Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/Ql-uvkhKpOnpbwQS3WIgGxkK7YA.roa
File: Ql-uvkhKpOnpbwQS3WIgGxkK7YA.roa (raw, json)
Hash identifier: kUq/KM4nF3IUFEO5xcfA9yg3o9ZPHTWvI31+e0erL5s=
Subject key identifier: 42:5F:AE:BE:48:4A:A4:E9:E9:6F:04:12:DD:62:20:1B:19:0A:ED:80
Certificate issuer: /CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Certificate serial: 018CC493818E6A0CE870124D28DBEBC4F4F2
Authority key identifier: C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/Ql-uvkhKpOnpbwQS3WIgGxkK7YA.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200799
IP address blocks: 185.188.24.0/24 maxlen: 24
185.188.24.0/22 maxlen: 22
185.188.27.0/24 maxlen: 24
185.188.26.0/24 maxlen: 24
185.188.25.0/24 maxlen: 24
185.95.39.0/24 maxlen: 24
130.193.1.0/24 maxlen: 24
185.95.38.0/24 maxlen: 24
185.95.37.0/24 maxlen: 24
185.95.36.0/22 maxlen: 22
185.95.36.0/24 maxlen: 24
212.237.252.0/24 maxlen: 24
217.61.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:81:8e:6a:0c:e8:70:12:4d:28:db:eb:c4:f4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c276a8ba874c3fbddad344d03258b3e2c04d7bcb
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=425faebe484aa4e9e96f0412dd62201b190aed80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:48:7b:fe:c0:6a:9c:fc:3b:a1:32:7e:45:e5:
39:bd:3c:9d:fa:be:7f:56:8f:69:d0:75:1a:56:b3:
62:f3:4e:7c:26:b8:1c:b3:b5:12:6b:0b:90:e7:ed:
dd:f4:38:5d:78:1d:98:7b:ec:aa:0d:71:d2:8d:95:
3e:40:98:a2:bb:d4:7d:4e:c9:d9:6e:1f:8c:ad:7e:
1b:38:f3:50:ea:3c:41:49:94:97:d5:b8:95:72:12:
31:44:89:63:3f:31:9e:12:22:a9:6c:58:7d:78:77:
48:cb:9b:89:f6:c9:a1:8c:9a:23:c2:90:9e:fd:61:
a1:66:af:03:11:be:82:f6:0f:61:46:43:a9:0c:d7:
29:8f:31:e1:9c:f9:f8:d4:06:e2:74:4b:b0:fa:bf:
d0:d2:53:6c:0c:1c:9d:a1:43:76:31:b3:88:ec:d3:
9e:f3:8e:28:76:1a:52:d6:62:d3:96:48:05:c1:00:
1d:a9:45:17:87:da:04:8b:95:db:5f:78:cf:51:8a:
19:0e:ef:7f:d6:cb:60:f9:57:24:bc:fd:20:4b:89:
8e:75:12:b9:88:e3:75:a1:9d:d3:b2:a1:4b:ac:51:
37:5b:0b:a5:61:da:de:a6:42:7b:ff:72:76:7a:f4:
32:72:93:ff:61:dd:16:cc:59:1e:86:d8:d7:b1:38:
74:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5F:AE:BE:48:4A:A4:E9:E9:6F:04:12:DD:62:20:1B:19:0A:ED:80
X509v3 Authority Key Identifier:
keyid:C2:76:A8:BA:87:4C:3F:BD:DA:D3:44:D0:32:58:B3:E2:C0:4D:7B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnaouodMP73a00TQMliz4sBNe8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/Ql-uvkhKpOnpbwQS3WIgGxkK7YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/772cbc-7e69-4c91-86a3-3661b1ebbcfb/1/wnaouodMP73a00TQMliz4sBNe8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.1.0/24
185.95.36.0/22
185.188.24.0/22
212.237.252.0/24
217.61.254.0/24
Signature Algorithm: sha256WithRSAEncryption
80:9e:09:5f:58:37:3f:50:88:9d:3f:e5:aa:12:e1:9d:47:a1:
fd:16:4f:c6:47:9d:b3:26:c4:d3:8f:c2:a7:6d:d5:66:f2:73:
97:72:d9:bf:4f:2d:5b:1b:1f:18:b3:b4:e9:fc:88:d5:ef:d7:
31:73:91:93:7e:56:ec:79:ee:a6:56:1a:ae:bd:37:27:0b:67:
db:67:24:0e:12:74:4e:33:43:6b:fe:31:8c:db:30:14:27:12:
8c:3b:78:07:b0:2d:80:bb:82:23:e9:a5:56:28:56:89:44:04:
94:ac:40:e7:bb:94:36:6b:eb:e1:57:ff:94:aa:3f:26:f2:1b:
67:77:ce:16:85:dd:63:c0:c0:63:d4:91:0d:6c:df:45:ad:10:
d8:c5:c1:a8:16:cd:f5:6e:36:1e:df:c9:36:5a:8d:6c:9f:24:
a1:8b:72:38:5f:01:81:f2:4e:b7:ab:37:e3:52:5f:e1:31:ef:
0d:e7:37:81:c4:91:76:90:8b:f5:74:d3:a5:3b:26:b2:7f:0b:
23:45:09:25:93:0e:56:3e:89:eb:4b:f2:e0:17:f4:e0:47:77:
82:14:bd:d2:b9:b8:eb:19:34:76:59:a6:8b:c6:51:a7:7e:51:
5d:f6:69:56:3f:66:41:ec:ea:1b:6d:61:fb:17:d5:f9:64:7a:
30:e0:5b:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEk4GOagzocBJNKNvrxPTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzZhOGJhODc0YzNmYmRkYWQzNDRkMDMyNThiM2UyYzA0
ZDdiY2IwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVmYWViZTQ4NGFhNGU5ZTk2ZjA0MTJkZDYyMjAxYjE5MGFlZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0h7/sBqnPw7oTJ+ReU5vTyd+r5/
Vo9p0HUaVrNi8058Jrgcs7USawuQ5+3d9DhdeB2Ye+yqDXHSjZU+QJiiu9R9TsnZ
bh+MrX4bOPNQ6jxBSZSX1biVchIxRIljPzGeEiKpbFh9eHdIy5uJ9smhjJojwpCe
/WGhZq8DEb6C9g9hRkOpDNcpjzHhnPn41AbidEuw+r/Q0lNsDBydoUN2MbOI7NOe
844odhpS1mLTlkgFwQAdqUUXh9oEi5XbX3jPUYoZDu9/1stg+VckvP0gS4mOdRK5
iON1oZ3TsqFLrFE3WwulYdrepkJ7/3J2evQycpP/Yd0WzFkehtjXsTh0pQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEJfrr5ISqTp6W8EEt1iIBsZCu2AMB8GA1UdIwQY
MBaAFMJ2qLqHTD+92tNE0DJYs+LATXvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMt
MzY2MWIxZWJiY2ZiLzEvUWwtdXZraEtwT25wYndRUzNXSWdHeGtLN1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NzJjYmMtN2U2OS00YzkxLTg2YTMtMzY2MWIxZWJiY2Zi
LzEvd25hb3VvZE1QNzNhMDBUUU1saXo0c0JOZThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgsEBAwQC
uV8kAwQCubwYAwQA1O38AwQA2T3+MA0GCSqGSIb3DQEBCwUAA4IBAQCAnglfWDc/
UIidP+WqEuGdR6H9Fk/GR52zJsTTj8KnbdVm8nOXctm/Ty1bGx8Ys7Tp/IjV79cx
c5GTflbsee6mVhquvTcnC2fbZyQOEnROM0Nr/jGM2zAUJxKMO3gHsC2Au4Ij6aVW
KFaJRASUrEDnu5Q2a+vhV/+Uqj8m8htnd84Whd1jwMBj1JENbN9FrRDYxcGoFs31
bjYe38k2Wo1snyShi3I4XwGB8k63qzfjUl/hMe8N5zeBxJF2kIv1dNOlOyayfwsj
RQklkw5WPonrS/LgF/TgR3eCFL3SubjrGTR2WaaLxlGnflFd9mlWP2ZB7OobbWH7
F9X5ZHow4Fvl
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:31 2024 by rpki-client on console-ams.rpki-client.org