Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qbjWDYLDdfYWzsmBZPn0jZSXsYI.roa
File: qbjWDYLDdfYWzsmBZPn0jZSXsYI.roa (raw, json)
Hash identifier: zXrpxAK614oflhjemlLGnMpVRNauwEf9y32xBtLKBe4=
Subject key identifier: A9:B8:D6:0D:82:C3:75:F6:16:CE:C9:81:64:F9:F4:8D:94:97:B1:82
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC0B9013EBB5A3C65C1A7D80C6676
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qbjWDYLDdfYWzsmBZPn0jZSXsYI.roa
Signing time: Tue 02 Jan 2024 04:30:16 +0000
ROA not before: Tue 02 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57217
IP address blocks: 193.36.216.0/22 maxlen: 22
176.116.224.0/22 maxlen: 22
176.107.64.0/21 maxlen: 21
176.121.32.0/21 maxlen: 21
91.237.91.0/24 maxlen: 24
176.121.40.0/21 maxlen: 21
46.174.200.0/22 maxlen: 22
176.121.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c0:b9:01:3e:bb:5a:3c:65:c1:a7:d8:0c:66:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9b8d60d82c375f616cec98164f9f48d9497b182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:6f:31:22:b0:df:41:b1:7b:d0:a8:e2:5e:
fa:d7:b8:d8:b1:1f:cd:16:df:72:9a:4c:a8:ce:b9:
c7:13:8e:56:84:35:10:bc:e8:d5:b6:95:29:73:7b:
7e:cb:15:c2:4e:26:3f:a4:bf:1f:ec:95:6c:69:58:
e9:6d:3c:0d:6f:9d:27:a0:13:e3:2f:d8:3c:48:1f:
d1:77:d1:b3:1f:76:bf:55:09:55:56:2f:0d:84:c4:
e8:36:58:5b:c5:71:1e:82:5d:70:dd:99:d1:b9:59:
ad:ce:78:8d:56:92:4e:cd:c8:38:a7:49:ba:29:0f:
0e:f4:bb:2e:46:ea:ca:6d:95:a4:b3:49:46:7d:10:
83:d0:d4:41:21:4d:bd:ad:7a:3c:25:6a:47:46:01:
f8:22:c4:4d:ea:33:68:7f:c0:ca:65:02:d2:b2:74:
2d:24:e7:22:bf:d3:cf:e1:ef:d9:f2:b2:36:03:9f:
db:2f:94:77:56:ed:72:5d:d3:3d:6d:eb:5e:d8:4b:
d7:de:b5:04:39:9c:73:d9:eb:3d:4b:9c:ed:f2:f2:
95:43:cb:45:55:fd:89:9b:29:75:ee:75:b6:25:d0:
08:28:c0:da:fe:da:2e:87:ba:36:e5:ea:38:25:85:
d5:80:07:0d:d9:01:8f:35:87:67:87:dc:04:5c:16:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B8:D6:0D:82:C3:75:F6:16:CE:C9:81:64:F9:F4:8D:94:97:B1:82
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qbjWDYLDdfYWzsmBZPn0jZSXsYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.200.0/22
91.237.91.0/24
176.107.64.0/21
176.116.224.0/22
176.121.32.0/20
176.121.104.0/22
193.36.216.0/22
Signature Algorithm: sha256WithRSAEncryption
22:3c:a4:f5:3a:c7:92:77:55:b1:62:9c:44:aa:50:51:3f:dc:
5b:cb:9f:5d:b3:14:cc:41:51:69:3f:42:a0:d1:02:d7:7d:67:
99:0b:f1:c3:d8:ed:a4:79:d5:77:ba:9b:f0:c4:a8:a9:43:ec:
cc:c8:9e:ec:d0:98:3a:d0:eb:51:cc:0a:d7:8e:88:d2:d4:6a:
f4:c5:7a:e0:de:92:04:92:23:de:03:ed:e1:3e:66:fd:25:1d:
6a:9a:17:a2:da:76:74:4a:56:ef:64:74:76:f9:ef:76:69:65:
c0:9f:18:51:1a:d6:80:cc:ee:3e:76:52:12:16:49:21:24:40:
62:73:ef:fe:a9:9a:92:03:0f:6b:0b:aa:46:1e:d6:9a:01:f5:
39:de:5a:87:5b:13:41:6e:a5:3d:ed:2f:d5:be:1f:7b:70:a4:
5b:58:b1:d0:56:7b:78:18:1a:bf:1f:98:ca:ef:68:96:93:d4:
98:76:0a:68:d5:cf:b7:8d:4a:40:b1:82:30:58:3f:85:4d:1e:
b1:6a:a6:98:5a:f8:9d:94:af:c1:e3:86:85:6d:7d:b9:4d:f7:
35:8b:0a:7b:4f:aa:90:19:44:14:87:3a:27:d2:cf:e3:d3:2c:
86:c8:92:f8:38:1b:4c:b2:5f:29:b8:51:84:3c:28:66:72:ef:
41:f0:7d:49
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIb8C5AT67WjxlwafYDGZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI4ZDYwZDgyYzM3NWY2MTZjZWM5ODE2NGY5ZjQ4ZDk0OTdiMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY5vMSKw30Gxe9Co4l7617jYsR/N
Ft9ymkyozrnHE45WhDUQvOjVtpUpc3t+yxXCTiY/pL8f7JVsaVjpbTwNb50noBPj
L9g8SB/Rd9GzH3a/VQlVVi8NhMToNlhbxXEegl1w3ZnRuVmtzniNVpJOzcg4p0m6
KQ8O9LsuRurKbZWks0lGfRCD0NRBIU29rXo8JWpHRgH4IsRN6jNof8DKZQLSsnQt
JOciv9PP4e/Z8rI2A5/bL5R3Vu1yXdM9bete2EvX3rUEOZxz2es9S5zt8vKVQ8tF
Vf2Jmyl17nW2JdAIKMDa/touh7o25eo4JYXVgAcN2QGPNYdnh9wEXBYhCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKm41g2Cw3X2Fs7JgWT59I2Ul7GCMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcWJqV0RZTERkZllXenNtQlpQbjBqWlNYc1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLq7IAwQA
W+1bAwQDsGtAAwQCsHTgAwQEsHkgAwQCsHloAwQCwSTYMA0GCSqGSIb3DQEBCwUA
A4IBAQAiPKT1OseSd1WxYpxEqlBRP9xby59dsxTMQVFpP0Kg0QLXfWeZC/HD2O2k
edV3upvwxKipQ+zMyJ7s0Jg60OtRzArXjojS1Gr0xXrg3pIEkiPeA+3hPmb9JR1q
mhei2nZ0SlbvZHR2+e92aWXAnxhRGtaAzO4+dlISFkkhJEBic+/+qZqSAw9rC6pG
HtaaAfU53lqHWxNBbqU97S/Vvh97cKRbWLHQVnt4GBq/H5jK72iWk9SYdgpo1c+3
jUpAsYIwWD+FTR6xaqaYWvidlK/B44aFbX25Tfc1iwp7T6qQGUQUhzon0s/j0yyG
yJL4OBtMsl8puFGEPChmcu9B8H1J
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org