Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qKUDy6-RZq4HqwSOZDYk_7UDhxI.roa
File: qKUDy6-RZq4HqwSOZDYk_7UDhxI.roa (raw, json)
Hash identifier: F5GoTIuOPA6IMWLoyeZEcC9jOAqBKgzoHo/MPdlBY6M=
Subject key identifier: A8:A5:03:CB:AF:91:66:AE:07:AB:04:8E:64:36:24:FF:B5:03:87:12
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC5014E5044AB524001EBC6F3622BF74D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qKUDy6-RZq4HqwSOZDYk_7UDhxI.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 84.32.82.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
88.216.196.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4e:50:44:ab:52:40:01:eb:c6:f3:62:2b:f7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a503cbaf9166ae07ab048e643624ffb5038712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:61:ed:97:33:40:88:26:c2:09:90:0b:01:25:
6b:44:1c:e0:26:e3:8a:f1:d0:8f:65:fe:d3:a6:05:
c2:98:b1:59:5f:c2:dc:9a:0f:44:21:3d:93:ac:c5:
aa:a8:bf:6b:46:e6:9b:a0:c2:7a:fa:25:66:b8:6b:
26:93:62:80:4d:d8:75:77:a2:a6:2d:2f:22:ae:ab:
57:37:4f:f7:e0:79:c4:9d:ad:8e:d0:93:05:a6:24:
ca:f4:ea:98:eb:f3:ad:30:18:09:7f:fa:aa:2a:ad:
cd:4c:07:1c:44:8a:30:d8:73:6d:b3:3a:16:ec:d2:
82:b3:9e:8d:d5:59:2d:0c:68:08:9f:73:86:6e:db:
78:5b:72:fb:79:73:79:02:27:8d:50:17:a4:d0:8a:
bb:d5:74:6f:0b:12:70:1b:46:22:3b:48:be:10:ad:
18:0c:f4:76:13:c7:2e:a6:48:89:0d:18:98:5b:7e:
a0:93:9c:97:3f:28:c4:8a:00:d9:a4:44:db:93:a9:
98:07:63:25:89:b9:ae:a3:34:92:ea:45:fb:a0:b4:
d7:b0:c5:ab:91:de:31:c8:d6:a4:85:3f:9b:18:b9:
58:26:2b:3f:47:7e:39:05:8d:73:fa:84:f4:d2:27:
50:c1:a4:01:41:62:ee:e6:29:ec:2f:89:c0:98:1e:
cd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A5:03:CB:AF:91:66:AE:07:AB:04:8E:64:36:24:FF:B5:03:87:12
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qKUDy6-RZq4HqwSOZDYk_7UDhxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.82.0/24
84.32.86.0/24
88.216.37.0/24
88.216.46.0/24
88.216.196.0/24
Signature Algorithm: sha256WithRSAEncryption
70:5f:bb:53:15:03:f8:df:31:b5:b9:71:84:5f:66:42:67:12:
08:cb:88:db:5d:38:91:92:82:d9:48:65:d6:89:41:27:e6:92:
d8:c4:70:84:94:55:37:00:5c:ca:f7:fa:0a:60:75:13:90:45:
94:bd:72:d9:19:44:83:da:0f:2c:c4:ab:6f:b6:d0:0e:38:d7:
23:83:e3:70:c5:ff:bb:36:11:ed:6a:e0:11:13:c5:03:69:97:
0a:11:42:fc:d1:56:f1:8c:c5:62:ca:43:8d:bc:b5:70:03:29:
3f:af:97:9e:cb:46:c9:6a:e8:bc:c9:87:69:16:ef:55:d9:9b:
be:95:21:9b:1e:80:9f:27:3f:c6:6e:44:e4:bd:8e:7e:aa:55:
ff:95:ec:d0:db:3e:3a:7a:2d:b3:b9:d7:0e:65:07:c0:99:79:
c1:25:07:25:7d:08:f7:c9:10:82:e9:5d:b2:95:be:1c:cd:a8:
a5:ab:fc:e3:eb:e7:4f:d2:d3:48:d1:b9:31:15:50:8c:f6:c6:
23:16:d6:6b:aa:94:ed:2a:69:58:77:27:28:68:3a:b6:24:73:
06:61:b7:8b:85:dc:b2:32:ab:da:9c:5c:f3:09:cb:1e:3a:4a:
3e:c9:72:e4:c4:d5:ff:4c:e6:5e:1b:b3:00:31:92:12:e1:5f:
a1:7a:41:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFAU5QRKtSQAHrxvNiK/dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE1MDNjYmFmOTE2NmFlMDdhYjA0OGU2NDM2MjRmZmI1MDM4NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmHtlzNAiCbCCZALASVrRBzgJuOK
8dCPZf7TpgXCmLFZX8Lcmg9EIT2TrMWqqL9rRuaboMJ6+iVmuGsmk2KATdh1d6Km
LS8irqtXN0/34HnEna2O0JMFpiTK9OqY6/OtMBgJf/qqKq3NTAccRIow2HNtszoW
7NKCs56N1VktDGgIn3OGbtt4W3L7eXN5AieNUBek0Iq71XRvCxJwG0YiO0i+EK0Y
DPR2E8cupkiJDRiYW36gk5yXPyjEigDZpETbk6mYB2MlibmuozSS6kX7oLTXsMWr
kd4xyNakhT+bGLlYJis/R345BY1z+oT00idQwaQBQWLu5insL4nAmB7NiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKilA8uvkWauB6sEjmQ2JP+1A4cSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcUtVRHk2LVJacTRIcXdTT1pEWWtfN1VEaHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCBSAwQA
VCBWAwQAWNglAwQAWNguAwQAWNjEMA0GCSqGSIb3DQEBCwUAA4IBAQBwX7tTFQP4
3zG1uXGEX2ZCZxIIy4jbXTiRkoLZSGXWiUEn5pLYxHCElFU3AFzK9/oKYHUTkEWU
vXLZGUSD2g8sxKtvttAOONcjg+Nwxf+7NhHtauARE8UDaZcKEUL80VbxjMViykON
vLVwAyk/r5eey0bJaui8yYdpFu9V2Zu+lSGbHoCfJz/GbkTkvY5+qlX/lezQ2z46
ei2zudcOZQfAmXnBJQclfQj3yRCC6V2ylb4czailq/zj6+dP0tNI0bkxFVCM9sYj
FtZrqpTtKmlYdycoaDq2JHMGYbeLhdyyMqvanFzzCcseOko+yXLkxNX/TOZeG7MA
MZIS4V+hekGu
-----END CERTIFICATE-----
Generated at Tue May 7 12:08:43 2024 by rpki-client on console-ams.rpki-client.org