0f:25:c6:c3:cc:
c7:32:9d:24:12:e0:ea:b1:98:d3:15:17:8e:9c:f1:4e:c9:96:
af:5b:19:54:1d:ca:9a:94:e5:fe:32:a7:9a:0e:b6:57:88:7e:
53:79:ea:58:27:b4:ca:97:15:c4:60:9f:0f:33:a8:00:69:ce:
a7:de:e5:e1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6lFpiwT8IknV6F7YPILTjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDAzMTc1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM5ZmU4YWI1NjA0OGYzNmM2MDE0ZTE5MTE4YjFkODE5OGI3Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+DTJUwBpuYHiWBhwwi/OnCkfV8B
OqIb1L2AhOccKlZZu/LgfzwCQJUrxfar3qnkTTCBFq4nRpGupulzKr7hou6A9QIR
nz5eWsKmsf8iDFO75tgXjB5avRFxGiDycOatZIi48iuSjcupxRPs7FpcBcXUlBes
kaDcOFMvjv6dhIk6/xFVzhKvOUED7IDH+n6wb+h7HPj2mDoZKC8eNl9F5UyhPqzO
hOb8gCLvqxLRm85w8RYf4VB3RcWrb7XBVPcA2kpw+QRy7H1Pr3jiEbNX8TeC0Wwy
Nj0jqjUxXTLZ+Brur6ia6p4E+PaLocGZiBKy26Xzzf4d7ds7cwsfzAjdJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEM5/oq1YEjzbGAU4ZEYsdgZi3aEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUXpuLWlyVmdTUE5zWUJUaGtSaXgyQm1MZG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBf3kAwQC
LQ/0AwQCLVtUAwQCLYAUAwQCLZfEAwQAWSB+AwQAWSgjMA0GCSqGSIb3DQEBCwUA
A4IBAQCeKJxquSJ+VD7MG4iihsyCg/U9ARCekfXECAqQWMJqasdi0armpfgKZF0B
CBCs38+Db9ic7hw7uPIJVzKMPEoChDPt9EL60chy9ssaDsLPJrLnahaLwZyymuZz
wf5hJU/asEp3gvtO47MyCoMPWwTXVWLKQqGcaRNhK/VZJalx8s2u5svg64OIugSH
prRE5CVAUgX2rZ5Shf/9XLkPe/EK747MZtxUkF2KqmToxl8s16fSfTND/GS9Eu7o
g2xcwo8EDyXGw8zHMp0kEuDqsZjTFReOnPFOyZavWxlUHcqalOX+MqeaDrZXiH5T
eepYJ7TKlxXEYJ8PM6gAac6n3uXh
-----END CERTIFICATE-----
Generated at Sat May 4 08:46:23 2024 by rpki-client on console-fra.rpki-client.org