Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Q4b1Nst-lgI9ICoENbB6a4cpbPA.roa
File: Q4b1Nst-lgI9ICoENbB6a4cpbPA.roa (raw, json)
Hash identifier: 9kEo9nbGhbQEFY0sQoi7yUV3oZwV22SAI22V2BXJx7Y=
Subject key identifier: 43:86:F5:36:CB:7E:96:02:3D:20:2A:04:35:B0:7A:6B:87:29:6C:F0
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018ED701DB12F99D6DDA1039230B72EA6599
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Q4b1Nst-lgI9ICoENbB6a4cpbPA.roa
Signing time: Sat 13 Apr 2024 10:30:06 +0000
ROA not before: Sat 13 Apr 2024 10:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47256
IP address blocks: 212.22.68.0/24 maxlen: 24
212.22.76.0/24 maxlen: 24
212.22.80.0/24 maxlen: 24
212.22.82.0/24 maxlen: 24
212.22.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 14:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:01:db:12:f9:9d:6d:da:10:39:23:0b:72:ea:65:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Apr 13 10:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4386f536cb7e96023d202a0435b07a6b87296cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2c:b2:8e:93:d3:56:ef:05:42:30:56:9d:cf:
68:39:a1:6e:82:3b:52:40:bf:64:73:0a:a7:72:9a:
8d:88:28:ba:c0:14:a4:bc:45:83:fc:59:54:1d:4c:
d3:9d:e4:d9:c9:52:8a:5d:0d:d4:fe:06:a3:31:9a:
cf:ae:77:74:2f:93:74:aa:c7:20:fb:6c:09:53:65:
5c:79:66:83:41:dc:25:a5:c2:c4:5c:84:26:27:9b:
69:0d:57:24:69:46:75:38:3f:12:80:35:ef:02:6b:
06:d4:cd:a2:48:c5:57:0d:a7:b8:6e:44:65:b1:10:
19:7b:c2:b9:04:c5:a6:77:e4:b1:63:ce:5f:20:57:
9d:84:07:87:e7:da:32:29:50:62:6e:63:6e:5a:f6:
a7:aa:b8:b4:4f:97:69:c7:5a:33:0f:fe:ee:a5:0d:
64:24:39:b5:6a:55:04:37:3e:39:3f:a1:28:d6:89:
fa:09:70:ca:49:75:c6:e6:16:9b:16:d7:cd:5d:47:
21:8d:3a:90:3b:5b:16:12:f1:25:e3:3f:88:22:36:
3b:bc:e9:57:a0:7f:de:d4:87:3d:fa:e3:4c:b7:34:
db:f8:12:34:42:17:f0:5b:2e:67:09:8b:b8:dd:98:
ff:13:f5:9c:fd:ec:dd:a6:18:db:da:4a:eb:f9:8c:
ba:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:86:F5:36:CB:7E:96:02:3D:20:2A:04:35:B0:7A:6B:87:29:6C:F0
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Q4b1Nst-lgI9ICoENbB6a4cpbPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.68.0/24
212.22.76.0/24
212.22.80.0/24
212.22.82.0/24
212.22.86.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:46:1e:de:8e:7d:9c:22:1e:93:88:59:02:7a:0e:05:63:4f:
4e:df:9c:8a:cd:88:4d:b8:d3:ec:d0:f4:5d:4f:b5:3b:5c:ba:
a1:ef:e4:f9:65:c3:6f:ce:da:a7:b3:a3:64:4d:03:8f:ca:e6:
e8:f1:e9:e7:4f:6f:38:f0:59:41:f4:c4:35:75:af:e2:e9:1c:
d4:06:d1:35:36:c3:90:77:15:5f:0b:c5:fa:9e:bd:da:e5:09:
e0:52:0a:66:ab:cd:96:a1:cc:bb:0d:39:74:46:6c:98:1b:89:
83:0b:76:90:f4:64:7b:06:06:97:49:08:2e:61:72:ff:8f:a7:
56:7b:97:7a:d5:9c:9f:1d:16:c7:32:f6:44:37:4e:df:0a:15:
94:99:8f:b8:cb:64:e4:77:0c:82:c6:09:4b:04:2a:cc:0e:65:
a2:2f:c1:6f:46:b7:1b:8a:a2:87:29:ba:db:cc:5a:e6:87:3f:
ba:aa:51:e8:45:d8:0d:df:13:2c:2b:77:0f:be:d5:9f:04:9e:
8b:aa:f5:e6:eb:b6:3d:52:ae:f9:68:c8:1f:d6:a6:b0:cb:21:
bc:b2:24:b4:4d:6d:33:3b:e2:19:c3:87:af:db:87:ff:31:af:
00:4c:94:54:df:13:4b:f9:f0:e4:0f:d9:18:ee:66:94:7f:a7:
42:4e:c1:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7XAdsS+Z1t2hA5Iwty6mWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwNDEzMTAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg2ZjUzNmNiN2U5NjAyM2QyMDJhMDQzNWIwN2E2Yjg3Mjk2Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyyyjpPTVu8FQjBWnc9oOaFugjtS
QL9kcwqncpqNiCi6wBSkvEWD/FlUHUzTneTZyVKKXQ3U/gajMZrPrnd0L5N0qscg
+2wJU2VceWaDQdwlpcLEXIQmJ5tpDVckaUZ1OD8SgDXvAmsG1M2iSMVXDae4bkRl
sRAZe8K5BMWmd+SxY85fIFedhAeH59oyKVBibmNuWvanqri0T5dpx1ozD/7upQ1k
JDm1alUENz45P6Eo1on6CXDKSXXG5habFtfNXUchjTqQO1sWEvEl4z+IIjY7vOlX
oH/e1Ic9+uNMtzTb+BI0QhfwWy5nCYu43Zj/E/Wc/ezdphjb2krr+Yy61QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEOG9TbLfpYCPSAqBDWwemuHKWzwMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvUTRiMU5zdC1sZ0k5SUNvRU5iQjZhNGNwYlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA1BZEAwQA
1BZMAwQA1BZQAwQA1BZSAwQA1BZWMA0GCSqGSIb3DQEBCwUAA4IBAQAMRh7ejn2c
Ih6TiFkCeg4FY09O35yKzYhNuNPs0PRdT7U7XLqh7+T5ZcNvztqns6NkTQOPyubo
8ennT2848FlB9MQ1da/i6RzUBtE1NsOQdxVfC8X6nr3a5QngUgpmq82Wocy7DTl0
RmyYG4mDC3aQ9GR7BgaXSQguYXL/j6dWe5d61ZyfHRbHMvZEN07fChWUmY+4y2Tk
dwyCxglLBCrMDmWiL8FvRrcbiqKHKbrbzFrmhz+6qlHoRdgN3xMsK3cPvtWfBJ6L
qvXm67Y9Uq75aMgf1qawyyG8siS0TW0zO+IZw4ev24f/Ma8ATJRU3xNL+fDkD9kY
7maUf6dCTsE5
-----END CERTIFICATE-----
Generated at Thu May 23 20:04:46 2024 by rpki-client on console-fra.rpki-client.org