Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Q7Cj-5aPxeVME_68h1isL89jtZI.roa
File: Q7Cj-5aPxeVME_68h1isL89jtZI.roa (raw, json)
Hash identifier: qjFOZXFzdJbjF7HjxoALXKTxFVsqXw2E6t+aEgtAGAs=
Subject key identifier: 43:B0:A3:FB:96:8F:C5:E5:4C:13:FE:BC:87:58:AC:2F:CF:63:B5:92
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801DE8332F11E25B179B773FCCB0B56
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Q7Cj-5aPxeVME_68h1isL89jtZI.roa
Signing time: Tue 02 Jan 2024 02:30:14 +0000
ROA not before: Tue 02 Jan 2024 02:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197730
IP address blocks: 185.222.43.0/24 maxlen: 24
45.136.184.0/22 maxlen: 24
45.136.185.0/24 maxlen: 24
45.136.186.0/24 maxlen: 24
45.136.187.0/24 maxlen: 24
185.241.58.0/24 maxlen: 24
45.130.181.0/24 maxlen: 24
45.130.183.0/24 maxlen: 24
62.106.75.0/24 maxlen: 24
45.130.182.0/24 maxlen: 24
45.130.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:de:83:32:f1:1e:25:b1:79:b7:73:fc:cb:0b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b0a3fb968fc5e54c13febc8758ac2fcf63b592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1d:a6:2e:f7:6a:cb:02:62:41:0a:75:d2:34:
6f:d2:47:58:d5:17:8c:e5:bd:49:df:cf:92:73:4b:
4d:34:32:ea:13:76:c4:56:b4:0b:49:de:80:61:66:
2a:de:0b:dc:99:0e:8a:cc:fd:7e:60:6f:f9:d5:1e:
6d:e7:39:db:18:20:39:6a:95:ac:1a:27:9a:ff:85:
0e:1c:14:17:42:97:36:58:45:e4:77:3f:72:fd:c1:
9a:a1:47:2b:85:5c:54:51:a7:ad:02:20:2b:7e:52:
2a:60:b3:05:3a:f0:f3:d7:1e:2b:7f:1e:fb:65:2a:
6d:80:4c:e2:51:04:35:68:d2:3a:cc:bf:72:9d:1b:
bc:0d:6c:09:21:a9:99:47:ca:3f:ac:c9:a6:b4:aa:
19:f1:c6:fc:61:56:a7:ec:e8:db:49:b5:f0:55:b8:
9a:c5:63:5b:29:f0:7b:a3:48:a8:2a:0f:30:cd:19:
79:0e:a3:74:89:51:4c:14:29:5b:d7:b1:53:ee:f8:
8a:56:95:3c:7a:d4:cf:ce:d2:94:25:49:4e:9b:55:
f1:7a:f6:d4:a8:0c:5b:f0:d0:5a:aa:ee:38:d1:fc:
81:79:df:1b:81:53:d1:93:21:11:f6:2a:29:3d:8c:
3c:9a:dc:61:21:e5:69:05:17:83:f6:ed:57:ce:61:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:A3:FB:96:8F:C5:E5:4C:13:FE:BC:87:58:AC:2F:CF:63:B5:92
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Q7Cj-5aPxeVME_68h1isL89jtZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.180.0/22
45.136.184.0/22
62.106.75.0/24
185.222.43.0/24
185.241.58.0/24
Signature Algorithm: sha256WithRSAEncryption
51:85:6d:3a:fc:38:ae:72:18:fd:8b:46:17:36:24:a3:50:b2:
90:13:b9:de:2b:da:5a:13:91:fd:5b:02:5e:e4:4a:02:b8:ea:
2f:02:d1:a0:ce:d2:36:72:a2:d6:49:66:a8:32:bb:78:33:7c:
e6:20:10:ba:e4:42:db:85:fb:c9:52:f9:9b:24:12:26:f3:98:
d1:59:25:36:24:b4:6d:59:67:ba:3c:d9:d9:64:00:a4:49:35:
e6:af:fc:14:01:ea:8c:9a:4a:c6:f1:b0:b1:81:03:70:eb:15:
7b:27:3d:c7:fd:e3:d9:65:2b:be:00:60:b3:f4:af:bf:f7:81:
db:1a:67:33:c6:00:99:81:4c:ed:66:92:b8:b9:29:e2:9d:2d:
ac:f9:a8:3e:94:70:ae:59:f7:18:76:62:d9:db:a2:54:93:1d:
fd:81:77:77:7d:7b:59:d3:bb:8b:bc:ed:9a:b9:16:e2:df:be:
b6:4f:96:35:6c:9f:4e:8f:e0:b4:67:75:4b:7f:3b:2e:3b:e6:
02:ba:fa:f8:11:c4:d3:80:21:f8:34:6d:ba:e1:1f:81:e9:b1:
ef:c5:a4:f9:67:94:1b:2c:92:24:fc:01:7c:52:0e:0d:7c:45:
4c:9b:46:85:de:20:44:77:9b:e0:5e:07:c0:32:4f:4c:20:8f:
a9:64:21:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAd6DMvEeJbF5t3P8ywtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IwYTNmYjk2OGZjNWU1NGMxM2ZlYmM4NzU4YWMyZmNmNjNiNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh2mLvdqywJiQQp10jRv0kdY1ReM
5b1J38+Sc0tNNDLqE3bEVrQLSd6AYWYq3gvcmQ6KzP1+YG/51R5t5znbGCA5apWs
Giea/4UOHBQXQpc2WEXkdz9y/cGaoUcrhVxUUaetAiArflIqYLMFOvDz1x4rfx77
ZSptgEziUQQ1aNI6zL9ynRu8DWwJIamZR8o/rMmmtKoZ8cb8YVan7OjbSbXwVbia
xWNbKfB7o0ioKg8wzRl5DqN0iVFMFClb17FT7viKVpU8etTPztKUJUlOm1XxevbU
qAxb8NBaqu440fyBed8bgVPRkyER9iopPYw8mtxhIeVpBReD9u1XzmGtiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEOwo/uWj8XlTBP+vIdYrC/PY7WSMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvUTdDai01YVB4ZVZNRV82OGgxaXNMODlqdFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYK0AwQC
LYi4AwQAPmpLAwQAud4rAwQAufE6MA0GCSqGSIb3DQEBCwUAA4IBAQBRhW06/Diu
chj9i0YXNiSjULKQE7neK9paE5H9WwJe5EoCuOovAtGgztI2cqLWSWaoMrt4M3zm
IBC65ELbhfvJUvmbJBIm85jRWSU2JLRtWWe6PNnZZACkSTXmr/wUAeqMmkrG8bCx
gQNw6xV7Jz3H/ePZZSu+AGCz9K+/94HbGmczxgCZgUztZpK4uSninS2s+ag+lHCu
WfcYdmLZ26JUkx39gXd3fXtZ07uLvO2auRbi3762T5Y1bJ9Oj+C0Z3VLfzsuO+YC
uvr4EcTTgCH4NG264R+B6bHvxaT5Z5QbLJIk/AF8Ug4NfEVMm0aF3iBEd5vgXgfA
Mk9MII+pZCGu
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:52:31 2024 by rpki-client on console-fra.rpki-client.org