Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QHrkHZgnJw8DXwB4_T9JuSKDPOc.roa
File: QHrkHZgnJw8DXwB4_T9JuSKDPOc.roa (raw, json)
Hash identifier: sydMqd+q3cVPbWE7nOQ7qEps4DlrB1SWlChQJDtSmgM=
Subject key identifier: 40:7A:E4:1D:98:27:27:0F:03:5F:00:78:FD:3F:49:B9:22:83:3C:E7
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018F855B7A439C364E735660F804C1405B2A
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QHrkHZgnJw8DXwB4_T9JuSKDPOc.roa
Signing time: Fri 17 May 2024 07:01:55 +0000
ROA not before: Fri 17 May 2024 07:01:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:5b:7a:43:9c:36:4e:73:56:60:f8:04:c1:40:5b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: May 17 07:01:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=407ae41d9827270f035f0078fd3f49b922833ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:18:58:43:d0:99:f4:32:4a:2e:a5:cb:a9:c1:
43:da:ce:7b:9d:62:56:4a:ad:d4:88:c7:f6:dc:4d:
3a:cc:47:43:3b:cb:e0:19:eb:07:46:06:3a:8a:a2:
88:c4:58:ba:85:a3:38:9b:56:b4:ba:51:54:12:54:
4e:ac:ec:52:10:4b:e1:36:ef:60:02:5e:79:9d:5e:
42:1f:2b:a2:a6:d0:89:06:21:55:ed:0c:88:b0:52:
3a:38:b1:ad:88:44:48:ee:32:84:62:90:3b:57:4c:
a4:e6:51:9e:66:74:0d:4d:b7:c7:ed:19:d9:57:97:
1e:d0:30:7b:59:b5:22:dd:9e:3c:92:0b:82:aa:7f:
79:48:de:61:23:15:5d:fb:87:b3:bd:95:88:bd:17:
f8:d1:98:fc:0a:4a:6f:58:14:cf:32:b6:8f:6c:5a:
d5:62:a0:53:8a:4c:41:e3:ed:a2:f3:3c:ec:9b:59:
96:e5:eb:30:63:d8:f3:81:ff:3c:56:5a:ed:4d:ef:
7e:13:c6:cc:4a:1f:29:21:cc:a8:d8:35:bd:08:80:
46:bd:c4:da:76:69:6e:d3:42:5d:de:d4:34:a8:ab:
93:42:58:66:68:40:b0:2e:49:ab:ec:1a:bf:56:f1:
26:49:4f:47:05:ac:74:57:ad:5e:cb:bc:c0:c8:53:
9f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7A:E4:1D:98:27:27:0F:03:5F:00:78:FD:3F:49:B9:22:83:3C:E7
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/QHrkHZgnJw8DXwB4_T9JuSKDPOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
Signature Algorithm: sha256WithRSAEncryption
b2:72:94:5b:6a:5c:cd:06:8f:47:3d:5a:a9:a9:91:21:8c:65:
2d:e8:6b:73:cf:ea:49:d6:a0:1c:cc:e0:af:d0:58:64:82:d3:
f4:9a:68:9d:5d:ea:5d:f8:f5:ab:eb:31:a9:17:8a:57:ed:da:
d9:62:89:ba:1b:a4:9a:07:6c:13:b8:1b:da:3b:71:0b:9e:7f:
d5:96:86:25:29:7c:47:4c:37:df:2f:51:e5:ee:c2:95:86:4a:
e4:15:fb:bc:c5:19:99:69:08:59:51:0b:cb:e1:df:dc:40:40:
5a:e9:86:f1:10:ce:35:b5:cf:91:1c:93:0b:7a:90:ac:ef:26:
18:fe:63:ea:94:12:b8:9f:e8:c8:48:0c:6e:ce:ae:c7:7b:46:
e4:51:01:68:df:de:27:7b:39:a1:e2:4b:59:4e:62:19:1d:68:
69:90:75:91:64:c0:7c:f6:e6:8d:e6:0b:f6:5e:47:64:3d:d8:
50:60:fe:52:71:f1:d3:28:bb:61:d1:11:6b:6f:cf:f0:e9:e4:
f8:eb:84:12:c6:09:25:60:ee:4d:bb:00:b2:ec:af:95:38:9b:
8c:98:67:d9:a5:8c:79:62:42:ce:ee:09:f9:89:57:11:39:eb:
da:43:3e:f7:b5:58:b2:db:b2:e2:94:1d:0f:45:69:60:dd:8e:
13:6b:9f:77
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY+FW3pDnDZOc1Zg+ATBQFsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwNTE3MDcwMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdhZTQxZDk4MjcyNzBmMDM1ZjAwNzhmZDNmNDliOTIyODMzY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBhYQ9CZ9DJKLqXLqcFD2s57nWJW
Sq3UiMf23E06zEdDO8vgGesHRgY6iqKIxFi6haM4m1a0ulFUElROrOxSEEvhNu9g
Al55nV5CHyuiptCJBiFV7QyIsFI6OLGtiERI7jKEYpA7V0yk5lGeZnQNTbfH7RnZ
V5ce0DB7WbUi3Z48kguCqn95SN5hIxVd+4ezvZWIvRf40Zj8CkpvWBTPMraPbFrV
YqBTikxB4+2i8zzsm1mW5eswY9jzgf88VlrtTe9+E8bMSh8pIcyo2DW9CIBGvcTa
dmlu00Jd3tQ0qKuTQlhmaECwLkmr7Bq/VvEmSU9HBax0V61ey7zAyFOf8QIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFEB65B2YJycPA18AeP0/SbkigzznMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvUUhya0haZ25KdzhEWHdCNF9UOUp1U0tEUE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDAYBAIAATASAwQAueEY
AwQAueEaAwQAwL2dMIGbBAIAAjCBlDASAwcDKhQ/gAAIAwcEKhQ/gAAgAwcEKhQ/
gACAAwcEKhQ/gAEAMBADBgMqFD+ACAMGAioUP4AYMBADBgUqFD+AIAMGAioUP4Ao
MBADBgQqFD+AMAMGAyoUP4BAAwYCKhQ/gGADBgIqFD+AcAMGAioUP4CIAwYCKhQ/
gkADBgIqFD+CYAMGAioUP4JwAwYCKhQ/gogwDQYJKoZIhvcNAQELBQADggEBALJy
lFtqXM0Gj0c9WqmpkSGMZS3oa3PP6knWoBzM4K/QWGSC0/SaaJ1d6l349avrMakX
ilft2tliibobpJoHbBO4G9o7cQuef9WWhiUpfEdMN98vUeXuwpWGSuQV+7zFGZlp
CFlRC8vh39xAQFrphvEQzjW1z5Eckwt6kKzvJhj+Y+qUErif6MhIDG7Orsd7RuRR
AWjf3id7OaHiS1lOYhkdaGmQdZFkwHz25o3mC/ZeR2Q92FBg/lJx8dMou2HREWtv
z/Dp5PjrhBLGCSVg7k27ALLsr5U4m4yYZ9mljHliQs7uCfmJVxE569pDPve1WLLb
suKUHQ9FaWDdjhNrn3c=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:11:29 2024 by rpki-client on console-ams.rpki-client.org