Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/jqSSnGxPMLBtHiXv47eMBAvrb_8.roa
File: jqSSnGxPMLBtHiXv47eMBAvrb_8.roa (raw, json)
Hash identifier: GddhtWOXLHoU1zIbORIvnmaMzYMgpUsNnxOAOZnpmgk=
Subject key identifier: 8E:A4:92:9C:6C:4F:30:B0:6D:1E:25:EF:E3:B7:8C:04:0B:EB:6F:FF
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 018CC2DAE4D8FFE326528E8C6A5356F881F6
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/jqSSnGxPMLBtHiXv47eMBAvrb_8.roa
Signing time: Mon 01 Jan 2024 02:29:34 +0000
ROA not before: Mon 01 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59854
IP address blocks: 188.214.142.0/24 maxlen: 24
89.35.173.0/24 maxlen: 24
93.119.227.0/24 maxlen: 24
185.171.185.0/24 maxlen: 24
185.171.184.0/24 maxlen: 24
185.171.187.0/24 maxlen: 24
77.81.164.0/23 maxlen: 23
128.0.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e4:d8:ff:e3:26:52:8e:8c:6a:53:56:f8:81:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 1 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ea4929c6c4f30b06d1e25efe3b78c040beb6fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:aa:93:0b:13:17:d7:55:ac:79:cf:8e:46:03:
4e:9f:7e:2d:dc:e0:4b:fc:b4:5c:21:83:2c:ec:e7:
42:d1:fb:ae:a3:d7:44:75:60:9c:91:67:fb:14:09:
0e:55:a9:73:9a:49:f2:be:11:ec:84:d4:34:de:a7:
7b:e4:6b:b3:f4:94:ff:9e:48:fc:d9:ea:2b:69:88:
6e:fa:d2:76:10:bf:e3:67:46:30:68:21:bd:f4:8e:
47:21:09:28:0c:4b:e3:cc:da:d6:6c:11:ba:92:9a:
01:a5:ad:f9:3f:04:2f:1b:80:5f:93:69:b8:a3:80:
4a:0f:dd:59:8f:3a:fa:1e:74:37:fe:e9:0a:fa:86:
34:f9:87:2c:c1:52:61:8a:01:4f:5d:9f:ad:af:c4:
81:c1:b0:89:38:25:58:fb:d9:b8:70:1b:f8:a1:ae:
55:c6:df:99:48:4f:c0:75:fb:dc:01:17:b0:97:5b:
14:32:b6:66:21:23:b5:1f:fd:0d:cc:ff:77:86:83:
09:86:0c:84:29:96:67:be:ce:a6:ff:c3:6e:e0:15:
68:ce:8c:11:f7:bb:ab:71:2e:e7:9a:73:9c:0a:c4:
39:cf:4a:6c:91:f6:02:e6:0a:c1:7a:df:04:77:10:
c4:6b:ae:59:c2:56:5a:d7:c8:8f:dd:cc:fb:f9:fd:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A4:92:9C:6C:4F:30:B0:6D:1E:25:EF:E3:B7:8C:04:0B:EB:6F:FF
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/jqSSnGxPMLBtHiXv47eMBAvrb_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.164.0/23
89.35.173.0/24
93.119.227.0/24
128.0.46.0/23
185.171.184.0/23
185.171.187.0/24
188.214.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:37:77:9d:7e:09:6f:17:e9:3e:27:f5:23:c1:f9:35:c6:a7:
b0:54:0f:d3:6d:83:c4:d5:73:d0:ea:fc:37:b1:dd:8b:28:8e:
cc:58:de:4b:df:15:5c:9a:8d:ef:a4:1c:89:40:46:12:89:e7:
72:7b:97:cf:bf:75:d0:aa:72:0c:c7:71:72:b3:ee:06:c1:df:
15:04:cd:8a:fd:5f:d0:e6:60:85:ac:ba:36:b9:8d:ab:c7:d3:
0a:b4:fa:27:83:ef:d2:1f:17:57:f5:eb:3d:83:d7:9e:e3:4d:
57:61:e2:54:4f:4a:a8:08:f2:c2:8b:07:01:b5:1a:23:a1:46:
48:d5:34:d8:10:0c:31:dd:b7:78:57:3e:5b:2c:da:fb:56:e3:
b4:90:1d:5e:49:b9:9e:5a:f9:d4:f9:9b:93:af:e8:43:e4:3f:
70:ec:42:37:cd:60:7f:f6:09:ca:a1:85:3c:b7:91:64:40:09:
c0:02:ac:28:d4:2f:01:97:7e:6f:8b:3a:d9:96:b6:29:fa:0f:
e8:15:0e:78:61:60:60:60:41:09:5b:57:6c:61:af:a8:f9:43:
c1:56:cc:65:c8:ec:77:56:59:47:42:62:80:68:b3:d6:97:ef:
30:db:07:9f:20:cc:53:6c:55:2a:86:44:d6:69:27:47:a7:c8:
d3:32:be:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC2uTY/+MmUo6MalNW+IH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE0OTI5YzZjNGYzMGIwNmQxZTI1ZWZlM2I3OGMwNDBiZWI2ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKqTCxMX11Wsec+ORgNOn34t3OBL
/LRcIYMs7OdC0fuuo9dEdWCckWf7FAkOValzmknyvhHshNQ03qd75Guz9JT/nkj8
2eoraYhu+tJ2EL/jZ0YwaCG99I5HIQkoDEvjzNrWbBG6kpoBpa35PwQvG4Bfk2m4
o4BKD91Zjzr6HnQ3/ukK+oY0+YcswVJhigFPXZ+tr8SBwbCJOCVY+9m4cBv4oa5V
xt+ZSE/AdfvcARewl1sUMrZmISO1H/0NzP93hoMJhgyEKZZnvs6m/8Nu4BVozowR
97urcS7nmnOcCsQ5z0pskfYC5grBet8EdxDEa65ZwlZa18iP3cz7+f017QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFI6kkpxsTzCwbR4l7+O3jAQL62//MB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvanFTU25HeFBNTEJ0SGlYdjQ3ZU1CQXZyYl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTVGkAwQA
WSOtAwQAXXfjAwQBgAAuAwQBuau4AwQAuau7AwQAvNaOMA0GCSqGSIb3DQEBCwUA
A4IBAQCoN3edfglvF+k+J/Ujwfk1xqewVA/TbYPE1XPQ6vw3sd2LKI7MWN5L3xVc
mo3vpByJQEYSiedye5fPv3XQqnIMx3Fys+4Gwd8VBM2K/V/Q5mCFrLo2uY2rx9MK
tPong+/SHxdX9es9g9ee401XYeJUT0qoCPLCiwcBtRojoUZI1TTYEAwx3bd4Vz5b
LNr7VuO0kB1eSbmeWvnU+ZuTr+hD5D9w7EI3zWB/9gnKoYU8t5FkQAnAAqwo1C8B
l35vizrZlrYp+g/oFQ54YWBgYEEJW1dsYa+o+UPBVsxlyOx3VllHQmKAaLPWl+8w
2wefIMxTbFUqhkTWaSdHp8jTMr4U
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:24:31 2024 by rpki-client on console-fra.rpki-client.org