Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qteH8KrgGEEjor7apRq8L3ZTnAo.roa
File: qteH8KrgGEEjor7apRq8L3ZTnAo.roa (raw, json)
Hash identifier: hh4ib91TPJI+8ENLblwc+4EYcUV87DdSH8iCHL1TlDQ=
Subject key identifier: AA:D7:87:F0:AA:E0:18:41:23:A2:BE:DA:A5:1A:BC:2F:76:53:9C:0A
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 018F1272DD1D02A137ED98A944668B3A1295
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qteH8KrgGEEjor7apRq8L3ZTnAo.roa
Signing time: Wed 24 Apr 2024 23:31:08 +0000
ROA not before: Wed 24 Apr 2024 23:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35661
IP address blocks: 45.157.116.0/22 maxlen: 24
185.10.16.0/22 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
194.147.97.0/24 maxlen: 24
194.147.105.0/24 maxlen: 24
194.147.109.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
2a0d:e680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:12:72:dd:1d:02:a1:37:ed:98:a9:44:66:8b:3a:12:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Apr 24 23:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aad787f0aae0184123a2bedaa51abc2f76539c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7b:13:6a:b6:a9:76:2e:86:66:0f:07:ec:db:
62:e2:db:fe:b8:22:6e:47:de:fe:4f:fb:53:4f:21:
97:2d:28:07:f6:78:25:ce:a0:81:d6:90:b4:d3:a5:
86:65:65:00:45:51:2c:b4:17:92:59:b5:d4:de:31:
ae:17:fa:cb:98:59:7c:35:87:4a:66:37:20:0e:63:
3b:c1:02:1f:b8:49:1e:84:6d:b0:cc:2e:d7:00:f5:
70:41:d1:6a:78:45:04:bc:70:7e:8f:80:3b:78:76:
4b:2e:18:6a:67:5e:92:59:b4:e1:75:ed:d7:06:f9:
a3:90:3c:c9:15:8a:10:08:a8:15:6d:09:39:ec:8d:
71:56:f9:97:8e:7f:c5:b1:56:dd:05:5a:64:ed:b9:
23:46:09:45:0c:30:83:dc:9b:c7:df:5a:4e:45:21:
1e:cf:62:71:04:3b:99:e2:de:a0:c3:07:32:91:90:
ee:b5:58:fb:7a:b5:c2:c3:c2:84:be:bb:e6:cc:48:
38:df:dc:d9:af:7c:7e:7f:88:ad:35:31:44:65:af:
48:bf:1e:52:03:c0:88:2f:a1:a5:df:37:58:28:3c:
d3:93:eb:fd:bd:4e:d8:e4:7b:f9:1c:f8:ce:d4:4b:
83:bb:b0:85:ff:6b:18:c7:ba:89:f5:20:30:b3:e3:
fd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D7:87:F0:AA:E0:18:41:23:A2:BE:DA:A5:1A:BC:2F:76:53:9C:0A
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/qteH8KrgGEEjor7apRq8L3ZTnAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
194.147.105.0/24
194.147.109.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/32
Signature Algorithm: sha256WithRSAEncryption
a4:00:af:66:ca:07:99:03:be:8e:a2:a5:a9:17:79:a1:92:a7:
b6:55:20:d7:c7:e3:6d:d7:a6:c2:9b:ad:bf:a6:24:49:28:a8:
35:17:43:d6:78:3a:75:ef:a6:21:cb:61:24:26:47:15:33:0e:
d6:b6:ba:2c:91:08:62:46:a5:a6:69:00:53:8f:97:8c:5b:18:
3f:1e:42:f2:e4:b9:d6:ad:d1:a4:89:4f:7d:ba:aa:c7:eb:08:
86:b9:a9:97:79:f0:23:41:7a:9b:41:1f:cd:8c:83:46:91:2b:
53:a3:ca:99:f6:ce:09:e6:68:6b:2c:61:cc:a5:5b:49:3d:19:
33:ee:c8:12:9c:fa:ee:4b:b6:14:24:24:de:b6:96:70:b7:98:
34:dd:21:5b:3a:49:6c:50:e0:86:c0:3c:cc:d0:fc:e4:ea:bc:
c8:b9:e3:e6:61:74:e9:ae:b1:9e:1c:21:34:1d:31:cb:4e:03:
8f:c6:0d:b5:e8:39:5d:1d:a6:24:a5:5d:f2:7d:10:50:27:55:
cb:79:fb:72:e5:dc:b6:64:43:db:12:d4:cc:7b:01:08:8b:51:
ed:65:18:03:28:7b:0f:77:e0:15:b2:58:e0:dc:05:86:79:d2:
f8:d6:05:b8:e4:92:c1:64:35:b5:ff:05:90:32:f0:31:db:96:
00:fa:15:b8
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY8Sct0dAqE37ZipRGaLOhKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjQwNDI0MjMzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ3ODdmMGFhZTAxODQxMjNhMmJlZGFhNTFhYmMyZjc2NTM5YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinsTarapdi6GZg8H7Nti4tv+uCJu
R97+T/tTTyGXLSgH9nglzqCB1pC006WGZWUARVEstBeSWbXU3jGuF/rLmFl8NYdK
ZjcgDmM7wQIfuEkehG2wzC7XAPVwQdFqeEUEvHB+j4A7eHZLLhhqZ16SWbThde3X
BvmjkDzJFYoQCKgVbQk57I1xVvmXjn/FsVbdBVpk7bkjRglFDDCD3JvH31pORSEe
z2JxBDuZ4t6gwwcykZDutVj7erXCw8KEvrvmzEg439zZr3x+f4itNTFEZa9Ivx5S
A8CIL6Gl3zdYKDzTk+v9vU7Y5Hv5HPjO1EuDu7CF/2sYx7qJ9SAws+P93QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKrXh/Cq4BhBI6K+2qUavC92U5wKMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvcXRlSDhLcmdHRUVqb3I3YXBScThMM1pUbkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQCLZ10AwQC
uQoQAwQCuZqYAwQAvNYYAwQAwpNhAwQAwpNpAwQAwpNtMBsEAgACMBUDBQAqA1hA
AwUDKgeNwAMFACoN5oAwDQYJKoZIhvcNAQELBQADggEBAKQAr2bKB5kDvo6ipakX
eaGSp7ZVINfH423XpsKbrb+mJEkoqDUXQ9Z4OnXvpiHLYSQmRxUzDta2uiyRCGJG
paZpAFOPl4xbGD8eQvLkudat0aSJT326qsfrCIa5qZd58CNBeptBH82Mg0aRK1Oj
ypn2zgnmaGssYcylW0k9GTPuyBKc+u5LthQkJN62lnC3mDTdIVs6SWxQ4IbAPMzQ
/OTqvMi54+ZhdOmusZ4cITQdMctOA4/GDbXoOV0dpiSlXfJ9EFAnVct5+3Ll3LZk
Q9sS1Mx7AQiLUe1lGAMoew934BWyWODcBYZ50vjWBbjkksFkNbX/BZAy8DHblgD6
Fbg=
-----END CERTIFICATE-----
Generated at Sun May 19 18:38:33 2024 by rpki-client on console-ams.rpki-client.org