Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/qRQJ0SQ_f3Rvasa3AfzSu5I9wRI.roa
File: qRQJ0SQ_f3Rvasa3AfzSu5I9wRI.roa (raw, json)
Hash identifier: oRutdqHwqPnSDcqjcBMU6gUFwIvBs8PWS+2lRpzlbFA=
Subject key identifier: A9:14:09:D1:24:3F:7F:74:6F:6A:C6:B7:01:FC:D2:BB:92:3D:C1:12
Certificate issuer: /CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Certificate serial: 018CC9BCFD6DC64ABEF2A41CFDBA072CE676
Authority key identifier: 3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/qRQJ0SQ_f3Rvasa3AfzSu5I9wRI.roa
Signing time: Tue 02 Jan 2024 10:34:15 +0000
ROA not before: Tue 02 Jan 2024 10:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35320
IP address blocks: 185.12.140.0/23 maxlen: 23
80.93.112.0/20 maxlen: 20
78.154.160.0/19 maxlen: 19
2a02:5f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fd:6d:c6:4a:be:f2:a4:1c:fd:ba:07:2c:e6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Validity
Not Before: Jan 2 10:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a91409d1243f7f746f6ac6b701fcd2bb923dc112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:32:93:74:02:8a:3e:c4:0f:64:6c:c2:f6:ae:
88:f0:d8:0b:da:a7:43:89:75:fa:42:e0:f6:4e:90:
ce:cf:84:48:52:96:ab:35:13:4f:0d:23:30:62:09:
6f:14:a4:27:65:3a:93:1b:56:a7:9c:4c:7d:6e:64:
e4:be:a0:3c:32:3f:54:58:18:82:13:92:50:a4:87:
7d:fb:be:12:e2:d8:a7:e5:2b:35:15:e3:17:f8:24:
d2:df:d1:8a:dd:cf:bf:af:dc:22:69:10:a6:2e:08:
18:61:bd:77:cc:83:6b:3a:63:4b:e7:fc:21:44:61:
8e:8c:4e:c7:ef:12:c3:14:41:07:dd:93:df:17:d6:
7b:30:e0:12:9f:2d:9d:ba:b3:2d:34:ba:0d:49:24:
1c:4e:e7:83:72:1a:25:d7:13:8f:cd:4a:46:97:b6:
83:4b:74:9a:78:f0:b1:58:08:3b:ca:53:04:28:16:
4e:d8:5e:d2:77:ab:d9:ae:44:20:c0:98:e7:28:01:
70:a0:b9:dd:67:58:c6:c6:ee:70:2a:7e:0c:29:2f:
a2:aa:18:28:95:dc:d0:d9:e4:00:d4:41:f2:cb:7b:
6b:43:db:5d:93:6f:ff:dd:23:40:f2:81:c0:94:8f:
1c:5c:16:ff:f8:8d:20:2a:ce:82:f1:32:2d:c9:1c:
8f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:14:09:D1:24:3F:7F:74:6F:6A:C6:B7:01:FC:D2:BB:92:3D:C1:12
X509v3 Authority Key Identifier:
keyid:3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/qRQJ0SQ_f3Rvasa3AfzSu5I9wRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.154.160.0/19
80.93.112.0/20
185.12.140.0/23
IPv6:
2a02:5f0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:d8:d2:95:25:6e:55:04:5d:72:3f:7f:84:6f:58:f0:1b:56:
32:09:6e:6b:b1:7a:ed:22:9e:d7:25:1d:88:98:29:89:d0:a4:
86:52:d7:ac:6e:44:72:18:5b:20:3d:43:59:e9:82:0f:9c:aa:
43:89:83:66:be:0b:fa:62:6c:4b:58:99:97:4d:6f:7c:6b:c8:
bc:75:b7:1b:9c:02:d5:05:a4:5e:7b:76:99:ce:b0:cc:9e:22:
f0:a2:f4:4f:0a:73:fc:47:25:6f:ac:43:79:39:39:52:86:5c:
44:2e:d5:df:3c:a3:87:df:33:34:d6:ae:8e:e7:f8:73:c5:09:
42:d3:ae:7c:d9:d9:04:3c:f8:6e:7d:19:cd:99:a1:eb:e4:7a:
b1:a9:2d:47:ae:1b:c3:df:8a:46:27:3c:ca:f5:6f:48:6f:97:
d9:b7:1e:1f:a6:5c:44:ce:61:0a:e8:e1:7f:a0:bd:a7:2e:b9:
46:57:30:a3:9e:ae:a6:09:69:8c:b9:65:50:95:c4:a8:46:10:
07:94:9c:c8:15:bc:c0:95:87:f4:3d:e5:21:a2:05:f0:08:8f:
3a:0e:9f:bb:40:04:96:43:46:7d:82:c4:bf:36:51:2e:ab:c3:
5f:84:c4:fe:b1:74:58:ef:44:49:92:5c:03:f0:20:42:67:e3:
02:1b:ac:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvP1txkq+8qQc/boHLOZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMGEyODdiZWE5MjU4OGZjNWRhZTRmOTNmYjI1NjI4ZjMy
ZDE5NmQwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTE0MDlkMTI0M2Y3Zjc0NmY2YWM2YjcwMWZjZDJiYjkyM2RjMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDKTdAKKPsQPZGzC9q6I8NgL2qdD
iXX6QuD2TpDOz4RIUparNRNPDSMwYglvFKQnZTqTG1annEx9bmTkvqA8Mj9UWBiC
E5JQpId9+74S4tin5Ss1FeMX+CTS39GK3c+/r9wiaRCmLggYYb13zINrOmNL5/wh
RGGOjE7H7xLDFEEH3ZPfF9Z7MOASny2durMtNLoNSSQcTueDchol1xOPzUpGl7aD
S3SaePCxWAg7ylMEKBZO2F7Sd6vZrkQgwJjnKAFwoLndZ1jGxu5wKn4MKS+iqhgo
ldzQ2eQA1EHyy3trQ9tdk2//3SNA8oHAlI8cXBb/+I0gKs6C8TItyRyPIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKkUCdEkP390b2rGtwH80ruSPcESMB8GA1UdIwQY
MBaAFD8KKHvqkliPxdrk+T+yVijzLRltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMt
MjEzMzVkMTA2M2FmLzEvcVJRSjBTUV9mM1J2YXNhM0FmelN1NUk5d1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMtMjEzMzVkMTA2M2Fm
LzEvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFTpqgAwQE
UF1wAwQBuQyMMA0EAgACMAcDBQAqAgXwMA0GCSqGSIb3DQEBCwUAA4IBAQAv2NKV
JW5VBF1yP3+Eb1jwG1YyCW5rsXrtIp7XJR2ImCmJ0KSGUtesbkRyGFsgPUNZ6YIP
nKpDiYNmvgv6YmxLWJmXTW98a8i8dbcbnALVBaRee3aZzrDMniLwovRPCnP8RyVv
rEN5OTlShlxELtXfPKOH3zM01q6O5/hzxQlC06582dkEPPhufRnNmaHr5HqxqS1H
rhvD34pGJzzK9W9Ib5fZtx4fplxEzmEK6OF/oL2nLrlGVzCjnq6mCWmMuWVQlcSo
RhAHlJzIFbzAlYf0PeUhogXwCI86Dp+7QASWQ0Z9gsS/NlEuq8NfhMT+sXRY70RJ
klwD8CBCZ+MCG6wM
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:35:35 2024 by rpki-client on console-fra.rpki-client.org