Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa
File: rqcprmzdb21AcslhKy_XHKzZ0sY.roa (raw, json)
Hash identifier: SGn+bCiLM0FUhIgi2fEbaIRjwlATWDPi0RXnb/3+RqM=
Subject key identifier: AE:A7:29:AE:6C:DD:6F:6D:40:72:C9:61:2B:2F:D7:1C:AC:D9:D2:C6
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018D30FEF62266B746370B9CCF641ACE71B1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa
Signing time: Mon 22 Jan 2024 11:47:11 +0000
ROA not before: Mon 22 Jan 2024 11:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206077
IP address blocks: 45.80.81.0/24 maxlen: 24
185.226.192.0/23 maxlen: 24
201.49.191.0/24 maxlen: 24
217.26.188.0/22 maxlen: 22
217.26.188.0/23 maxlen: 23
217.26.188.0/24 maxlen: 24
217.26.189.0/24 maxlen: 24
217.76.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:fe:f6:22:66:b7:46:37:0b:9c:cf:64:1a:ce:71:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 22 11:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aea729ae6cdd6f6d4072c9612b2fd71cacd9d2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6e:58:f0:e2:27:a3:60:4d:d1:a6:28:3a:4a:
ae:13:d2:3c:8a:50:00:01:19:ad:a1:16:37:fd:eb:
1a:9e:bf:ec:04:8b:02:9c:07:1e:cd:eb:5c:d7:ed:
ec:38:dd:81:b5:51:13:9d:7a:eb:ae:ca:2f:87:18:
60:e2:53:3a:d1:27:c0:d7:0c:fc:c0:37:92:4d:64:
e8:1f:8e:26:2a:39:99:92:21:55:00:58:2a:96:8f:
a7:ab:3a:31:b3:34:f1:4e:c2:5c:f3:67:ad:5c:ba:
5e:41:1d:2a:67:3a:05:d2:18:bd:e7:bc:89:00:b3:
6d:fc:45:0c:80:f1:73:23:7c:52:e4:c7:6b:e6:f4:
b9:ff:c2:4b:c3:81:30:37:61:da:b9:4f:fc:7e:01:
e8:bc:cb:d8:ba:d8:b5:77:eb:5e:b3:e3:07:f3:8e:
52:d7:7b:09:4c:e6:04:ec:af:3c:fe:70:66:a4:71:
d8:3b:ce:66:35:a6:bd:30:58:df:66:6d:21:5d:67:
a3:05:04:b9:84:1f:9c:38:f2:e7:fd:f3:e0:ab:a2:
80:8e:9d:1e:48:24:9b:ae:bf:c6:c6:ba:a9:6d:aa:
09:ec:8b:01:e0:fb:9a:f9:c8:0e:3c:c6:db:17:ae:
cd:09:a5:5a:aa:0e:87:c6:a1:92:17:24:86:5d:16:
e1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A7:29:AE:6C:DD:6F:6D:40:72:C9:61:2B:2F:D7:1C:AC:D9:D2:C6
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.81.0/24
185.226.192.0/23
201.49.191.0/24
217.26.188.0/22
217.76.252.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b1:72:ff:e2:38:71:f7:e5:4b:13:fe:bf:ac:d7:a6:6a:6a:
b5:97:f5:ad:c7:5c:d0:da:0f:2f:20:24:7a:6a:41:aa:e9:29:
09:66:30:b9:66:80:60:2c:c2:33:bf:59:06:52:2f:e5:71:82:
24:ad:44:bc:4a:5b:01:bc:d2:6f:c2:e9:c0:96:da:f1:2a:50:
9a:f7:36:ff:c2:49:ec:a5:d3:19:d5:48:cd:ab:ae:ea:b1:6c:
c4:e9:35:ec:a7:89:2f:94:86:a5:9f:46:56:e9:7a:6a:f4:07:
a1:ca:04:23:10:b2:72:17:ba:73:7e:26:f5:58:87:bf:26:46:
fd:de:fa:c7:50:24:00:87:a3:26:0e:8e:73:5c:0e:16:2d:e6:
67:75:e2:a8:d5:c3:0d:30:98:e3:df:f5:1e:52:75:ad:87:27:
3d:dd:d4:49:8a:2d:d1:49:76:58:2a:fa:2d:0e:68:e7:78:2d:
c6:7c:95:7f:cf:3b:03:f5:62:ce:49:1e:f7:77:c7:c2:09:97:
bc:ad:95:57:bf:79:18:8a:94:a7:ae:af:f4:4a:08:3f:2d:58:
a0:59:a2:93:ea:6c:24:da:60:bd:de:2e:0c:bc:da:93:68:0f:
c0:e8:ca:ef:3d:4d:98:70:66:8d:0e:f0:8d:ad:11:e5:87:1d:
ea:32:09:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0w/vYiZrdGNwucz2QaznGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTIyMTE0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE3MjlhZTZjZGQ2ZjZkNDA3MmM5NjEyYjJmZDcxY2FjZDlkMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW5Y8OIno2BN0aYoOkquE9I8ilAA
ARmtoRY3/esanr/sBIsCnAcezetc1+3sON2BtVETnXrrrsovhxhg4lM60SfA1wz8
wDeSTWToH44mKjmZkiFVAFgqlo+nqzoxszTxTsJc82etXLpeQR0qZzoF0hi957yJ
ALNt/EUMgPFzI3xS5Mdr5vS5/8JLw4EwN2HauU/8fgHovMvYuti1d+tes+MH845S
13sJTOYE7K88/nBmpHHYO85mNaa9MFjfZm0hXWejBQS5hB+cOPLn/fPgq6KAjp0e
SCSbrr/GxrqpbaoJ7IsB4Pua+cgOPMbbF67NCaVaqg6HxqGSFySGXRbhOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK6nKa5s3W9tQHLJYSsv1xys2dLGMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvcnFjcHJtemRiMjFBY3NsaEt5X1hIS3paMHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVBRAwQB
ueLAAwQAyTG/AwQC2Rq8AwQA2Uz8MA0GCSqGSIb3DQEBCwUAA4IBAQARsXL/4jhx
9+VLE/6/rNemamq1l/Wtx1zQ2g8vICR6akGq6SkJZjC5ZoBgLMIzv1kGUi/lcYIk
rUS8SlsBvNJvwunAltrxKlCa9zb/wknspdMZ1UjNq67qsWzE6TXsp4kvlIaln0ZW
6Xpq9AehygQjELJyF7pzfib1WIe/Jkb93vrHUCQAh6MmDo5zXA4WLeZndeKo1cMN
MJjj3/UeUnWthyc93dRJii3RSXZYKvotDmjneC3GfJV/zzsD9WLOSR73d8fCCZe8
rZVXv3kYipSnrq/0Sgg/LVigWaKT6mwk2mC93i4MvNqTaA/A6MrvPU2YcGaNDvCN
rRHlhx3qMgn/
-----END CERTIFICATE-----
Generated at Fri May 3 02:23:15 2024 by rpki-client on console-fra.rpki-client.org