Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QdlUplVUfinPTbT2OAX0sPwX3EA.roa
File: QdlUplVUfinPTbT2OAX0sPwX3EA.roa (raw, json)
Hash identifier: PTrOw77SGCku+YmCUq+CDc6SAVsSJF1TQHM5qOjHwIs=
Subject key identifier: 41:D9:54:A6:55:54:7E:29:CF:4D:B4:F6:38:05:F4:B0:FC:17:DC:40
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018E2C8B4B990CBEEB7BA6677510B72A42D2
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QdlUplVUfinPTbT2OAX0sPwX3EA.roa
Signing time: Mon 11 Mar 2024 08:05:10 +0000
ROA not before: Mon 11 Mar 2024 08:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.85.247.0/24 maxlen: 24
62.68.64.0/24 maxlen: 24
91.229.5.0/24 maxlen: 24
185.198.155.0/24 maxlen: 24
193.110.161.0/24 maxlen: 24
193.201.202.0/24 maxlen: 24
194.55.128.0/24 maxlen: 24
195.60.170.0/24 maxlen: 24
195.64.107.0/24 maxlen: 24
195.64.113.0/24 maxlen: 24
217.8.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:8b:4b:99:0c:be:eb:7b:a6:67:75:10:b7:2a:42:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Mar 11 08:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41d954a655547e29cf4db4f63805f4b0fc17dc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:4a:93:bc:9d:b7:c9:e2:c2:89:02:86:d8:
bd:93:f6:a3:a1:97:de:04:cd:7b:d3:ab:52:8d:fb:
fe:15:6d:82:bd:19:a6:f1:79:88:ef:87:f8:92:32:
68:2d:89:8a:02:c9:ee:c0:30:e6:b6:6f:e5:b9:e3:
ba:2f:56:ed:17:bd:e6:71:a9:e6:c8:2e:a7:98:8e:
bb:57:93:11:28:e1:86:a8:c6:58:d4:39:32:5c:a9:
ec:dd:d1:c2:47:52:c2:dc:aa:2e:f5:47:bf:cf:75:
e5:c4:a9:f4:e4:2e:37:e8:59:c9:40:50:16:7c:2b:
aa:17:0d:a0:a3:3f:b8:8a:59:37:c7:1f:e5:1c:57:
11:b9:8c:bf:99:e0:0c:a2:8f:3e:83:db:ec:23:80:
1a:f5:de:be:f9:7d:34:5c:a4:f5:c0:93:a8:b0:36:
3d:8d:35:d9:0f:f0:da:75:b9:73:66:ef:20:56:ee:
09:70:58:5e:8b:5f:48:0e:cf:56:4d:ba:79:f8:07:
f2:11:b5:9d:fa:c0:74:12:f6:52:db:a6:4a:47:4f:
1b:87:91:f7:de:cd:11:5f:86:64:79:00:0a:5b:5a:
8d:dc:c8:b0:58:60:90:39:10:e7:dc:0c:11:ee:c5:
12:81:07:b1:2b:c5:f0:57:7a:dc:b6:7b:93:45:b9:
0f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D9:54:A6:55:54:7E:29:CF:4D:B4:F6:38:05:F4:B0:FC:17:DC:40
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QdlUplVUfinPTbT2OAX0sPwX3EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.247.0/24
62.68.64.0/24
91.229.5.0/24
185.198.155.0/24
193.110.161.0/24
193.201.202.0/24
194.55.128.0/24
195.60.170.0/24
195.64.107.0/24
195.64.113.0/24
217.8.116.0/24
Signature Algorithm: sha256WithRSAEncryption
25:7c:f1:98:af:4c:2a:17:8d:08:a8:32:73:54:30:31:36:83:
ab:2b:ac:9a:26:19:8e:73:34:7f:97:56:58:7b:e9:b6:68:35:
af:7f:8f:95:61:f7:59:a0:13:44:76:58:92:74:13:d4:4b:be:
48:bc:fc:d9:5c:8c:8d:86:7f:15:5f:a4:2c:86:41:8e:f7:53:
8d:d0:85:04:94:28:0c:c6:e2:ce:75:2d:1c:5d:0a:e4:60:66:
1f:2b:1d:4e:94:12:2c:91:1b:a6:3e:0e:75:ff:a5:fd:90:0b:
4d:65:7e:00:29:81:dc:b0:df:95:c3:0f:0e:b8:d0:d7:23:67:
24:10:a5:da:30:40:b7:c5:7c:c6:34:59:c6:7a:11:31:7b:dd:
b2:9b:0c:b6:38:23:ad:72:37:19:45:24:91:30:57:7a:66:a7:
3b:15:12:21:84:f3:38:d9:b2:8c:4c:89:f2:a5:b5:50:3d:ef:
b4:f6:43:98:1b:fe:ea:78:77:0e:73:bd:9d:dc:0b:df:8d:d8:
c1:78:09:69:5a:ae:80:0b:0d:95:d8:90:40:2f:30:ed:f0:82:
f5:e0:0c:5e:f7:1e:98:2c:0a:af:ea:3c:b0:16:c1:80:a6:e0:
ff:38:1f:46:21:21:72:c1:e5:8c:63:e4:6f:3f:79:19:89:f6:
2a:42:28:61
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY4si0uZDL7re6ZndRC3KkLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMzExMDgwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ5NTRhNjU1NTQ3ZTI5Y2Y0ZGI0ZjYzODA1ZjRiMGZjMTdkYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSFKk7ydt8niwokChti9k/ajoZfe
BM1706tSjfv+FW2CvRmm8XmI74f4kjJoLYmKAsnuwDDmtm/lueO6L1btF73mcanm
yC6nmI67V5MRKOGGqMZY1DkyXKns3dHCR1LC3Kou9Ue/z3XlxKn05C436FnJQFAW
fCuqFw2goz+4ilk3xx/lHFcRuYy/meAMoo8+g9vsI4Aa9d6++X00XKT1wJOosDY9
jTXZD/DadblzZu8gVu4JcFhei19IDs9WTbp5+AfyEbWd+sB0EvZS26ZKR08bh5H3
3s0RX4ZkeQAKW1qN3MiwWGCQORDn3AwR7sUSgQexK8XwV3rctnuTRbkPMwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEHZVKZVVH4pz0209jgF9LD8F9xAMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUWRsVXBsVlVmaW5QVGJUMk9BWDBzUHdYM0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVX3AwQA
PkRAAwQAW+UFAwQAucabAwQAwW6hAwQAwcnKAwQAwjeAAwQAwzyqAwQAw0BrAwQA
w0BxAwQA2Qh0MA0GCSqGSIb3DQEBCwUAA4IBAQAlfPGYr0wqF40IqDJzVDAxNoOr
K6yaJhmOczR/l1ZYe+m2aDWvf4+VYfdZoBNEdliSdBPUS75IvPzZXIyNhn8VX6Qs
hkGO91ON0IUElCgMxuLOdS0cXQrkYGYfKx1OlBIskRumPg51/6X9kAtNZX4AKYHc
sN+Vww8OuNDXI2ckEKXaMEC3xXzGNFnGehExe92ymwy2OCOtcjcZRSSRMFd6Zqc7
FRIhhPM42bKMTInypbVQPe+09kOYG/7qeHcOc72d3AvfjdjBeAlpWq6ACw2V2JBA
LzDt8IL14Axe9x6YLAqv6jywFsGApuD/OB9GISFyweWMY+RvP3kZifYqQihh
-----END CERTIFICATE-----
Generated at Fri May 10 14:25:49 2024 by rpki-client on console-ams.rpki-client.org