Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/Qo26hAuZVKofm9C4NGQXxVJP7eo.roa
File: Qo26hAuZVKofm9C4NGQXxVJP7eo.roa (raw, json)
Hash identifier: GLXRlSu4YCkQp5Ptizp62PJX97Bp1u+C1AlHtGCqGfE=
Subject key identifier: 42:8D:BA:84:0B:99:54:AA:1F:9B:D0:B8:34:64:17:C5:52:4F:ED:EA
Certificate issuer: /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial: 018CC26D453C7F611ECC3249FDE4FD572251
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/Qo26hAuZVKofm9C4NGQXxVJP7eo.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39812
IP address blocks: 5.44.0.0/20 maxlen: 20
78.139.64.0/19 maxlen: 19
185.12.252.0/22 maxlen: 22
185.137.160.0/23 maxlen: 23
185.137.162.0/23 maxlen: 23
109.202.32.0/19 maxlen: 19
185.106.56.0/22 maxlen: 22
130.255.32.0/19 maxlen: 19
78.139.96.0/21 maxlen: 21
78.139.104.0/21 maxlen: 21
89.107.112.0/21 maxlen: 21
78.139.112.0/21 maxlen: 21
78.139.120.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:45:3c:7f:61:1e:cc:32:49:fd:e4:fd:57:22:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=428dba840b9954aa1f9bd0b8346417c5524fedea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:22:1f:7b:75:ef:21:af:25:58:48:61:d8:4c:
3e:79:61:1c:8e:c4:6b:dd:57:0e:a7:c5:ea:06:9c:
ef:2f:17:fd:3a:37:4e:0d:2f:00:44:a0:0a:eb:67:
a5:45:21:de:e1:46:33:d7:f8:eb:d9:e3:c4:c8:2b:
8d:22:23:75:3a:a7:35:bf:53:eb:31:fd:fc:ac:58:
dd:89:e4:c2:a1:0b:02:11:1f:97:21:28:8e:a9:9e:
fd:f6:3e:09:05:e6:dc:5d:09:a6:43:6f:18:e4:1d:
1c:82:0c:87:bd:27:e1:2a:55:dd:b5:e2:b9:14:00:
e8:73:d9:9d:66:ec:74:56:93:71:82:2b:7c:07:25:
11:2f:57:ef:60:62:a5:33:bd:a5:3d:09:9f:3d:8f:
9c:73:8c:1f:e5:14:eb:cc:bf:db:9d:03:dd:49:f2:
c1:d3:e9:8e:e9:ee:65:52:f8:c2:fb:7a:cc:2c:54:
74:db:a4:37:38:ce:a1:e4:15:20:5d:4f:27:df:cc:
fb:aa:ad:da:b1:7f:dd:b5:c0:5a:73:80:d2:3b:8e:
61:85:cd:aa:7e:33:61:f3:4c:59:d8:9e:a7:04:3e:
13:9f:87:27:de:2f:c0:72:b4:f5:2a:56:76:9a:e0:
3a:85:19:cb:47:b9:4f:86:bb:64:f8:75:64:e2:8f:
ac:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8D:BA:84:0B:99:54:AA:1F:9B:D0:B8:34:64:17:C5:52:4F:ED:EA
X509v3 Authority Key Identifier:
keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/Qo26hAuZVKofm9C4NGQXxVJP7eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.0.0/20
78.139.64.0/18
89.107.112.0/21
109.202.32.0/19
130.255.32.0/19
185.12.252.0/22
185.106.56.0/22
185.137.160.0/22
Signature Algorithm: sha256WithRSAEncryption
95:9e:4d:78:f6:53:8f:e6:3c:11:67:92:d9:17:5b:29:db:2a:
8b:b3:26:20:46:93:a9:21:88:71:0d:89:7c:ef:5d:d9:3b:3d:
e2:60:ac:8c:50:39:2f:89:2f:56:8b:c1:d4:67:79:79:c1:da:
65:05:b8:2d:1c:50:49:72:39:cd:82:5e:54:5a:85:31:28:4b:
b5:65:76:60:15:29:d1:a2:ba:56:67:ef:21:3c:c2:2f:26:0d:
22:e1:b0:84:6b:a5:8d:91:86:28:8c:e8:e5:0c:6a:27:75:22:
1c:28:ae:52:95:d3:95:63:3a:83:e0:cb:27:bf:ef:6c:ad:4a:
e3:4b:ff:36:f5:4b:db:0c:fd:53:02:59:13:f2:1b:e2:1a:44:
3e:d5:7e:f4:53:94:d7:c7:72:4e:ac:d0:24:88:3c:04:32:57:
cc:aa:9e:56:c4:14:7d:72:d2:64:7d:06:af:87:0c:39:a4:bd:
60:b3:2c:80:5d:8b:d3:16:ea:92:f8:11:1d:18:aa:88:50:23:
11:17:43:f3:52:e5:a4:e9:8e:27:9e:fd:2b:b7:57:52:ee:c3:
d2:07:5a:6d:15:50:79:28:d3:39:71:47:21:eb:df:7f:71:50:
bf:51:e4:98:7f:ac:fd:90:9c:58:bd:35:4f:d1:b9:73:78:50:
43:ca:43:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzCbUU8f2EezDJJ/eT9VyJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhkYmE4NDBiOTk1NGFhMWY5YmQwYjgzNDY0MTdjNTUyNGZlZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyIfe3XvIa8lWEhh2Ew+eWEcjsRr
3VcOp8XqBpzvLxf9OjdODS8ARKAK62elRSHe4UYz1/jr2ePEyCuNIiN1Oqc1v1Pr
Mf38rFjdieTCoQsCER+XISiOqZ799j4JBebcXQmmQ28Y5B0cggyHvSfhKlXdteK5
FADoc9mdZux0VpNxgit8ByURL1fvYGKlM72lPQmfPY+cc4wf5RTrzL/bnQPdSfLB
0+mO6e5lUvjC+3rMLFR026Q3OM6h5BUgXU8n38z7qq3asX/dtcBac4DSO45hhc2q
fjNh80xZ2J6nBD4Tn4cn3i/AcrT1KlZ2muA6hRnLR7lPhrtk+HVk4o+skwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEKNuoQLmVSqH5vQuDRkF8VST+3qMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvUW8yNmhBdVpWS29mbTlDNE5HUVh4VkpQN2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBSwAAwQG
TotAAwQDWWtwAwQFbcogAwQFgv8gAwQCuQz8AwQCuWo4AwQCuYmgMA0GCSqGSIb3
DQEBCwUAA4IBAQCVnk149lOP5jwRZ5LZF1sp2yqLsyYgRpOpIYhxDYl8713ZOz3i
YKyMUDkviS9Wi8HUZ3l5wdplBbgtHFBJcjnNgl5UWoUxKEu1ZXZgFSnRorpWZ+8h
PMIvJg0i4bCEa6WNkYYojOjlDGondSIcKK5SldOVYzqD4Msnv+9srUrjS/829Uvb
DP1TAlkT8hviGkQ+1X70U5TXx3JOrNAkiDwEMlfMqp5WxBR9ctJkfQavhww5pL1g
syyAXYvTFuqS+BEdGKqIUCMRF0PzUuWk6Y4nnv0rt1dS7sPSB1ptFVB5KNM5cUch
699/cVC/UeSYf6z9kJxYvTVP0blzeFBDykNB
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:10:59 2024 by rpki-client on console-ams.rpki-client.org