Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/qIgrb_gt_efjKQ5SJTYcqpVUi9Q.roa
File: qIgrb_gt_efjKQ5SJTYcqpVUi9Q.roa (raw, json)
Hash identifier: e3SkOApuDL/fMDuxHTWugEarKDN3A1QbJE4JjabjqUw=
Subject key identifier: A8:88:2B:6F:F8:2D:FD:E7:E3:29:0E:52:25:36:1C:AA:95:54:8B:D4
Certificate issuer: /CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Certificate serial: 018DD5C75AB59C82F91227386C9DF15323C2
Authority key identifier: 8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/qIgrb_gt_efjKQ5SJTYcqpVUi9Q.roa
Signing time: Fri 23 Feb 2024 11:43:48 +0000
ROA not before: Fri 23 Feb 2024 11:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211582
IP address blocks: 5.45.144.0/22 maxlen: 22
80.243.224.0/22 maxlen: 22
185.214.188.0/22 maxlen: 22
212.60.24.0/21 maxlen: 21
2a10:b040:1::/48 maxlen: 48
2a10:b040:2::/48 maxlen: 48
2a10:b040:3::/48 maxlen: 48
2a10:b040:4::/48 maxlen: 48
2a10:b040:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:c7:5a:b5:9c:82:f9:12:27:38:6c:9d:f1:53:23:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a68191cab6ef06b322b0b1248785d484a4524f3
Validity
Not Before: Feb 23 11:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8882b6ff82dfde7e3290e5225361caa95548bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:66:aa:1a:d1:ba:50:3e:04:0f:34:26:5d:71:
d2:b3:67:38:3c:5d:38:58:e8:84:ba:c7:b3:c0:5b:
5f:8a:f4:8b:b1:ab:99:d1:07:97:4a:b6:b3:cc:fd:
42:77:ea:e3:c5:ea:82:2b:78:4f:74:80:c1:d1:86:
43:a9:7e:8f:0c:52:15:78:38:d9:17:af:76:fa:d5:
00:04:de:ec:d6:4f:27:a6:ec:cf:6a:35:ec:02:e0:
c8:81:d0:24:aa:f0:88:cb:78:dc:31:2e:85:a2:86:
ef:8a:eb:c9:51:4e:da:48:90:1f:19:a7:7a:a2:72:
18:2a:c7:2a:58:35:91:75:63:06:3e:d4:91:97:ff:
2c:d9:a3:bd:17:b3:42:1b:c1:e9:3b:06:d4:83:6d:
b6:ac:aa:35:24:08:d6:b4:03:e5:f1:b3:eb:76:98:
a6:be:1c:f2:b4:8b:ba:18:0f:ac:47:de:65:f5:23:
51:13:94:c2:7f:18:0c:dc:85:5f:51:36:92:a1:e4:
5b:3a:1e:e4:24:07:65:c0:0f:24:42:4f:a0:6b:88:
06:f8:0c:f1:7e:3e:ca:a2:a1:89:8a:e7:4e:06:bd:
b7:d9:fe:7d:57:2e:4c:e4:fb:af:68:1f:8c:81:3d:
6c:be:0d:21:9c:43:30:ce:fd:87:69:ff:d5:11:35:
ef:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:88:2B:6F:F8:2D:FD:E7:E3:29:0E:52:25:36:1C:AA:95:54:8B:D4
X509v3 Authority Key Identifier:
keyid:8A:68:19:1C:AB:6E:F0:6B:32:2B:0B:12:48:78:5D:48:4A:45:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imgZHKtu8GsyKwsSSHhdSEpFJPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/qIgrb_gt_efjKQ5SJTYcqpVUi9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e3ee8d-e459-4f47-b75d-97117eeb4891/1/imgZHKtu8GsyKwsSSHhdSEpFJPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.144.0/22
80.243.224.0/22
185.214.188.0/22
212.60.24.0/21
IPv6:
2a10:b040:1::-2a10:b040:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c6:02:4e:0a:4e:a6:26:53:1a:c3:7d:42:97:d7:3f:fa:d8:7d:
a8:b2:64:ba:09:5c:67:ed:b5:99:ce:f1:08:c7:c2:0e:bb:bd:
97:9f:2e:a7:91:dc:15:ff:a4:02:54:b8:89:0e:21:3b:f4:89:
a5:a1:d5:73:0c:7c:c5:0e:e5:af:db:12:ac:57:c9:31:c2:12:
9a:9d:d9:c4:f9:4b:b2:b5:ed:3a:d9:34:9a:7e:fe:6a:ff:82:
73:43:9a:79:98:00:8d:84:65:7b:88:e8:5a:ea:54:2a:74:49:
80:66:af:38:f6:ec:85:fb:e6:b2:76:29:c3:92:96:97:b5:b5:
19:f3:56:86:58:fa:45:8b:76:0b:27:84:c0:03:61:09:b4:d2:
2a:84:8e:dd:6f:30:8d:ef:28:4f:58:02:22:24:37:8c:0a:39:
26:48:2d:d5:3e:22:44:9b:55:18:e7:e8:61:98:93:08:85:92:
3e:b2:95:4f:79:38:c2:03:b8:81:4c:d2:77:9c:fc:7d:d5:54:
25:04:d1:cc:30:dc:b8:e8:5c:8b:91:39:37:78:d5:ed:d0:4b:
71:d1:0e:5b:81:e8:16:67:a8:ba:31:bd:ff:45:1a:65:4e:f8:
0f:99:b2:6d:b5:7b:57:ee:b8:55:8a:d5:de:96:3f:a8:25:28:
35:28:4a:39
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY3Vx1q1nIL5Eic4bJ3xUyPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjgxOTFjYWI2ZWYwNmIzMjJiMGIxMjQ4Nzg1ZDQ4NGE0
NTI0ZjMwHhcNMjQwMjIzMTE0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg4MmI2ZmY4MmRmZGU3ZTMyOTBlNTIyNTM2MWNhYTk1NTQ4YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWaqGtG6UD4EDzQmXXHSs2c4PF04
WOiEusezwFtfivSLsauZ0QeXSrazzP1Cd+rjxeqCK3hPdIDB0YZDqX6PDFIVeDjZ
F692+tUABN7s1k8npuzPajXsAuDIgdAkqvCIy3jcMS6FoobviuvJUU7aSJAfGad6
onIYKscqWDWRdWMGPtSRl/8s2aO9F7NCG8HpOwbUg222rKo1JAjWtAPl8bPrdpim
vhzytIu6GA+sR95l9SNRE5TCfxgM3IVfUTaSoeRbOh7kJAdlwA8kQk+ga4gG+Azx
fj7KoqGJiudOBr232f59Vy5M5PuvaB+MgT1svg0hnEMwzv2Haf/VETXv3QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKiIK2/4Lf3n4ykOUiU2HKqVVIvUMB8GA1UdIwQY
MBaAFIpoGRyrbvBrMisLEkh4XUhKRSTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQt
OTcxMTdlZWI0ODkxLzEvcUlncmJfZ3RfZWZqS1E1U0pUWWNxcFZVaTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lM2VlOGQtZTQ1OS00ZjQ3LWI3NWQtOTcxMTdlZWI0ODkx
LzEvaW1nWkhLdHU4R3N5S3dzU1NIaGRTRXBGSlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAeBAIAATAYAwQCBS2QAwQC
UPPgAwQCuda8AwQD1DwYMBoEAgACMBQwEgMHACoQsEAAAQMHASoQsEAABDANBgkq
hkiG9w0BAQsFAAOCAQEAxgJOCk6mJlMaw31Cl9c/+th9qLJkuglcZ+21mc7xCMfC
Dru9l58up5HcFf+kAlS4iQ4hO/SJpaHVcwx8xQ7lr9sSrFfJMcISmp3ZxPlLsrXt
Otk0mn7+av+Cc0OaeZgAjYRle4joWupUKnRJgGavOPbshfvmsnYpw5KWl7W1GfNW
hlj6RYt2CyeEwANhCbTSKoSO3W8wje8oT1gCIiQ3jAo5Jkgt1T4iRJtVGOfoYZiT
CIWSPrKVT3k4wgO4gUzSd5z8fdVUJQTRzDDcuOhci5E5N3jV7dBLcdEOW4HoFmeo
ujG9/0UaZU74D5mybbV7V+64VYrV3pY/qCUoNShKOQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:11:00 2024 by rpki-client on console-fra.rpki-client.org