Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/QcyjKAkOGVncDLsD3wMIC681f7o.roa
File: QcyjKAkOGVncDLsD3wMIC681f7o.roa (raw, json)
Hash identifier: WhrtwrSBq+ES20pQdH/1HFwik4B7K0xpZtBmOr2BCO4=
Subject key identifier: 41:CC:A3:28:09:0E:19:59:DC:0C:BB:03:DF:03:08:0B:AF:35:7F:BA
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 018CCA29D20FBB018F0C0B4208AF349AEC6D
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/QcyjKAkOGVncDLsD3wMIC681f7o.roa
Signing time: Tue 02 Jan 2024 12:33:07 +0000
ROA not before: Tue 02 Jan 2024 12:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201128
IP address blocks: 194.110.168.0/24 maxlen: 24
194.110.171.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d2:0f:bb:01:8f:0c:0b:42:08:af:34:9a:ec:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Jan 2 12:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41cca328090e1959dc0cbb03df03080baf357fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:75:04:56:ef:a5:7e:62:0d:c8:5b:d6:73:d0:
00:a3:a6:18:f0:47:71:af:b2:38:b7:64:58:06:18:
fe:72:32:96:f4:57:3f:89:6a:28:d5:56:f5:8e:07:
be:af:81:7b:93:16:81:68:44:50:ae:f6:fb:2b:9b:
00:d6:43:af:df:34:08:9c:c7:cf:4c:d8:6e:d8:bc:
0a:4d:1d:78:92:3b:0e:c0:f4:da:1e:5d:f5:26:a4:
34:c7:77:57:63:01:49:fc:4c:20:66:20:d9:c2:4d:
28:d2:49:35:e2:da:e1:98:0b:23:ed:08:26:86:31:
f6:e8:83:d2:9e:8b:06:18:64:1b:19:1d:3d:54:5b:
21:db:5c:da:e8:a6:b9:0f:08:ca:a1:54:5a:57:cc:
0b:88:e2:35:ae:28:a0:6f:7d:ca:06:c4:e1:56:75:
21:de:15:49:2c:f9:fe:17:2b:d0:5d:71:81:e3:2e:
60:0c:c8:c3:66:d9:fe:ff:b2:9d:8f:4d:e4:aa:d1:
3c:35:9b:bb:e6:e9:84:26:39:5a:37:9c:da:77:4e:
e7:92:aa:67:d2:79:6c:29:4a:9d:22:88:ca:ca:aa:
84:34:53:52:e5:1a:2b:d5:20:e3:38:e9:92:fc:53:
8e:64:8c:51:c5:13:f3:84:c5:58:62:e7:4e:6f:fd:
10:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:A3:28:09:0E:19:59:DC:0C:BB:03:DF:03:08:0B:AF:35:7F:BA
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/QcyjKAkOGVncDLsD3wMIC681f7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/23
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
43:a1:f8:b9:ae:96:a9:22:27:93:d1:be:0b:8d:39:3a:3b:ef:
77:9f:e7:16:10:7a:73:0b:e1:ce:cd:47:74:8e:47:ab:28:86:
19:89:d0:fb:ab:02:37:e8:8b:66:df:d5:06:b4:5d:c7:60:ee:
b6:f2:f3:49:90:ef:43:81:33:32:25:33:2c:65:00:f5:8b:60:
ae:c0:49:0e:10:f9:48:d9:fc:5c:5b:18:2b:31:79:10:5e:f2:
83:d6:11:bc:e1:ea:eb:54:5b:ae:75:f5:a4:af:0a:cf:eb:a6:
cd:07:ee:78:10:1e:c9:75:2d:37:0f:66:20:1b:93:32:f0:24:
11:2b:e9:06:66:8b:04:a4:3a:2d:0e:e0:6d:64:9d:cc:b6:02:
dc:ac:51:34:c1:60:fb:61:9e:f0:20:1a:9b:37:5d:cf:73:8f:
05:17:58:a1:a0:eb:f1:15:1e:7c:0e:3f:67:9b:fd:a5:5d:9f:
6a:1f:c6:55:4b:23:d1:6f:2b:78:d6:79:89:47:23:ef:92:e4:
3a:cf:9a:50:2f:74:22:a8:0d:f9:43:b3:82:24:6e:2b:f7:dc:
92:92:c4:c0:29:42:d6:35:ce:92:7f:88:4e:be:56:bd:c5:f1:
bc:c3:9f:57:d9:c3:d0:7a:5b:c6:e2:22:ab:12:03:01:b7:35:
21:23:12:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKdIPuwGPDAtCCK80muxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNjYTMyODA5MGUxOTU5ZGMwY2JiMDNkZjAzMDgwYmFmMzU3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XUEVu+lfmINyFvWc9AAo6YY8Edx
r7I4t2RYBhj+cjKW9Fc/iWoo1Vb1jge+r4F7kxaBaERQrvb7K5sA1kOv3zQInMfP
TNhu2LwKTR14kjsOwPTaHl31JqQ0x3dXYwFJ/EwgZiDZwk0o0kk14trhmAsj7Qgm
hjH26IPSnosGGGQbGR09VFsh21za6Ka5DwjKoVRaV8wLiOI1riigb33KBsThVnUh
3hVJLPn+FyvQXXGB4y5gDMjDZtn+/7Kdj03kqtE8NZu75umEJjlaN5zad07nkqpn
0nlsKUqdIojKyqqENFNS5Ror1SDjOOmS/FOOZIxRxRPzhMVYYudOb/0QWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEHMoygJDhlZ3Ay7A98DCAuvNX+6MB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvUWN5aktBa09HVm5jRExzRDN3TUlDNjgxZjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQBwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQBDofi5
rpapIieT0b4LjTk6O+93n+cWEHpzC+HOzUd0jkerKIYZidD7qwI36Itm39UGtF3H
YO628vNJkO9DgTMyJTMsZQD1i2CuwEkOEPlI2fxcWxgrMXkQXvKD1hG84errVFuu
dfWkrwrP66bNB+54EB7JdS03D2YgG5My8CQRK+kGZosEpDotDuBtZJ3MtgLcrFE0
wWD7YZ7wIBqbN13Pc48FF1ihoOvxFR58Dj9nm/2lXZ9qH8ZVSyPRbyt41nmJRyPv
kuQ6z5pQL3QiqA35Q7OCJG4r99ySksTAKULWNc6Sf4hOvla9xfG8w59X2cPQelvG
4iKrEgMBtzUhIxIU
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:05 2024 by rpki-client on console-fra.rpki-client.org