Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/q03aF_RWDD2v4XTvG_xm_capqE4.roa
File: q03aF_RWDD2v4XTvG_xm_capqE4.roa (raw, json)
Hash identifier: 5STOfjXMuWwHg8TNTURDl7NUFenZdjESwzoIOo8QOc0=
Subject key identifier: AB:4D:DA:17:F4:56:0C:3D:AF:E1:74:EF:1B:FC:66:FD:C6:A9:A8:4E
Certificate issuer: /CN=541d6a9e7a0236dfceeb5505a8a9644f6242e667
Certificate serial: 018CC2DB38F9BAEF5579B84794392063D167
Authority key identifier: 54:1D:6A:9E:7A:02:36:DF:CE:EB:55:05:A8:A9:64:4F:62:42:E6:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB1qnnoCNt_O61UFqKlkT2JC5mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/q03aF_RWDD2v4XTvG_xm_capqE4.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3212
IP address blocks: 185.72.60.0/24 maxlen: 24
185.72.60.0/22 maxlen: 22
86.58.0.0/17 maxlen: 17
82.149.0.0/19 maxlen: 19
194.152.0.0/19 maxlen: 19
178.79.64.0/18 maxlen: 18
213.161.0.0/19 maxlen: 19
2001:1688::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/VB1qnnoCNt_O61UFqKlkT2JC5mc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/VB1qnnoCNt_O61UFqKlkT2JC5mc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VB1qnnoCNt_O61UFqKlkT2JC5mc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:38:f9:ba:ef:55:79:b8:47:94:39:20:63:d1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541d6a9e7a0236dfceeb5505a8a9644f6242e667
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab4dda17f4560c3dafe174ef1bfc66fdc6a9a84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:46:7b:d8:a6:5a:a9:2e:d1:af:4b:67:2f:5c:
a1:01:0a:b5:5a:b5:8b:17:aa:c5:39:c6:6d:24:07:
64:4d:29:92:85:72:de:49:6b:1d:f9:fc:e0:a5:10:
3d:60:ec:51:f4:3d:19:dc:32:e2:a4:12:05:da:9a:
b3:bc:ce:13:da:6b:a9:01:d8:22:4c:14:20:42:08:
54:fd:be:86:98:48:30:d3:db:f0:d2:a4:aa:26:74:
cc:29:23:fe:48:f8:59:d7:2a:9d:0f:e5:e4:ec:42:
3d:9a:f4:34:82:e5:f4:30:67:60:68:25:8d:00:82:
52:f9:74:8a:15:db:4d:62:4f:49:94:69:2d:e6:da:
9c:0c:db:52:0a:3c:74:e5:4a:5a:a5:03:b1:5a:e5:
dc:62:67:24:84:87:dc:6d:6b:8f:0c:d0:fd:d6:b8:
de:35:92:49:6e:ae:62:86:a0:63:0c:6c:b9:0e:56:
71:9d:63:32:98:b1:cc:53:ee:8f:54:24:79:49:1e:
96:ce:87:bf:b8:15:2d:6c:be:1f:2c:41:1c:8b:f7:
2b:2e:0f:16:14:f7:2f:49:ea:b2:d7:de:04:82:9a:
0d:26:be:51:c7:98:4e:78:d7:c3:84:4a:25:69:6c:
af:bf:8b:b5:6c:87:4c:98:da:20:4d:66:21:ab:e5:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4D:DA:17:F4:56:0C:3D:AF:E1:74:EF:1B:FC:66:FD:C6:A9:A8:4E
X509v3 Authority Key Identifier:
keyid:54:1D:6A:9E:7A:02:36:DF:CE:EB:55:05:A8:A9:64:4F:62:42:E6:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB1qnnoCNt_O61UFqKlkT2JC5mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/q03aF_RWDD2v4XTvG_xm_capqE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/f1d902-b45d-412e-b246-35f0e176ea82/1/VB1qnnoCNt_O61UFqKlkT2JC5mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.0.0/19
86.58.0.0/17
178.79.64.0/18
185.72.60.0/22
194.152.0.0/19
213.161.0.0/19
IPv6:
2001:1688::/29
Signature Algorithm: sha256WithRSAEncryption
77:3d:f0:9f:7d:19:42:54:56:30:ab:18:a4:c1:0f:e1:cb:8d:
ac:c5:84:86:29:13:9a:cf:d9:15:ec:fe:2c:65:12:c7:8b:49:
40:6e:03:96:9c:fa:dc:bf:00:13:f9:b2:7a:a2:95:cd:13:d1:
64:ca:95:e7:2f:f7:26:ea:8c:d3:f3:f7:97:b1:00:90:45:69:
a3:16:5a:5f:f6:03:f3:4a:33:4d:f1:19:ed:76:ea:e9:8b:89:
b4:d5:25:75:6f:0b:1f:43:4a:fd:0d:39:7b:1d:da:68:6d:86:
08:d0:9d:44:b5:36:50:f1:a9:66:86:48:c8:11:29:ea:36:2a:
b3:7e:8d:b9:d4:b1:b9:31:a9:03:ae:71:a4:75:d0:8c:2b:71:
77:e5:cd:79:b5:6b:6c:63:11:f7:df:aa:ca:6a:41:58:5c:33:
ce:d7:cb:eb:99:20:79:e4:58:df:f2:4f:8c:ff:a7:df:6f:21:
ff:95:59:e9:7c:b5:33:cd:47:f2:3c:ca:b3:3f:bc:3f:49:31:
4c:76:23:a5:2f:e6:d9:26:6a:d2:5a:e2:62:0c:d6:2f:85:37:
c6:29:e0:a6:62:67:a6:f1:52:c0:f7:9f:11:98:79:d2:ea:d9:
27:55:9a:30:94:51:45:2d:64:25:62:1c:3e:11:7f:97:ff:79:
76:8f:83:dc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzC2zj5uu9VebhHlDkgY9FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWQ2YTllN2EwMjM2ZGZjZWViNTUwNWE4YTk2NDRmNjI0
MmU2NjcwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjRkZGExN2Y0NTYwYzNkYWZlMTc0ZWYxYmZjNjZmZGM2YTlhODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkZ72KZaqS7Rr0tnL1yhAQq1WrWL
F6rFOcZtJAdkTSmShXLeSWsd+fzgpRA9YOxR9D0Z3DLipBIF2pqzvM4T2mupAdgi
TBQgQghU/b6GmEgw09vw0qSqJnTMKSP+SPhZ1yqdD+Xk7EI9mvQ0guX0MGdgaCWN
AIJS+XSKFdtNYk9JlGkt5tqcDNtSCjx05UpapQOxWuXcYmckhIfcbWuPDND91rje
NZJJbq5ihqBjDGy5DlZxnWMymLHMU+6PVCR5SR6Wzoe/uBUtbL4fLEEci/crLg8W
FPcvSeqy194EgpoNJr5Rx5hOeNfDhEolaWyvv4u1bIdMmNogTWYhq+X+NwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKtN2hf0Vgw9r+F07xv8Zv3GqahOMB8GA1UdIwQY
MBaAFFQdap56AjbfzutVBaipZE9iQuZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkIxcW5ub0NOdF9PNjFVRnFLbGtUMkpDNW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9mMWQ5MDItYjQ1ZC00MTJlLWIyNDYt
MzVmMGUxNzZlYTgyLzEvcTAzYUZfUldERDJ2NFhUdkdfeG1fY2FwcUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9mMWQ5MDItYjQ1ZC00MTJlLWIyNDYtMzVmMGUxNzZlYTgy
LzEvVkIxcW5ub0NOdF9PNjFVRnFLbGtUMkpDNW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUpUAAwQH
VjoAAwQGsk9AAwQCuUg8AwQFwpgAAwQF1aEAMA0EAgACMAcDBQMgARaIMA0GCSqG
SIb3DQEBCwUAA4IBAQB3PfCffRlCVFYwqxikwQ/hy42sxYSGKROaz9kV7P4sZRLH
i0lAbgOWnPrcvwAT+bJ6opXNE9FkypXnL/cm6ozT8/eXsQCQRWmjFlpf9gPzSjNN
8Rntdurpi4m01SV1bwsfQ0r9DTl7HdpobYYI0J1EtTZQ8almhkjIESnqNiqzfo25
1LG5MakDrnGkddCMK3F35c15tWtsYxH336rKakFYXDPO18vrmSB55Fjf8k+M/6ff
byH/lVnpfLUzzUfyPMqzP7w/STFMdiOlL+bZJmrSWuJiDNYvhTfGKeCmYmem8VLA
958RmHnS6tknVZowlFFFLWQlYhw+EX+X/3l2j4Pc
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:16:58 2024 by rpki-client on console-fra.rpki-client.org