Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/qkdSGWD3hWjb4LiluojK7ltbCII.roa
File: qkdSGWD3hWjb4LiluojK7ltbCII.roa (raw, json)
Hash identifier: Bp53qXGNXFsgWkyY8KUvG8HSexijTRKfa7f6HEH6Zr0=
Subject key identifier: AA:47:52:19:60:F7:85:68:DB:E0:B8:A5:BA:88:CA:EE:5B:5B:08:82
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 018D6DA2B534381625F223F62FB43AEFD021
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/qkdSGWD3hWjb4LiluojK7ltbCII.roa
Signing time: Sat 03 Feb 2024 06:23:16 +0000
ROA not before: Sat 03 Feb 2024 06:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51235
IP address blocks: 185.107.244.0/24 maxlen: 24
185.107.245.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
185.136.182.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
2a12:5440::/45 maxlen: 45
2a12:5440::/48 maxlen: 48
2a12:5440:8::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:a2:b5:34:38:16:25:f2:23:f6:2f:b4:3a:ef:d0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Feb 3 06:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa47521960f78568dbe0b8a5ba88caee5b5b0882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:32:30:a4:6e:65:f7:34:3a:46:d8:1f:2a:c5:
57:c9:4a:e8:02:23:8f:52:ac:42:47:ce:1b:51:c8:
ae:00:bd:82:94:a4:4d:d9:d1:95:92:c7:cb:97:1e:
04:d8:0c:96:36:7f:9e:db:5d:e8:7e:14:d1:f1:d6:
9f:58:1f:69:82:8d:51:68:b7:f3:3a:94:31:e1:79:
92:d1:df:4b:68:40:f4:a1:44:74:86:01:0b:0c:dc:
c7:2c:4c:80:9d:2b:c3:a2:e1:12:45:30:bb:9c:5b:
43:23:4b:b7:ca:a7:89:c4:c0:cb:a5:25:85:91:d7:
1b:82:5a:bb:05:b8:b0:b8:52:15:71:75:15:26:bc:
48:05:bc:2f:45:a0:3d:43:a2:35:01:37:b1:ec:2a:
2e:05:d8:39:7e:19:8c:57:fe:cb:63:cc:de:e0:7e:
52:a1:e1:8a:20:bb:86:30:f5:43:5e:5b:4f:55:89:
33:f0:4b:7b:cc:32:cd:28:26:d0:9a:36:ae:cf:bc:
2e:ee:af:b4:91:1f:56:fa:b4:28:c1:73:81:3d:2c:
10:72:91:20:37:f5:a3:b3:c0:a0:ca:5a:6e:89:77:
65:f3:d7:d6:f4:a5:47:56:b0:a4:4f:09:31:50:c9:
9e:32:b6:8e:38:a8:f3:c7:94:e7:56:78:69:32:8d:
4a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:47:52:19:60:F7:85:68:DB:E0:B8:A5:BA:88:CA:EE:5B:5B:08:82
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/qkdSGWD3hWjb4LiluojK7ltbCII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/44
Signature Algorithm: sha256WithRSAEncryption
bd:80:b3:5f:71:f0:b2:83:71:68:20:11:64:26:73:a9:91:d8:
a1:37:9e:6f:c9:78:a4:f3:ca:5f:40:57:50:14:e8:7b:5d:0c:
86:bb:25:1d:36:af:c7:62:38:a3:66:a0:1f:61:1b:60:30:a3:
60:74:c5:ba:63:e7:f5:19:f9:f8:8a:b7:9f:e0:25:0b:4a:21:
80:f2:9c:6b:8e:67:ae:f7:83:28:fe:ab:98:4d:d3:76:35:0e:
94:89:0b:12:77:82:36:48:af:d4:f8:76:c0:83:ec:e2:64:7f:
b5:ee:cd:8c:0b:3c:23:d1:ee:e2:90:aa:1d:9d:62:c1:68:1e:
93:64:91:df:15:5f:e4:13:f2:b4:2a:48:75:51:f1:7e:5e:af:
1b:b3:28:41:6c:67:9d:23:36:04:b8:36:72:a5:d7:35:e7:a9:
c0:9b:21:d0:71:94:3d:58:a7:fe:5c:6d:ae:4b:25:b3:56:a5:
6b:25:59:b0:bf:42:49:9f:55:35:f0:61:b5:c7:a5:c1:6f:5c:
ba:7b:bc:67:82:8e:c8:09:8b:7c:a5:af:87:99:61:f9:39:c8:
77:08:d3:39:86:01:82:d1:bc:ab:20:0b:cf:77:7f:5d:92:1a:
34:db:1a:6d:c8:23:7b:f4:36:e2:dd:55:5a:c1:c0:8d:5b:c6:
8c:00:ad:b6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY1torU0OBYl8iP2L7Q679AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjQwMjAzMDYyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQ3NTIxOTYwZjc4NTY4ZGJlMGI4YTViYTg4Y2FlZTViNWIwODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTIwpG5l9zQ6RtgfKsVXyUroAiOP
UqxCR84bUciuAL2ClKRN2dGVksfLlx4E2AyWNn+e213ofhTR8dafWB9pgo1RaLfz
OpQx4XmS0d9LaED0oUR0hgELDNzHLEyAnSvDouESRTC7nFtDI0u3yqeJxMDLpSWF
kdcbglq7BbiwuFIVcXUVJrxIBbwvRaA9Q6I1ATex7CouBdg5fhmMV/7LY8ze4H5S
oeGKILuGMPVDXltPVYkz8Et7zDLNKCbQmjauz7wu7q+0kR9W+rQowXOBPSwQcpEg
N/Wjs8CgylpuiXdl89fW9KVHVrCkTwkxUMmeMraOOKjzx5TnVnhpMo1KPwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKpHUhlg94Vo2+C4pbqIyu5bWwiCMB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvcWtkU0dXRDNoV2piNExpbHVvaks3bHRiQ0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwQqElRAAAAwDQYJKoZIhvcNAQELBQADggEBAL2A
s19x8LKDcWggEWQmc6mR2KE3nm/JeKTzyl9AV1AU6HtdDIa7JR02r8diOKNmoB9h
G2Awo2B0xbpj5/UZ+fiKt5/gJQtKIYDynGuOZ673gyj+q5hN03Y1DpSJCxJ3gjZI
r9T4dsCD7OJkf7XuzYwLPCPR7uKQqh2dYsFoHpNkkd8VX+QT8rQqSHVR8X5erxuz
KEFsZ50jNgS4NnKl1zXnqcCbIdBxlD1Yp/5cba5LJbNWpWslWbC/QkmfVTXwYbXH
pcFvXLp7vGeCjsgJi3ylr4eZYfk5yHcI0zmGAYLRvKsgC893f12SGjTbGm3II3v0
NuLdVVrBwI1bxowArbY=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:04:34 2024 by rpki-client on console-ams.rpki-client.org