Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qtzkdjS6Yb8fVRpHxSHyL_C8oD8.roa
File: qtzkdjS6Yb8fVRpHxSHyL_C8oD8.roa (raw, json)
Hash identifier: 0JNoXDdZeWdOvQH614NIANI/gbB4cvtoJl+ml386CsI=
Subject key identifier: AA:DC:E4:76:34:BA:61:BF:1F:55:1A:47:C5:21:F2:2F:F0:BC:A0:3F
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F3AEF78EF48CF5712D93A76A12BD
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qtzkdjS6Yb8fVRpHxSHyL_C8oD8.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47952
IP address blocks: 194.127.118.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
185.185.235.0/24 maxlen: 24
91.106.219.0/24 maxlen: 24
91.106.218.0/24 maxlen: 24
91.106.217.0/24 maxlen: 24
91.106.216.0/24 maxlen: 24
193.35.206.0/24 maxlen: 24
193.35.205.0/24 maxlen: 24
193.35.204.0/24 maxlen: 24
193.35.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f3:ae:f7:8e:f4:8c:f5:71:2d:93:a7:6a:12:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aadce47634ba61bf1f551a47c521f22ff0bca03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9e:c0:68:99:8f:10:0d:86:19:ab:e6:7e:8c:
ea:fa:9a:18:96:b4:80:47:67:36:06:e0:73:ea:42:
50:6c:58:b9:db:40:82:79:ef:1c:ce:99:00:01:1c:
39:c6:94:fa:5b:bb:60:f0:75:9e:81:4b:bd:3f:05:
fe:a5:ab:41:9c:72:14:c9:31:9f:47:b5:65:8a:08:
25:ed:51:83:b8:41:f1:0b:0f:d2:cc:fe:d0:ba:45:
23:0f:fb:cd:da:5a:0e:61:66:84:6e:7e:78:e6:b0:
17:b4:ee:99:9f:f3:b2:85:45:a7:ed:fb:cb:6c:76:
1d:56:40:80:aa:0c:b7:e5:aa:b1:df:1b:a5:bb:a5:
15:8c:99:f9:2d:96:7d:e9:20:4c:35:27:e2:e5:26:
df:c2:90:9a:ef:73:8e:5d:33:f3:6e:93:6a:b0:a4:
17:7b:0b:d3:96:68:03:29:5e:8e:ab:2b:dc:29:b0:
1d:3f:03:1a:88:06:43:d2:fb:98:77:c1:f1:25:1c:
cd:4e:88:7d:94:48:a4:f4:fd:aa:30:7d:23:f5:d6:
b6:25:4b:80:e0:ed:b5:67:63:81:b3:d5:e3:99:df:
53:4d:d2:09:71:bd:36:2f:a1:90:fe:14:ee:b0:f5:
12:83:68:6a:b2:5b:79:fd:e4:d5:9c:2f:71:fa:e8:
64:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DC:E4:76:34:BA:61:BF:1F:55:1A:47:C5:21:F2:2F:F0:BC:A0:3F
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/qtzkdjS6Yb8fVRpHxSHyL_C8oD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.216.0/22
185.185.235.0/24
193.35.204.0/22
194.127.116.0/22
Signature Algorithm: sha256WithRSAEncryption
07:85:42:01:60:c3:8a:48:b7:ee:3b:af:e5:05:aa:db:3c:04:
0c:e2:b7:e8:bd:f4:a8:a6:cc:c3:80:0d:1c:ac:d8:2c:53:d7:
88:03:b2:f5:34:ad:c7:f5:54:91:7e:fe:ad:ce:55:af:98:82:
75:a5:ad:a4:cf:95:39:d3:6f:93:af:4f:09:fd:08:b7:f8:e5:
0c:4d:0a:de:d3:ad:81:c2:c0:46:e6:55:31:19:6c:69:88:cc:
92:15:f4:42:f2:23:cc:50:08:b5:b5:e7:31:9b:ff:d4:98:fb:
6a:34:ac:60:b9:5d:77:36:1c:f1:fe:f0:94:01:48:d3:dc:c6:
fb:e0:f9:58:8d:2d:8d:0c:90:1c:79:76:c5:d7:9e:14:6e:b0:
38:b4:ac:6f:70:d3:e6:33:e7:59:38:52:f6:ff:f7:00:9e:b7:
10:eb:42:03:28:94:00:23:83:f5:93:64:ea:eb:f5:df:e3:eb:
bd:62:ac:c6:a8:c2:de:9c:0c:e0:32:bc:43:0c:57:6a:28:07:
c2:4a:94:d7:88:6f:78:25:10:e0:46:50:1b:49:54:99:07:f4:
7b:e4:91:3f:9d:ce:c3:47:3f:77:e8:a5:13:8e:81:93:33:7a:
53:38:cf:d2:1b:11:b2:2a:4c:98:44:bb:85:a7:d8:92:b1:45:
2d:6c:3c:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJPOu9470jPVxLZOnahK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWRjZTQ3NjM0YmE2MWJmMWY1NTFhNDdjNTIxZjIyZmYwYmNhMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg57AaJmPEA2GGavmfozq+poYlrSA
R2c2BuBz6kJQbFi520CCee8czpkAARw5xpT6W7tg8HWegUu9PwX+patBnHIUyTGf
R7Vliggl7VGDuEHxCw/SzP7QukUjD/vN2loOYWaEbn545rAXtO6Zn/OyhUWn7fvL
bHYdVkCAqgy35aqx3xulu6UVjJn5LZZ96SBMNSfi5SbfwpCa73OOXTPzbpNqsKQX
ewvTlmgDKV6OqyvcKbAdPwMaiAZD0vuYd8HxJRzNToh9lEik9P2qMH0j9da2JUuA
4O21Z2OBs9Xjmd9TTdIJcb02L6GQ/hTusPUSg2hqslt5/eTVnC9x+uhkzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKrc5HY0umG/H1UaR8Uh8i/wvKA/MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvcXR6a2RqUzZZYjhmVlJwSHhTSHlMX0M4b0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW2rYAwQA
ubnrAwQCwSPMAwQCwn90MA0GCSqGSIb3DQEBCwUAA4IBAQAHhUIBYMOKSLfuO6/l
BarbPAQM4rfovfSopszDgA0crNgsU9eIA7L1NK3H9VSRfv6tzlWvmIJ1pa2kz5U5
02+Tr08J/Qi3+OUMTQre062BwsBG5lUxGWxpiMySFfRC8iPMUAi1tecxm//UmPtq
NKxguV13Nhzx/vCUAUjT3Mb74PlYjS2NDJAceXbF154UbrA4tKxvcNPmM+dZOFL2
//cAnrcQ60IDKJQAI4P1k2Tq6/Xf4+u9YqzGqMLenAzgMrxDDFdqKAfCSpTXiG94
JRDgRlAbSVSZB/R75JE/nc7DRz936KUTjoGTM3pTOM/SGxGyKkyYRLuFp9iSsUUt
bDxv
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:58:56 2024 by rpki-client on console-ams.rpki-client.org