Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iqf_i7vvD4ZqiWq4Zof57Q3ym8k.roa
File: iqf_i7vvD4ZqiWq4Zof57Q3ym8k.roa (raw, json)
Hash identifier: /BduiW5mLdVCaPjrxFpBAlEE9E9uJFaANtZox8u8dYM=
Subject key identifier: 8A:A7:FF:8B:BB:EF:0F:86:6A:89:6A:B8:66:87:F9:ED:0D:F2:9B:C9
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0190EF1EB23DFF8A4379C35175776CE91F71
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iqf_i7vvD4ZqiWq4Zof57Q3ym8k.roa
Signing time: Fri 26 Jul 2024 12:58:04 +0000
ROA not before: Fri 26 Jul 2024 12:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207023
IP address blocks: 37.97.116.0/22 maxlen: 24
77.36.72.0/21 maxlen: 21
91.229.147.0/24 maxlen: 24
91.232.18.0/24 maxlen: 24
91.234.122.0/23 maxlen: 24
91.245.88.0/23 maxlen: 23
176.116.238.0/23 maxlen: 24
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
192.162.186.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:1e:b2:3d:ff:8a:43:79:c3:51:75:77:6c:e9:1f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jul 26 12:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa7ff8bbbef0f866a896ab86687f9ed0df29bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c6:b6:80:6f:9e:1b:e6:f1:ec:d3:19:c0:fe:
37:d2:2e:2c:bf:83:d6:80:20:9d:f9:8c:49:30:7e:
2a:1f:06:29:cc:f0:e9:e5:6f:5a:3a:4f:67:89:6b:
d2:7e:cf:47:f6:2f:fa:d4:d3:ad:99:6c:9d:b7:f7:
f8:d2:d5:ee:bd:38:3b:24:07:a0:dc:ed:f8:09:05:
d0:ca:55:9d:c7:2a:e9:fb:dd:ba:d9:e1:35:5c:c4:
e1:f6:87:7d:ca:3d:6b:0e:d5:c4:72:bc:2f:56:04:
fa:64:6a:ab:95:e8:cd:70:3e:27:65:89:c2:6a:33:
71:2f:e3:f9:44:42:76:54:28:e9:06:b0:1d:a5:ee:
b4:a8:be:60:5f:77:d3:8e:22:62:e7:bf:83:97:e8:
c0:38:9a:e8:f7:75:84:58:70:15:cb:d1:1b:06:94:
a2:bc:fd:f4:63:57:f0:8f:de:10:d4:75:fd:3b:b4:
63:a6:84:92:67:29:91:9f:67:51:8d:ca:a7:89:32:
ca:6f:93:14:26:8b:26:47:6c:97:1c:59:c8:41:e5:
65:6a:f7:a9:ca:5f:7a:1c:1e:ae:34:a0:f0:eb:59:
71:c8:51:7e:c2:38:2f:75:6d:a6:bd:c4:2a:bc:04:
04:56:4d:c5:ef:7a:72:b4:5c:01:e1:8c:e4:03:7c:
6e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A7:FF:8B:BB:EF:0F:86:6A:89:6A:B8:66:87:F9:ED:0D:F2:9B:C9
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iqf_i7vvD4ZqiWq4Zof57Q3ym8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
77.36.72.0/21
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
91.245.88.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:ec:50:29:f7:17:a1:cf:25:94:39:c0:c0:c9:76:53:f8:85:
f5:f1:30:3b:3f:56:cb:29:a7:99:6d:53:91:eb:18:91:f0:b3:
53:40:a2:38:86:15:12:ca:a0:6c:55:a7:e1:1c:3a:d6:5e:ff:
87:42:4e:5a:16:2c:8d:4c:10:48:a5:f9:1c:72:6f:d9:74:10:
66:c8:a1:14:06:88:ec:26:71:0d:1f:8d:fa:ac:1e:6a:1b:72:
6e:82:19:bd:6a:0a:ed:ee:ec:c1:3b:95:47:10:47:d3:c3:a6:
00:c3:31:f8:3a:cb:34:38:53:57:b6:46:d8:ca:9e:ac:6d:be:
de:f6:ca:9e:23:43:06:a5:3f:c2:6e:39:e6:77:f8:67:37:e7:
5c:07:43:e4:30:be:20:7d:23:84:a5:77:78:e2:5b:df:54:af:
c8:c0:28:98:56:b6:ef:62:ba:94:6f:e5:0e:05:90:79:23:68:
ca:2b:2a:63:ac:e4:9e:bb:27:52:91:c1:a0:65:0c:84:bd:9b:
e1:fe:11:8d:01:a1:77:33:3b:ac:c0:63:0b:b4:bf:82:0f:f4:
37:9c:75:d7:b7:ba:5e:50:17:dd:e1:e6:95:6e:34:c1:ae:0f:
69:0b:a0:2f:0a:ee:f5:89:d3:0e:3b:c7:ed:67:d0:13:ba:81:
d5:23:06:94
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZDvHrI9/4pDecNRdXds6R9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwNzI2MTI1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE3ZmY4YmJiZWYwZjg2NmE4OTZhYjg2Njg3ZjllZDBkZjI5YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsa2gG+eG+bx7NMZwP430i4sv4PW
gCCd+YxJMH4qHwYpzPDp5W9aOk9niWvSfs9H9i/61NOtmWydt/f40tXuvTg7JAeg
3O34CQXQylWdxyrp+9262eE1XMTh9od9yj1rDtXEcrwvVgT6ZGqrlejNcD4nZYnC
ajNxL+P5REJ2VCjpBrAdpe60qL5gX3fTjiJi57+Dl+jAOJro93WEWHAVy9EbBpSi
vP30Y1fwj94Q1HX9O7RjpoSSZymRn2dRjcqniTLKb5MUJosmR2yXHFnIQeVlavep
yl96HB6uNKDw61lxyFF+wjgvdW2mvcQqvAQEVk3F73pytFwB4YzkA3xu2wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIqn/4u77w+GaolquGaH+e0N8pvJMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaXFmX2k3dnZENFpxaVdxNFpvZjU3UTN5bThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCJWF0AwQD
TSRIAwQAW+WTAwQAW+gSAwQBW+p6AwQBW/VYAwQBsHTuAwQDsHbIAwQBwKK6AwQB
wiFAMA0GCSqGSIb3DQEBCwUAA4IBAQAL7FAp9xehzyWUOcDAyXZT+IX18TA7P1bL
KaeZbVOR6xiR8LNTQKI4hhUSyqBsVafhHDrWXv+HQk5aFiyNTBBIpfkccm/ZdBBm
yKEUBojsJnENH436rB5qG3Jughm9agrt7uzBO5VHEEfTw6YAwzH4Oss0OFNXtkbY
yp6sbb7e9sqeI0MGpT/Cbjnmd/hnN+dcB0PkML4gfSOEpXd44lvfVK/IwCiYVrbv
YrqUb+UOBZB5I2jKKypjrOSeuydSkcGgZQyEvZvh/hGNAaF3MzuswGMLtL+CD/Q3
nHXXt7peUBfd4eaVbjTBrg9pC6AvCu71idMOO8ftZ9ATuoHVIwaU
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:33:34 2024 by rpki-client on console-fra.rpki-client.org