Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QbI8w8ZNNaYiHRe_-ufu8yYQTQc.roa
File: QbI8w8ZNNaYiHRe_-ufu8yYQTQc.roa (raw, json)
Hash identifier: 8Rnf9CW1xUTAm29McAhuA8+GNUH44cMk0IDio/wdwNM=
Subject key identifier: 41:B2:3C:C3:C6:4D:35:A6:22:1D:17:BF:FA:E7:EE:F3:26:10:4D:07
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 019242A5B44E218D339E64B72B35B2546FE0
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QbI8w8ZNNaYiHRe_-ufu8yYQTQc.roa
Signing time: Mon 30 Sep 2024 11:16:48 +0000
ROA not before: Mon 30 Sep 2024 11:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
94.124.88.0/21 maxlen: 24
185.94.168.0/22 maxlen: 24
185.103.16.0/22 maxlen: 24
194.50.163.0/24 maxlen: 24
195.216.246.0/24 maxlen: 24
213.132.192.0/19 maxlen: 24
2a00:1bd0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:a5:b4:4e:21:8d:33:9e:64:b7:2b:35:b2:54:6f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Sep 30 11:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b23cc3c64d35a6221d17bffae7eef326104d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:48:69:3b:7c:eb:47:ae:b6:27:39:e1:be:
f1:3a:32:d5:5f:d4:36:69:37:34:41:91:41:fe:97:
f7:a9:86:6c:3c:9d:86:f1:ff:3f:4f:ed:b7:b2:f5:
ec:c4:00:eb:d4:8f:9e:00:84:96:9c:72:f2:a6:b6:
ca:3f:76:1d:36:14:7b:15:66:ce:9d:bf:70:9a:f7:
20:d2:f8:52:f9:39:72:be:70:7d:13:96:5c:53:9a:
fa:83:7b:fc:8e:9e:1f:60:31:15:7d:33:49:15:c4:
8a:36:6a:ec:3e:92:7f:c2:70:45:e2:d7:a0:50:9b:
d2:69:04:73:7e:33:16:a4:7f:4f:7f:48:fa:b7:18:
29:be:80:44:5c:01:56:77:83:9d:df:d5:ab:df:f1:
56:bd:9d:50:11:03:72:c8:96:8b:14:58:9e:63:f7:
9f:2e:bb:65:48:9c:9d:99:08:81:7a:92:95:7a:e9:
14:1e:df:01:4e:92:7d:99:bf:85:28:9b:9c:d3:9a:
30:3d:68:d8:2e:31:e5:72:77:ab:53:d8:d4:51:3b:
b1:21:fb:56:da:2a:f5:ac:30:87:83:46:a7:bf:34:
34:b1:56:65:7a:48:70:29:75:73:53:9e:9a:a7:dc:
14:e2:11:18:e4:2a:ae:a1:a3:99:0a:df:65:a1:ab:
f0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B2:3C:C3:C6:4D:35:A6:22:1D:17:BF:FA:E7:EE:F3:26:10:4D:07
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/QbI8w8ZNNaYiHRe_-ufu8yYQTQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/22
185.103.16.0/22
194.50.163.0/24
195.216.246.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ba:12:22:22:da:57:6c:9e:82:4c:91:77:59:28:a3:e6:ff:
2f:e5:e7:c9:4a:c5:f6:fb:f5:b9:ec:76:0f:04:a8:bb:bf:a6:
0e:76:d5:70:ce:a8:c9:c6:cd:a0:c2:64:d3:13:ef:ad:a4:8b:
c4:34:77:37:0a:d7:56:4a:d4:8c:5f:a3:6b:aa:c2:67:c8:3e:
ca:04:e3:6d:d4:b9:e9:bf:9e:ec:de:13:c9:74:0d:a6:34:88:
a6:0c:f2:d0:e3:4e:f5:cf:61:c8:f0:f0:26:8d:6b:8a:f3:82:
99:56:27:ae:8a:84:f2:e3:04:13:99:c4:62:fd:3e:3f:60:57:
a1:19:5a:c4:66:dd:80:56:3a:d9:15:0f:47:12:dc:0f:32:29:
7e:cf:96:b4:da:0c:6a:ce:96:d7:fc:53:2c:fa:e4:ab:15:0f:
bd:9d:66:a5:3a:aa:f2:99:cc:19:1c:6c:30:69:2f:ff:a9:e4:
ec:26:42:d5:ba:77:3a:7b:2c:27:ac:6b:02:35:81:13:de:39:
1a:cb:8a:70:39:c4:50:f0:65:6c:22:aa:4f:87:60:2d:ca:57:
fc:a0:b1:60:d9:86:f5:ee:4f:06:ca:d2:cb:0d:92:0c:d9:76:
41:ce:9a:04:fb:bd:ac:14:87:20:99:54:d2:9d:5d:fe:d9:2b:
98:94:db:d0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZJCpbROIY0znmS3KzWyVG/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjQwOTMwMTExNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIyM2NjM2M2NGQzNWE2MjIxZDE3YmZmYWU3ZWVmMzI2MTA0ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3dIaTt860eutic54b7xOjLVX9Q2
aTc0QZFB/pf3qYZsPJ2G8f8/T+23svXsxADr1I+eAISWnHLyprbKP3YdNhR7FWbO
nb9wmvcg0vhS+TlyvnB9E5ZcU5r6g3v8jp4fYDEVfTNJFcSKNmrsPpJ/wnBF4teg
UJvSaQRzfjMWpH9Pf0j6txgpvoBEXAFWd4Od39Wr3/FWvZ1QEQNyyJaLFFieY/ef
LrtlSJydmQiBepKVeukUHt8BTpJ9mb+FKJuc05owPWjYLjHlcnerU9jUUTuxIftW
2ir1rDCHg0anvzQ0sVZlekhwKXVzU56ap9wU4hEY5CquoaOZCt9loavwVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEGyPMPGTTWmIh0Xv/rn7vMmEE0HMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvUWJJOHc4Wk5OYVlpSFJlXy11ZnU4eVlRVFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQCuV6oAwQCuWcQAwQAwjKjAwQAw9j2AwQF1YTAMA0E
AgACMAcDBQMqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQAcuhIiItpXbJ6CTJF3WSij
5v8v5efJSsX2+/W57HYPBKi7v6YOdtVwzqjJxs2gwmTTE++tpIvENHc3CtdWStSM
X6NrqsJnyD7KBONt1Lnpv57s3hPJdA2mNIimDPLQ4071z2HI8PAmjWuK84KZVieu
ioTy4wQTmcRi/T4/YFehGVrEZt2AVjrZFQ9HEtwPMil+z5a02gxqzpbX/FMs+uSr
FQ+9nWalOqrymcwZHGwwaS//qeTsJkLVunc6eywnrGsCNYET3jkay4pwOcRQ8GVs
IqpPh2Atylf8oLFg2Yb17k8GytLLDZIM2XZBzpoE+72sFIcgmVTSnV3+2SuYlNvQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:05 2024 by rpki-client on console-fra.rpki-client.org