Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/qgaQnuXEXDIrQDQw-SDuMj4e218.roa
File: qgaQnuXEXDIrQDQw-SDuMj4e218.roa (raw, json)
Hash identifier: WmnSYqhSlbP3ojfWLd9NdkIFU6dgfGJLJucPZv/eQ8U=
Subject key identifier: AA:06:90:9E:E5:C4:5C:32:2B:40:34:30:F9:20:EE:32:3E:1E:DB:5F
Certificate issuer: /CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Certificate serial: 018CC3B672BA9100A53951A4182904FE3463
Authority key identifier: E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/qgaQnuXEXDIrQDQw-SDuMj4e218.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200148
IP address blocks: 185.52.112.0/22 maxlen: 24
185.36.128.0/22 maxlen: 24
85.115.196.0/22 maxlen: 22
194.55.148.0/22 maxlen: 24
188.94.80.0/22 maxlen: 24
2.59.16.0/22 maxlen: 24
185.53.192.0/22 maxlen: 24
5.180.236.0/22 maxlen: 24
185.138.216.0/22 maxlen: 24
185.127.36.0/22 maxlen: 24
185.100.176.0/22 maxlen: 24
212.102.110.0/24 maxlen: 24
185.251.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 00:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:72:ba:91:00:a5:39:51:a4:18:29:04:fe:34:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa06909ee5c45c322b403430f920ee323e1edb5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:27:38:13:f0:29:45:a4:27:d0:98:23:56:de:
fc:e7:44:ee:5d:be:01:a8:16:4b:cc:8d:26:1f:29:
62:d6:e5:67:b3:b5:a4:98:58:cd:be:7a:81:ff:e7:
61:a8:ae:4f:99:a0:de:14:0a:9f:4a:b4:6b:ea:9c:
7e:70:a8:65:9d:c0:b2:77:62:b7:37:5f:e1:42:65:
03:3a:f7:b0:b2:66:3a:0c:89:c5:e3:25:99:3a:2d:
26:22:dd:88:c2:e2:ce:98:d1:26:d6:45:01:e6:3a:
fd:ff:ef:79:a3:cb:74:fe:db:a1:ad:ba:e6:7c:73:
69:ca:17:e1:ee:1e:e3:5d:f9:3e:08:88:45:e7:a7:
46:39:ae:00:e7:f7:6b:c2:65:03:e7:24:e0:8a:f1:
13:72:aa:ee:38:69:52:5e:bd:a8:7a:ef:67:20:4f:
45:0c:8e:78:43:1e:e7:b1:80:58:ee:62:40:26:ea:
46:4b:09:70:fc:0b:4d:b9:e7:22:55:f4:d1:24:56:
27:9a:03:2a:1f:7f:09:76:e3:c0:9f:14:b9:33:51:
81:a6:46:c1:86:2b:b8:8d:43:03:b3:f0:d9:21:48:
44:48:a6:9b:a3:5d:fb:a2:e1:ce:ef:33:88:3d:b2:
73:7b:40:87:3d:67:f5:94:81:b1:da:e4:67:34:df:
a3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:06:90:9E:E5:C4:5C:32:2B:40:34:30:F9:20:EE:32:3E:1E:DB:5F
X509v3 Authority Key Identifier:
keyid:E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/qgaQnuXEXDIrQDQw-SDuMj4e218.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.16.0/22
5.180.236.0/22
85.115.196.0/22
185.36.128.0/22
185.52.112.0/22
185.53.192.0/22
185.100.176.0/22
185.127.36.0/22
185.138.216.0/22
185.251.136.0/22
188.94.80.0/22
194.55.148.0/22
212.102.110.0/24
Signature Algorithm: sha256WithRSAEncryption
25:a8:92:ae:79:cc:f3:c9:04:5a:d5:e6:fc:15:8c:73:c2:8b:
33:de:3d:f8:1a:8d:86:7e:11:d0:1a:a0:07:1b:e4:7b:13:9a:
7d:8e:42:db:cf:0f:07:25:5c:79:25:9e:f4:bd:96:42:c9:e6:
72:2a:1d:a1:c4:72:86:9c:dc:58:14:41:7f:33:23:ee:64:e0:
fa:46:e2:a2:c9:c8:56:ac:92:cf:5f:1b:1d:79:39:b4:f9:8e:
74:0d:d2:14:72:4a:84:88:9b:71:76:5e:6c:b8:4e:4c:9c:62:
0c:92:f9:c7:75:b9:50:5e:73:f6:0f:14:5f:32:0c:63:19:77:
7d:69:f8:0e:66:62:ad:ec:3c:ae:38:0e:6b:6e:ea:dc:bf:7f:
ff:d2:74:ca:8a:09:22:e7:2b:c7:3c:03:85:ba:0f:f4:55:58:
9d:80:20:36:7f:60:5a:1b:bf:26:a2:cf:09:e1:26:7a:bd:b8:
4c:65:71:fd:7d:6b:0f:81:72:a5:c3:05:f3:e4:0c:1e:ff:2f:
fb:6b:19:a7:a4:9a:f2:fd:b5:ce:8b:6d:0a:cf:7e:d9:73:44:
98:92:79:a3:09:7c:0a:e0:7b:5c:d0:52:3a:52:71:45:6e:96:
65:eb:30:54:43:28:31:0d:ef:f5:28:28:24:71:24:70:e7:1d:
9e:82:ef:af
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzDtnK6kQClOVGkGCkE/jRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDJhNDY2NThjMWQwMWJhYzhkNDM5NjFjNmI0OWU3ODhl
M2NjYzMwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA2OTA5ZWU1YzQ1YzMyMmI0MDM0MzBmOTIwZWUzMjNlMWVkYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Sc4E/ApRaQn0JgjVt7850TuXb4B
qBZLzI0mHyli1uVns7WkmFjNvnqB/+dhqK5PmaDeFAqfSrRr6px+cKhlncCyd2K3
N1/hQmUDOvewsmY6DInF4yWZOi0mIt2IwuLOmNEm1kUB5jr9/+95o8t0/tuhrbrm
fHNpyhfh7h7jXfk+CIhF56dGOa4A5/drwmUD5yTgivETcqruOGlSXr2oeu9nIE9F
DI54Qx7nsYBY7mJAJupGSwlw/AtNueciVfTRJFYnmgMqH38JduPAnxS5M1GBpkbB
hiu4jUMDs/DZIUhESKabo137ouHO7zOIPbJze0CHPWf1lIGx2uRnNN+jLQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKoGkJ7lxFwyK0A0MPkg7jI+HttfMB8GA1UdIwQY
MBaAFOhCpGZYwdAbrI1DlhxrSeeI48zDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVLa1psakIwQnVzalVPV0hHdEo1NGpqek1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9jZDA5MmUtNmJlYi00MDM3LThhNWEt
ZmFlOGQ0MmFlNWU1LzEvcWdhUW51WEVYRElyUURRdy1TRHVNajRlMjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9jZDA5MmUtNmJlYi00MDM3LThhNWEtZmFlOGQ0MmFlNWU1
LzEvNkVLa1psakIwQnVzalVPV0hHdEo1NGpqek1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCAjsQAwQC
BbTsAwQCVXPEAwQCuSSAAwQCuTRwAwQCuTXAAwQCuWSwAwQCuX8kAwQCuYrYAwQC
ufuIAwQCvF5QAwQCwjeUAwQA1GZuMA0GCSqGSIb3DQEBCwUAA4IBAQAlqJKueczz
yQRa1eb8FYxzwosz3j34Go2GfhHQGqAHG+R7E5p9jkLbzw8HJVx5JZ70vZZCyeZy
Kh2hxHKGnNxYFEF/MyPuZOD6RuKiychWrJLPXxsdeTm0+Y50DdIUckqEiJtxdl5s
uE5MnGIMkvnHdblQXnP2DxRfMgxjGXd9afgOZmKt7DyuOA5rburcv3//0nTKigki
5yvHPAOFug/0VVidgCA2f2BaG78mos8J4SZ6vbhMZXH9fWsPgXKlwwXz5Awe/y/7
axmnpJry/bXOi20Kz37Zc0SYknmjCXwK4Htc0FI6UnFFbpZl6zBUQygxDe/1KCgk
cSRw5x2egu+v
-----END CERTIFICATE-----
Generated at Wed Jul 3 09:31:19 2024 by rpki-client on console-ams.rpki-client.org