Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/QLmASSfNPg7iHOSgv85QnNZqm1k.roa
File: QLmASSfNPg7iHOSgv85QnNZqm1k.roa (raw, json)
Hash identifier: mJV8YRX0vCRNGNsVAPUU9UN7IvA3t7+ASXoEuyUYzOo=
Subject key identifier: 40:B9:80:49:27:CD:3E:0E:E2:1C:E4:A0:BF:CE:50:9C:D6:6A:9B:59
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 018CC6B888C64274A9FEAEE9DC066EDF6167
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/QLmASSfNPg7iHOSgv85QnNZqm1k.roa
Signing time: Mon 01 Jan 2024 20:30:31 +0000
ROA not before: Mon 01 Jan 2024 20:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29134
IP address blocks: 185.102.76.0/22 maxlen: 22
37.46.80.0/21 maxlen: 21
62.109.128.0/19 maxlen: 19
217.31.48.0/20 maxlen: 20
213.109.164.0/22 maxlen: 24
185.100.92.0/22 maxlen: 22
130.193.8.0/21 maxlen: 24
185.102.20.0/22 maxlen: 22
171.33.136.0/21 maxlen: 21
2a03:b780::/32 maxlen: 32
2a09:ec00::/29 maxlen: 29
2001:1ab0::/32 maxlen: 32
2a00:ca80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:88:c6:42:74:a9:fe:ae:e9:dc:06:6e:df:61:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 20:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b9804927cd3e0ee21ce4a0bfce509cd66a9b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:ab:a9:49:40:1f:ae:1a:fa:51:1e:79:d6:
fb:8d:99:b0:4e:4b:75:d8:68:bb:f5:c1:97:b3:95:
09:65:82:c1:15:84:e7:d4:04:01:38:fd:57:82:f4:
3a:b7:50:35:f1:a5:24:b1:6e:34:f6:ca:a2:9e:9d:
7e:07:e6:67:df:12:de:57:ca:16:02:a7:c8:1a:1e:
2f:20:8c:f1:53:6b:d4:80:dc:f1:b4:ce:8a:58:1b:
14:2a:10:27:4b:e8:29:0e:c0:90:02:88:4e:16:69:
ef:ed:9d:d0:d4:b9:1c:24:6b:50:0e:78:65:af:0a:
cd:60:38:8f:76:3d:7b:4d:94:92:da:69:a1:3e:23:
c3:ed:2d:02:91:2e:31:c5:b9:cd:86:58:e9:d5:79:
40:b4:81:86:b4:e8:93:55:0b:d2:35:39:dd:94:1e:
b7:21:61:da:41:cc:2e:5b:97:d7:a0:ea:aa:76:3d:
c7:10:a8:ae:17:3e:2d:c5:b7:f6:5a:de:e2:b3:58:
84:20:df:5c:f8:fd:80:03:ce:27:12:b5:48:3d:32:
7d:ef:da:30:b7:13:1a:60:89:7e:4a:10:be:32:e2:
ab:d2:4e:3a:fc:2b:e7:8c:b9:41:ac:1c:f9:25:20:
83:0e:dc:dc:1b:74:62:74:a2:9f:f0:42:5d:7e:bf:
70:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B9:80:49:27:CD:3E:0E:E2:1C:E4:A0:BF:CE:50:9C:D6:6A:9B:59
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/QLmASSfNPg7iHOSgv85QnNZqm1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.80.0/21
62.109.128.0/19
130.193.8.0/21
171.33.136.0/21
185.100.92.0/22
185.102.20.0/22
185.102.76.0/22
213.109.164.0/22
217.31.48.0/20
IPv6:
2001:1ab0::/32
2a00:ca80::/32
2a03:b780::/32
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
3c:2b:65:92:de:b7:df:52:0c:c3:8d:e5:cf:1f:dd:24:74:26:
f9:e0:c8:a5:f5:5c:80:94:7f:73:b2:24:7d:0f:76:9e:8d:e6:
a3:1f:4f:49:24:bc:cf:bf:95:50:f6:23:07:e4:16:ab:a9:9b:
85:5f:67:02:3e:94:a7:fb:9c:f9:64:3e:f6:a9:78:ff:bf:f1:
49:e2:fd:ff:69:9b:06:75:b5:ae:ae:43:66:42:2d:12:33:85:
b1:56:f4:fd:71:c2:ba:c9:a1:22:e1:86:aa:8d:29:d8:98:bb:
5a:8b:fe:4d:33:b1:d0:92:31:67:9d:40:d7:32:3d:4b:e8:d6:
d9:f5:83:16:d3:6b:71:3d:ea:ab:fe:63:a9:bf:df:63:b4:5e:
93:d6:7f:7c:a8:5b:00:14:a4:ef:b8:b2:70:c3:7c:e4:2e:d3:
a6:01:2e:95:50:e3:35:70:39:33:c9:4a:a9:a3:68:70:8c:57:
10:52:0f:8f:d8:41:fc:d9:af:b6:36:69:d3:32:b6:6c:f5:33:
43:8a:e2:07:ee:5f:30:8b:f6:a5:f1:2a:40:f7:79:ec:77:12:
62:f7:f7:b4:e4:64:6f:2a:b3:a1:f0:e7:73:86:4a:71:19:a6:
1d:0f:60:7e:f6:81:68:34:49:2a:61:17:f0:b9:a0:00:d1:44:
65:08:c1:77
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzGuIjGQnSp/q7p3AZu32FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjQwMTAxMjAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI5ODA0OTI3Y2QzZTBlZTIxY2U0YTBiZmNlNTA5Y2Q2NmE5YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukqrqUlAH64a+lEeedb7jZmwTkt1
2Gi79cGXs5UJZYLBFYTn1AQBOP1XgvQ6t1A18aUksW409sqinp1+B+Zn3xLeV8oW
AqfIGh4vIIzxU2vUgNzxtM6KWBsUKhAnS+gpDsCQAohOFmnv7Z3Q1LkcJGtQDnhl
rwrNYDiPdj17TZSS2mmhPiPD7S0CkS4xxbnNhljp1XlAtIGGtOiTVQvSNTndlB63
IWHaQcwuW5fXoOqqdj3HEKiuFz4txbf2Wt7is1iEIN9c+P2AA84nErVIPTJ979ow
txMaYIl+ShC+MuKr0k46/CvnjLlBrBz5JSCDDtzcG3RidKKf8EJdfr9wLwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEC5gEknzT4O4hzkoL/OUJzWaptZMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvUUxtQVNTZk5QZzdpSE9TZ3Y4NVFuTlpxbTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQDJS5QAwQF
Pm2AAwQDgsEIAwQDqyGIAwQCuWRcAwQCuWYUAwQCuWZMAwQC1W2kAwQE2R8wMCIE
AgACMBwDBQAgARqwAwUAKgDKgAMFACoDt4ADBQMqCewAMA0GCSqGSIb3DQEBCwUA
A4IBAQA8K2WS3rffUgzDjeXPH90kdCb54Mil9VyAlH9zsiR9D3aejeajH09JJLzP
v5VQ9iMH5BarqZuFX2cCPpSn+5z5ZD72qXj/v/FJ4v3/aZsGdbWurkNmQi0SM4Wx
VvT9ccK6yaEi4YaqjSnYmLtai/5NM7HQkjFnnUDXMj1L6NbZ9YMW02txPeqr/mOp
v99jtF6T1n98qFsAFKTvuLJww3zkLtOmAS6VUOM1cDkzyUqpo2hwjFcQUg+P2EH8
2a+2NmnTMrZs9TNDiuIH7l8wi/al8SpA93nsdxJi9/e05GRvKrOh8OdzhkpxGaYd
D2B+9oFoNEkqYRfwuaAA0URlCMF3
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:59 2024 by rpki-client on console-fra.rpki-client.org