Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/dQNLBcB9P2oHerW1ZCKxHxVa3As.roa
File: dQNLBcB9P2oHerW1ZCKxHxVa3As.roa (raw, json)
Hash identifier: L5Yq02M6ocKoGmp0puQ+08t128l7Sob6ryF/NVJzscs=
Subject key identifier: 75:03:4B:05:C0:7D:3F:6A:07:7A:B5:B5:64:22:B1:1F:15:5A:DC:0B
Certificate issuer: /CN=88f41fab3e63eaf5bdf07166df5aa68162ead7a6
Certificate serial: 018CC64B86B75A651F295BC8CCFE5BAFAC5F
Authority key identifier: 88:F4:1F:AB:3E:63:EA:F5:BD:F0:71:66:DF:5A:A6:81:62:EA:D7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/dQNLBcB9P2oHerW1ZCKxHxVa3As.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15913
IP address blocks: 185.157.188.0/24 maxlen: 24
185.157.189.0/24 maxlen: 24
185.157.190.0/24 maxlen: 24
94.198.16.0/21 maxlen: 21
94.198.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:86:b7:5a:65:1f:29:5b:c8:cc:fe:5b:af:ac:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f41fab3e63eaf5bdf07166df5aa68162ead7a6
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75034b05c07d3f6a077ab5b56422b11f155adc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:fa:54:e2:2e:18:f7:11:8a:43:f5:d1:88:
28:21:39:0e:f4:df:34:ae:92:71:5c:eb:a7:65:98:
88:50:89:e1:c1:eb:97:9f:0e:3e:03:6e:7e:77:b9:
ba:6d:c6:71:08:60:5a:6b:7f:28:70:46:9f:bc:55:
6e:d1:ef:44:26:72:f8:6b:35:e0:43:06:ca:4e:27:
e0:a1:c0:77:89:66:55:92:b5:00:34:7a:75:34:86:
be:63:7e:32:af:60:5b:00:dc:96:a9:a9:ff:c0:9e:
01:a8:13:1a:26:c2:46:15:52:df:3f:98:83:86:e7:
c5:dd:77:b5:76:cd:18:8c:ce:11:06:56:02:02:04:
ff:57:b2:44:15:9f:bb:5c:4e:9b:52:2a:35:8d:6d:
ac:bc:42:17:1f:bd:ce:cc:8f:ef:80:bc:32:76:21:
e3:be:36:02:ee:c1:8f:75:70:61:d6:3f:88:63:37:
92:2d:e4:a6:ce:47:a4:b4:1a:0e:8f:0c:2b:53:76:
f6:c9:67:c5:99:58:29:32:7b:02:a6:d0:1b:75:59:
0c:a2:7c:f0:f3:b2:ea:10:9b:30:97:d7:50:42:a8:
6e:f0:ca:43:4b:c7:fd:8d:2f:50:1e:46:00:fd:c6:
5a:ec:b4:5f:ad:a1:28:03:58:07:5c:56:57:15:ff:
44:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:03:4B:05:C0:7D:3F:6A:07:7A:B5:B5:64:22:B1:1F:15:5A:DC:0B
X509v3 Authority Key Identifier:
keyid:88:F4:1F:AB:3E:63:EA:F5:BD:F0:71:66:DF:5A:A6:81:62:EA:D7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPQfqz5j6vW98HFm31qmgWLq16Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/dQNLBcB9P2oHerW1ZCKxHxVa3As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e06d8b-c758-4b93-b9f3-897cb6a430d7/1/iPQfqz5j6vW98HFm31qmgWLq16Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.16.0/21
185.157.188.0-185.157.190.255
Signature Algorithm: sha256WithRSAEncryption
ab:a2:fe:5d:49:e5:64:91:77:49:a2:47:2e:f2:85:41:bb:e7:
40:4a:34:80:d0:49:e2:a4:fc:43:11:da:f8:56:3d:a5:d6:90:
2a:64:48:40:7e:84:04:ff:95:79:bf:31:c2:90:fc:ef:c3:d9:
9d:15:b2:b6:9c:c1:ee:6d:0f:e4:29:88:02:91:8c:81:d0:06:
90:5e:cb:45:7f:18:aa:63:e6:6e:2e:7b:8f:f3:98:cb:a1:2b:
1c:d3:f8:ba:af:75:1f:b8:a5:a3:55:cc:d9:8f:36:7b:36:01:
42:78:f6:04:de:3e:94:7d:0b:d7:5b:06:79:6c:ec:56:7e:86:
af:c2:92:4d:0e:9e:bd:0a:8f:57:67:cc:f4:33:4e:01:34:d2:
8c:57:3c:e1:63:bc:e1:b3:3a:2e:a0:f1:eb:91:26:47:dc:f7:
38:08:85:9b:15:e8:bf:02:b4:c2:c3:83:29:56:bc:56:6a:52:
c6:c7:98:8c:15:57:46:b1:a0:e5:3c:d2:ca:12:37:b0:f8:d5:
1d:8a:3c:c6:35:9a:dc:b3:0b:bd:d3:7b:3d:51:03:14:6b:15:
cf:37:19:f3:e6:44:c4:4b:22:91:f8:e9:5b:09:d4:11:f4:e9:
b8:ec:5a:02:d0:e3:4e:40:a0:af:76:51:50:e9:b6:89:d3:ef:
11:38:6e:de
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGS4a3WmUfKVvIzP5br6xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZjQxZmFiM2U2M2VhZjViZGYwNzE2NmRmNWFhNjgxNjJl
YWQ3YTYwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTAzNGIwNWMwN2QzZjZhMDc3YWI1YjU2NDIyYjExZjE1NWFkYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqz6VOIuGPcRikP10YgoITkO9N80
rpJxXOunZZiIUInhweuXnw4+A25+d7m6bcZxCGBaa38ocEafvFVu0e9EJnL4azXg
QwbKTifgocB3iWZVkrUANHp1NIa+Y34yr2BbANyWqan/wJ4BqBMaJsJGFVLfP5iD
hufF3Xe1ds0YjM4RBlYCAgT/V7JEFZ+7XE6bUio1jW2svEIXH73OzI/vgLwydiHj
vjYC7sGPdXBh1j+IYzeSLeSmzkektBoOjwwrU3b2yWfFmVgpMnsCptAbdVkMonzw
87LqEJswl9dQQqhu8MpDS8f9jS9QHkYA/cZa7LRfraEoA1gHXFZXFf9ETwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHUDSwXAfT9qB3q1tWQisR8VWtwLMB8GA1UdIwQY
MBaAFIj0H6s+Y+r1vfBxZt9apoFi6temMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBRZnF6NWo2dlc5OEhGbTMxcW1nV0xxMTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDZkOGItYzc1OC00YjkzLWI5ZjMt
ODk3Y2I2YTQzMGQ3LzEvZFFOTEJjQjlQMm9IZXJXMVpDS3hIeFZhM0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDZkOGItYzc1OC00YjkzLWI5ZjMtODk3Y2I2YTQzMGQ3
LzEvaVBRZnF6NWo2dlc5OEhGbTMxcW1nV0xxMTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDXsYQMAwD
BAK5nbwDBAC5nb4wDQYJKoZIhvcNAQELBQADggEBAKui/l1J5WSRd0miRy7yhUG7
50BKNIDQSeKk/EMR2vhWPaXWkCpkSEB+hAT/lXm/McKQ/O/D2Z0Vsracwe5tD+Qp
iAKRjIHQBpBey0V/GKpj5m4ue4/zmMuhKxzT+LqvdR+4paNVzNmPNns2AUJ49gTe
PpR9C9dbBnls7FZ+hq/Ckk0Onr0Kj1dnzPQzTgE00oxXPOFjvOGzOi6g8euRJkfc
9zgIhZsV6L8CtMLDgylWvFZqUsbHmIwVV0axoOU80soSN7D41R2KPMY1mtyzC73T
ez1RAxRrFc83GfPmRMRLIpH46VsJ1BH06bjsWgLQ405AoK92UVDptonT7xE4bt4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:16:21 2024 by rpki-client on console-ams.rpki-client.org