Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/Qb6Rm69_RQcB0qw-9chnp9gGKLE.roa
File: Qb6Rm69_RQcB0qw-9chnp9gGKLE.roa (raw, json)
Hash identifier: LtNJ8KuxA1Ro/nFVcWNwx79QS8gfyvL7rKTnLQBvwHk=
Subject key identifier: 41:BE:91:9B:AF:7F:45:07:01:D2:AC:3E:F5:C8:67:A7:D8:06:28:B1
Certificate issuer: /CN=153d757b77067befd9446694748ad2b04e97b38c
Certificate serial: 018CCA2B3FA8C929641384F2506B4E299D65
Authority key identifier: 15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/Qb6Rm69_RQcB0qw-9chnp9gGKLE.roa
Signing time: Tue 02 Jan 2024 12:34:41 +0000
ROA not before: Tue 02 Jan 2024 12:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201193
IP address blocks: 185.76.233.0/24 maxlen: 24
185.76.232.0/24 maxlen: 24
185.76.232.0/22 maxlen: 24
185.76.234.0/24 maxlen: 24
185.76.235.0/24 maxlen: 24
2a05:5dc0::/29 maxlen: 30
2a05:5dc4::/30 maxlen: 30
2a05:5dc0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3f:a8:c9:29:64:13:84:f2:50:6b:4e:29:9d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153d757b77067befd9446694748ad2b04e97b38c
Validity
Not Before: Jan 2 12:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41be919baf7f450701d2ac3ef5c867a7d80628b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:62:15:b5:7a:45:cf:7e:ae:19:e4:0a:54:
fd:35:82:15:be:a3:32:de:ee:5e:af:52:07:c7:71:
51:bc:cb:94:85:2a:28:21:ae:57:75:f9:52:29:cd:
4d:18:52:6b:db:a7:1e:ee:1b:df:b7:96:39:32:5b:
b7:7b:eb:89:8a:ee:24:57:bf:f6:81:ac:8a:45:b7:
53:14:4c:cd:15:6a:c0:33:1e:e4:65:c5:22:d0:36:
81:e4:88:4e:34:dd:ab:3e:33:ae:b0:dc:1a:88:75:
3b:52:5f:bd:f5:ac:69:a5:e3:1f:42:f2:d7:6f:be:
31:51:f9:f8:b0:0b:c6:c0:d2:20:5f:0a:3e:6b:9a:
7e:a2:8d:97:01:1c:a7:83:37:0d:b2:fc:aa:44:7c:
f5:3c:b1:b2:5f:a3:67:e7:88:85:f7:65:4a:3a:35:
4d:6f:26:bd:d3:40:aa:2c:37:49:df:97:27:b9:7e:
4a:7d:60:e3:43:60:13:0f:bf:0c:cd:7e:0f:69:46:
de:d4:fc:71:33:1a:d3:68:49:e0:89:8d:ac:93:0e:
9d:27:c5:d9:cd:dd:f0:7f:a3:99:85:85:c1:90:ed:
3f:77:3b:ef:cd:b7:77:06:d9:fa:ba:b4:d0:b4:e0:
81:9e:45:9d:cb:e6:d9:f1:91:c7:9f:98:71:9c:3f:
21:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BE:91:9B:AF:7F:45:07:01:D2:AC:3E:F5:C8:67:A7:D8:06:28:B1
X509v3 Authority Key Identifier:
keyid:15:3D:75:7B:77:06:7B:EF:D9:44:66:94:74:8A:D2:B0:4E:97:B3:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/Qb6Rm69_RQcB0qw-9chnp9gGKLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8a94b9-70fe-46ff-a4e6-019e1f8403dd/1/FT11e3cGe-_ZRGaUdIrSsE6Xs4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.232.0/22
IPv6:
2a05:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:77:ee:67:90:61:c2:c9:27:c5:6c:3e:86:d6:93:80:e4:cc:
e8:51:ae:b4:5b:d9:fc:c6:0a:b2:8b:bd:22:56:60:f5:25:8f:
c4:b3:2e:37:33:5e:bd:13:cc:33:8a:3c:71:21:33:7c:bc:33:
20:3a:5f:e4:bc:7c:96:09:f7:21:17:6f:0e:ee:83:02:6e:71:
4c:fb:01:ee:58:8d:2c:54:85:eb:e5:fe:53:f6:0f:92:c4:b2:
fc:99:25:f5:92:f0:0d:13:0f:86:07:8e:09:30:f0:c2:52:a5:
49:61:d8:b5:0c:97:be:b4:21:fa:38:d1:f7:bb:d8:e4:f5:b5:
37:be:1e:6b:81:09:6c:b4:ba:4f:c9:1b:3b:05:9a:a9:3d:71:
18:e2:47:f6:e1:1a:f0:74:e0:74:bd:72:fa:6f:60:80:8c:4c:
a7:cc:43:30:7d:11:1f:e7:f4:8e:f5:58:b4:c7:aa:27:47:52:
08:31:5f:f6:59:fe:d7:9b:e0:2b:4f:68:71:f7:7f:82:b3:40:
1d:e7:d6:4e:01:4f:08:9f:ea:4a:61:e3:28:36:ea:90:36:27:
9e:67:55:13:53:31:56:cf:1b:ba:b6:a2:3d:71:e5:db:a1:8c:
bf:17:35:80:e6:f1:2e:c9:9a:1f:20:f0:3f:bb:eb:7d:b5:d6:
a9:c0:53:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKz+oySlkE4TyUGtOKZ1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2Q3NTdiNzcwNjdiZWZkOTQ0NjY5NDc0OGFkMmIwNGU5
N2IzOGMwHhcNMjQwMTAyMTIzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJlOTE5YmFmN2Y0NTA3MDFkMmFjM2VmNWM4NjdhN2Q4MDYyOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0FiFbV6Rc9+rhnkClT9NYIVvqMy
3u5er1IHx3FRvMuUhSooIa5XdflSKc1NGFJr26ce7hvft5Y5Mlu3e+uJiu4kV7/2
gayKRbdTFEzNFWrAMx7kZcUi0DaB5IhONN2rPjOusNwaiHU7Ul+99axppeMfQvLX
b74xUfn4sAvGwNIgXwo+a5p+oo2XARyngzcNsvyqRHz1PLGyX6Nn54iF92VKOjVN
bya900CqLDdJ35cnuX5KfWDjQ2ATD78MzX4PaUbe1PxxMxrTaEngiY2skw6dJ8XZ
zd3wf6OZhYXBkO0/dzvvzbd3Btn6urTQtOCBnkWdy+bZ8ZHHn5hxnD8h4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEG+kZuvf0UHAdKsPvXIZ6fYBiixMB8GA1UdIwQY
MBaAFBU9dXt3Bnvv2URmlHSK0rBOl7OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYt
MDE5ZTFmODQwM2RkLzEvUWI2Um02OV9SUWNCMHF3LTljaG5wOWdHS0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84YTk0YjktNzBmZS00NmZmLWE0ZTYtMDE5ZTFmODQwM2Rk
LzEvRlQxMWUzY0dlLV9aUkdhVWRJclNzRTZYczR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUzoMA0E
AgACMAcDBQMqBV3AMA0GCSqGSIb3DQEBCwUAA4IBAQCTd+5nkGHCySfFbD6G1pOA
5MzoUa60W9n8xgqyi70iVmD1JY/Esy43M169E8wzijxxITN8vDMgOl/kvHyWCfch
F28O7oMCbnFM+wHuWI0sVIXr5f5T9g+SxLL8mSX1kvANEw+GB44JMPDCUqVJYdi1
DJe+tCH6ONH3u9jk9bU3vh5rgQlstLpPyRs7BZqpPXEY4kf24RrwdOB0vXL6b2CA
jEynzEMwfREf5/SO9Vi0x6onR1IIMV/2Wf7Xm+ArT2hx93+Cs0Ad59ZOAU8In+pK
YeMoNuqQNieeZ1UTUzFWzxu6tqI9ceXboYy/FzWA5vEuyZofIPA/u+t9tdapwFM6
-----END CERTIFICATE-----
Generated at Tue May 21 02:04:41 2024 by rpki-client on console-fra.rpki-client.org