Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/QUETcbVecVuAGuX_LUV8Z0Cyw3s.roa
File: QUETcbVecVuAGuX_LUV8Z0Cyw3s.roa (raw, json)
Hash identifier: piqAxhBMnadJrfXJRS0oUBgKIPRgBXXB6K46D898HbQ=
Subject key identifier: 41:41:13:71:B5:5E:71:5B:80:1A:E5:FF:2D:45:7C:67:40:B2:C3:7B
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 018CC8DF982357689541329B019C7BA03801
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/QUETcbVecVuAGuX_LUV8Z0Cyw3s.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51557
IP address blocks: 185.33.232.0/22 maxlen: 22
185.111.232.0/23 maxlen: 23
185.111.235.0/24 maxlen: 24
185.111.234.0/24 maxlen: 24
93.89.224.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:98:23:57:68:95:41:32:9b:01:9c:7b:a0:38:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41411371b55e715b801ae5ff2d457c6740b2c37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:de:ab:37:49:d9:09:10:68:f7:0e:b7:f4:
59:bd:99:38:4d:b4:0c:e4:b0:3d:dd:56:20:3e:74:
28:e1:24:fd:a2:f8:7f:0c:48:5d:d6:d0:d9:08:76:
80:75:ba:88:69:ad:69:ec:c9:aa:8c:76:28:0e:b8:
39:5d:57:d6:9e:48:1a:66:94:50:dc:b3:9d:af:b6:
6a:3e:9b:53:e4:03:ab:b1:d1:41:e1:3b:f7:dc:3f:
13:c0:da:66:b2:1a:be:62:2d:43:d1:d6:b9:b0:5d:
41:7b:70:77:d5:1e:44:69:f8:d7:6b:71:a7:81:2d:
ac:40:33:13:b8:1f:af:68:f5:37:6d:70:f9:71:be:
33:1f:ad:07:c5:6b:33:57:c1:5f:14:e6:dc:02:54:
08:e5:93:ca:cc:1b:0b:b3:19:10:46:0e:44:64:95:
91:11:da:20:fc:60:eb:e7:32:89:e3:a7:06:6e:93:
d6:5f:c2:8e:e9:ad:46:2f:6a:f6:8b:ba:8e:03:37:
15:2b:a9:e5:0e:77:e1:13:7d:20:f2:8a:70:69:22:
86:d8:8e:0c:2d:61:c1:fd:bf:6c:10:3c:3d:2d:4f:
d6:f5:45:ad:11:59:9b:d2:c5:0a:f9:43:85:e0:38:
a3:e4:1a:2d:ca:9b:c5:f4:d8:8d:dc:72:4b:75:40:
9f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:41:13:71:B5:5E:71:5B:80:1A:E5:FF:2D:45:7C:67:40:B2:C3:7B
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/QUETcbVecVuAGuX_LUV8Z0Cyw3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.224.0/20
185.33.232.0/22
185.111.232.0/22
Signature Algorithm: sha256WithRSAEncryption
89:f2:65:19:25:30:3a:93:43:8f:86:d8:b4:5c:be:e9:ad:14:
c6:48:da:51:fe:6b:5e:a5:7d:10:b6:03:8e:5e:ca:4b:6c:92:
40:f8:c8:10:2c:c4:a8:6e:4b:a6:f4:a8:ef:cf:b4:cd:60:6a:
ae:52:03:01:19:7a:2f:cc:75:6b:10:a3:f0:ac:8f:da:b2:11:
ae:3a:50:e5:16:5c:81:f8:5b:21:24:1b:81:95:99:5c:28:6a:
a3:e8:3c:ee:16:59:86:e2:5a:75:eb:64:3e:93:56:26:2e:a3:
79:16:92:f5:a8:9d:45:3e:f1:34:e6:15:6a:85:8f:dd:ee:eb:
e2:c5:6d:0f:6c:f1:56:bf:0c:67:9b:20:c9:0e:df:2f:8b:63:
f4:a2:23:6d:b8:66:3f:a3:31:ac:2f:3e:ee:19:b2:b6:14:5d:
c7:47:d5:62:2c:6a:65:62:a0:85:e9:ad:40:75:08:f5:5e:db:
aa:3a:d9:8d:47:58:0b:f2:f0:d0:b3:d8:11:ca:66:87:78:43:
44:97:9d:eb:77:85:66:d5:3f:6f:d3:6d:37:09:a9:79:90:cf:
70:d8:4a:87:e8:c1:d7:a8:64:b2:af:ec:62:fb:06:fc:8d:44:
d6:cd:d6:85:61:f4:ab:b0:ae:ec:a9:36:2b:05:43:e2:d0:36:
63:1b:ee:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI35gjV2iVQTKbAZx7oDgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQxMTM3MWI1NWU3MTViODAxYWU1ZmYyZDQ1N2M2NzQwYjJjMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcjeqzdJ2QkQaPcOt/RZvZk4TbQM
5LA93VYgPnQo4ST9ovh/DEhd1tDZCHaAdbqIaa1p7MmqjHYoDrg5XVfWnkgaZpRQ
3LOdr7ZqPptT5AOrsdFB4Tv33D8TwNpmshq+Yi1D0da5sF1Be3B31R5EafjXa3Gn
gS2sQDMTuB+vaPU3bXD5cb4zH60HxWszV8FfFObcAlQI5ZPKzBsLsxkQRg5EZJWR
Edog/GDr5zKJ46cGbpPWX8KO6a1GL2r2i7qOAzcVK6nlDnfhE30g8opwaSKG2I4M
LWHB/b9sEDw9LU/W9UWtEVmb0sUK+UOF4Dij5BotypvF9NiN3HJLdUCfqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEFBE3G1XnFbgBrl/y1FfGdAssN7MB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvUVVFVGNiVmVjVnVBR3VYX0xVVjhaMEN5dzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXVngAwQC
uSHoAwQCuW/oMA0GCSqGSIb3DQEBCwUAA4IBAQCJ8mUZJTA6k0OPhti0XL7prRTG
SNpR/mtepX0QtgOOXspLbJJA+MgQLMSobkum9Kjvz7TNYGquUgMBGXovzHVrEKPw
rI/ashGuOlDlFlyB+FshJBuBlZlcKGqj6DzuFlmG4lp162Q+k1YmLqN5FpL1qJ1F
PvE05hVqhY/d7uvixW0PbPFWvwxnmyDJDt8vi2P0oiNtuGY/ozGsLz7uGbK2FF3H
R9ViLGplYqCF6a1AdQj1XtuqOtmNR1gL8vDQs9gRymaHeENEl53rd4Vm1T9v0203
Cal5kM9w2EqH6MHXqGSyr+xi+wb8jUTWzdaFYfSrsK7sqTYrBUPi0DZjG+6l
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:56:29 2024 by rpki-client on console-ams.rpki-client.org