Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/QIwEeHs3_07u1iGrO9NiKZeUEMA.roa
File: QIwEeHs3_07u1iGrO9NiKZeUEMA.roa (raw, json)
Hash identifier: i5c6XVbqaGTWI6n1PBcWUqRZ4SnVBESV3EI5zqN31P8=
Subject key identifier: 40:8C:04:78:7B:37:FF:4E:EE:D6:21:AB:3B:D3:62:29:97:94:10:C0
Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Certificate serial: 018CC649A26A29BDACA6BD2F209A53FD1879
Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/QIwEeHs3_07u1iGrO9NiKZeUEMA.roa
Signing time: Mon 01 Jan 2024 18:29:23 +0000
ROA not before: Mon 01 Jan 2024 18:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51013
IP address blocks: 185.140.108.0/24 maxlen: 24
193.32.233.0/24 maxlen: 24
193.32.232.0/22 maxlen: 24
193.32.232.0/24 maxlen: 24
193.32.235.0/24 maxlen: 24
193.32.234.0/24 maxlen: 24
92.118.24.0/22 maxlen: 22
185.111.89.0/24 maxlen: 24
185.111.91.0/24 maxlen: 24
185.111.88.0/24 maxlen: 24
185.111.88.0/22 maxlen: 24
185.111.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jul 2024 10:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:a2:6a:29:bd:ac:a6:bd:2f:20:9a:53:fd:18:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Validity
Not Before: Jan 1 18:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=408c04787b37ff4eeed621ab3bd36229979410c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:68:88:42:60:5a:9c:bd:54:45:96:85:c6:aa:
cb:03:6c:56:73:e3:8f:95:d2:1c:b7:fd:13:49:fe:
2d:58:be:d0:1f:59:02:7f:97:f0:0b:4f:5e:76:a9:
93:b1:17:26:bc:71:12:c5:b4:73:d5:7a:33:e4:d4:
d9:5f:ce:cc:54:fd:29:a5:1e:19:44:f5:7d:d4:d9:
c6:8b:24:b5:ce:44:29:14:e6:cf:8c:ec:73:ee:37:
de:00:34:df:23:0e:5a:da:30:30:6a:2e:00:58:88:
d4:ff:09:44:33:be:39:63:c0:08:05:15:d2:82:f5:
7e:bc:7c:e3:27:3b:12:48:4a:57:d1:e9:d7:b2:cc:
56:a1:85:0d:04:e6:2d:d0:41:1c:c4:43:45:4c:12:
37:d7:91:8f:3c:1a:f9:51:88:c3:d8:02:8f:c9:89:
56:19:ae:8b:61:03:cb:e2:ca:f6:2f:66:4c:3b:26:
b3:cd:5e:ef:cf:3b:0f:05:51:c6:ab:e4:e4:19:61:
2f:ac:46:31:e4:3b:74:e4:ec:7e:00:f6:fb:ae:83:
40:de:c6:2c:22:89:9d:d3:71:b9:59:d4:1f:b7:72:
56:70:e4:5a:1e:8f:a7:53:80:6d:ff:8a:86:b6:fb:
fe:37:09:df:d0:fd:2f:4f:4e:72:a0:b5:1b:c9:ea:
f8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:8C:04:78:7B:37:FF:4E:EE:D6:21:AB:3B:D3:62:29:97:94:10:C0
X509v3 Authority Key Identifier:
keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/QIwEeHs3_07u1iGrO9NiKZeUEMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.24.0/22
185.111.88.0/22
185.140.108.0/24
193.32.232.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ef:83:5c:81:0f:1b:cd:0e:ff:1c:22:1f:91:38:cc:48:aa:
8b:85:60:35:7e:dc:f0:4b:88:94:f5:b8:c4:17:a5:35:f2:13:
73:dc:7e:d2:cd:74:81:93:b4:2c:bb:67:6c:80:be:f9:68:fd:
c8:f3:a8:11:15:0f:df:cd:51:03:5c:5a:2c:c6:52:f7:02:9b:
9e:38:bf:16:c4:16:b5:5d:ed:8c:44:3a:ff:69:61:1d:61:cc:
39:c8:2c:9c:2b:83:11:04:e2:36:10:d1:f4:08:54:9f:a9:ce:
27:e3:52:ac:12:17:95:84:a1:2b:2f:27:33:f3:ca:08:15:0c:
d1:9d:26:4f:81:c6:80:88:2c:78:3f:10:0d:24:f9:7e:be:10:
bf:ec:2f:97:f2:5b:9a:3d:82:9b:04:f1:fc:f6:27:7f:b7:8b:
3e:39:e3:66:9a:0b:ba:3c:05:bc:91:a3:60:09:9b:06:5a:e1:
24:c7:16:36:ee:a0:c4:c9:55:59:9b:8d:75:e4:01:1a:0b:04:
0b:0f:01:e6:5d:fd:7a:94:54:80:32:19:44:eb:72:7a:7a:d1:
51:bb:d0:9b:9b:4f:1e:c3:46:76:cb:74:c3:b7:12:66:eb:a0:
79:f9:8a:8d:55:84:c5:6c:79:e7:66:eb:98:79:26:e3:c9:1a:
ae:07:f0:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSaJqKb2spr0vIJpT/Rh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl
MTE5MDgwHhcNMjQwMTAxMTgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDhjMDQ3ODdiMzdmZjRlZWVkNjIxYWIzYmQzNjIyOTk3OTQxMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWiIQmBanL1URZaFxqrLA2xWc+OP
ldIct/0TSf4tWL7QH1kCf5fwC09edqmTsRcmvHESxbRz1Xoz5NTZX87MVP0ppR4Z
RPV91NnGiyS1zkQpFObPjOxz7jfeADTfIw5a2jAwai4AWIjU/wlEM745Y8AIBRXS
gvV+vHzjJzsSSEpX0enXssxWoYUNBOYt0EEcxENFTBI315GPPBr5UYjD2AKPyYlW
Ga6LYQPL4sr2L2ZMOyazzV7vzzsPBVHGq+TkGWEvrEYx5Dt05Ox+APb7roNA3sYs
Iomd03G5WdQft3JWcORaHo+nU4Bt/4qGtvv+Nwnf0P0vT05yoLUbyer4kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFECMBHh7N/9O7tYhqzvTYimXlBDAMB8GA1UdIwQY
MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt
ZmE3NWNiZTliZWFkLzEvUUl3RWVIczNfMDd1MWlHck85TmlLWmVVRU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjItZmE3NWNiZTliZWFk
LzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCXHYYAwQC
uW9YAwQAuYxsAwQCwSDoMA0GCSqGSIb3DQEBCwUAA4IBAQAF74NcgQ8bzQ7/HCIf
kTjMSKqLhWA1ftzwS4iU9bjEF6U18hNz3H7SzXSBk7Qsu2dsgL75aP3I86gRFQ/f
zVEDXFosxlL3ApueOL8WxBa1Xe2MRDr/aWEdYcw5yCycK4MRBOI2ENH0CFSfqc4n
41KsEheVhKErLycz88oIFQzRnSZPgcaAiCx4PxANJPl+vhC/7C+X8luaPYKbBPH8
9id/t4s+OeNmmgu6PAW8kaNgCZsGWuEkxxY27qDEyVVZm4115AEaCwQLDwHmXf16
lFSAMhlE63J6etFRu9Cbm08ew0Z2y3TDtxJm66B5+YqNVYTFbHnnZuuYeSbjyRqu
B/Dx
-----END CERTIFICATE-----
Generated at Mon Jul 8 17:24:55 2024 by rpki-client on console-ams.rpki-client.org