Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/Qc09geRlgtdRLb19_SaAWsPiUOQ.roa
File: Qc09geRlgtdRLb19_SaAWsPiUOQ.roa (raw, json)
Hash identifier: 88uIXIIYEODonyARCb1NVvCOv5DUNHxCewUQbq0aI6E=
Subject key identifier: 41:CD:3D:81:E4:65:82:D7:51:2D:BD:7D:FD:26:80:5A:C3:E2:50:E4
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 018CC801095D182DA92DACB7FF72F145B9BD
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/Qc09geRlgtdRLb19_SaAWsPiUOQ.roa
Signing time: Tue 02 Jan 2024 02:29:20 +0000
ROA not before: Tue 02 Jan 2024 02:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200043
IP address blocks: 185.173.212.0/22 maxlen: 22
185.173.212.0/23 maxlen: 23
185.173.214.0/23 maxlen: 23
185.24.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:09:5d:18:2d:a9:2d:ac:b7:ff:72:f1:45:b9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Jan 2 02:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41cd3d81e46582d7512dbd7dfd26805ac3e250e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:0a:bf:de:54:2d:0d:ad:3b:7a:af:d6:7a:
f3:f3:cf:fc:f2:5d:7d:63:ad:78:b1:65:23:a1:93:
1b:ee:60:64:d9:16:44:90:fa:14:fb:70:cf:9b:d4:
ed:45:0b:f1:88:cd:87:15:68:27:40:dc:8d:d0:62:
e4:33:3e:35:25:96:cc:0c:a0:f6:ea:9d:6a:50:d9:
a1:65:f5:f4:fa:99:c4:80:ca:ec:0f:26:af:04:c2:
a2:32:04:59:4f:b9:cf:ee:9b:91:d5:b4:1b:16:21:
3d:14:01:df:65:5f:9f:b6:a8:18:b3:0d:48:60:38:
2c:8b:9b:68:f7:ca:b2:89:3a:a4:89:cf:2a:47:b4:
e5:06:ca:66:49:39:4c:94:29:72:2a:57:19:2a:42:
6b:e7:52:ef:38:20:41:8b:ab:86:1d:4d:a8:5f:4f:
31:31:24:ca:05:2f:1a:f0:03:af:e6:4d:3b:2a:dc:
3d:b5:c2:6e:b6:9b:4e:05:fa:4b:1e:d8:50:c5:1f:
24:64:98:3f:e2:6f:cc:2d:dd:a5:69:3d:f4:52:c4:
47:98:b7:ca:6b:40:6f:7c:a6:34:bb:2b:a6:1f:34:
cb:e3:07:ab:92:db:a2:58:cd:ce:5e:4b:c0:6f:4d:
40:21:ec:22:8f:6e:63:e4:64:dc:04:81:d0:4d:10:
db:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CD:3D:81:E4:65:82:D7:51:2D:BD:7D:FD:26:80:5A:C3:E2:50:E4
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/Qc09geRlgtdRLb19_SaAWsPiUOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.118.0/23
185.173.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:81:7f:1b:74:14:bc:57:12:41:77:64:f8:fe:2b:c8:22:8e:
3a:8f:a1:10:5d:74:d3:c4:21:6c:da:92:b8:56:9e:68:9b:d6:
ef:7c:1b:c5:83:6e:19:c9:90:99:18:ca:14:b0:63:83:89:2c:
88:a0:38:d8:56:c9:5d:e6:ad:ef:c9:7d:56:b2:a9:f5:c8:cf:
bc:e7:2a:da:fc:3f:12:67:19:e6:c7:fb:f3:66:18:b8:eb:54:
1d:43:da:45:19:a8:73:89:00:4e:f2:f0:3d:f1:ee:a4:12:18:
68:24:de:1b:db:03:b9:7b:93:fd:b2:94:7f:7f:a9:89:85:6c:
26:72:23:90:38:97:a4:85:b4:7c:ce:f1:c0:cb:81:7a:75:38:
60:c5:c6:c2:12:1b:cd:0c:2d:0e:5d:f1:d7:5b:fe:b4:56:84:
d0:11:33:98:52:05:b4:17:44:89:2f:9f:47:2c:47:f2:20:82:
2b:ff:e6:8d:b4:89:74:23:22:12:ee:5f:5e:48:94:4b:16:3d:
3e:65:f8:02:41:c6:0e:50:11:72:20:16:33:94:ad:0c:2a:9b:
21:00:39:b4:05:2e:73:68:e2:8c:f3:fc:0a:29:0f:6d:f1:f6:
9d:dd:60:70:db:b5:79:6c:bd:90:79:60:68:3e:de:78:8b:42:
77:6a:10:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAQldGC2pLay3/3LxRbm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzBiMWRmMGU3YmQwMDA0NWViZTEwMzAyYzMyMGZmYmRi
YTA3MTYwHhcNMjQwMTAyMDIyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNkM2Q4MWU0NjU4MmQ3NTEyZGJkN2RmZDI2ODA1YWMzZTI1MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyQKv95ULQ2tO3qv1nrz88/88l19
Y614sWUjoZMb7mBk2RZEkPoU+3DPm9TtRQvxiM2HFWgnQNyN0GLkMz41JZbMDKD2
6p1qUNmhZfX0+pnEgMrsDyavBMKiMgRZT7nP7puR1bQbFiE9FAHfZV+ftqgYsw1I
YDgsi5to98qyiTqkic8qR7TlBspmSTlMlClyKlcZKkJr51LvOCBBi6uGHU2oX08x
MSTKBS8a8AOv5k07Ktw9tcJutptOBfpLHthQxR8kZJg/4m/MLd2laT30UsRHmLfK
a0BvfKY0uyumHzTL4werktuiWM3OXkvAb01AIewij25j5GTcBIHQTRDbBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHNPYHkZYLXUS29ff0mgFrD4lDkMB8GA1UdIwQY
MBaAFN/Asd8Oe9AARevhAwLDIP+9ugcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2Ut
ZDkyOWUyYjc2ZDY4LzEvUWMwOWdlUmxndGRSTGIxOV9TYUFXc1BpVU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2UtZDkyOWUyYjc2ZDY4
LzEvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuRh2AwQC
ua3UMA0GCSqGSIb3DQEBCwUAA4IBAQC2gX8bdBS8VxJBd2T4/ivIIo46j6EQXXTT
xCFs2pK4Vp5om9bvfBvFg24ZyZCZGMoUsGODiSyIoDjYVsld5q3vyX1Wsqn1yM+8
5yra/D8SZxnmx/vzZhi461QdQ9pFGahziQBO8vA98e6kEhhoJN4b2wO5e5P9spR/
f6mJhWwmciOQOJekhbR8zvHAy4F6dThgxcbCEhvNDC0OXfHXW/60VoTQETOYUgW0
F0SJL59HLEfyIIIr/+aNtIl0IyIS7l9eSJRLFj0+ZfgCQcYOUBFyIBYzlK0MKpsh
ADm0BS5zaOKM8/wKKQ9t8fad3WBw27V5bL2QeWBoPt54i0J3ahAo
-----END CERTIFICATE-----
Generated at Sun May 19 20:44:47 2024 by rpki-client on console-fra.rpki-client.org