Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/qQaIb_WHGmczKXsAMaGP4BSL38M.roa
File: qQaIb_WHGmczKXsAMaGP4BSL38M.roa (raw, json)
Hash identifier: zDdu1tLdIiwo4iP2jGNj05kokGUM5BnoQcyL3cpzqK4=
Subject key identifier: A9:06:88:6F:F5:87:1A:67:33:29:7B:00:31:A1:8F:E0:14:8B:DF:C3
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018F2A62B4F82A0714A322848303A1D69834
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/qQaIb_WHGmczKXsAMaGP4BSL38M.roa
Signing time: Mon 29 Apr 2024 15:04:22 +0000
ROA not before: Mon 29 Apr 2024 15:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203639
IP address blocks: 45.143.158.0/24 maxlen: 24
45.143.159.0/24 maxlen: 24
46.21.16.0/24 maxlen: 24
46.21.20.0/24 maxlen: 24
46.21.23.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
77.220.90.0/23 maxlen: 23
185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:62:b4:f8:2a:07:14:a3:22:84:83:03:a1:d6:98:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Apr 29 15:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a906886ff5871a6733297b0031a18fe0148bdfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:05:2c:5a:2c:c2:19:e3:2c:d7:e4:46:32:3d:
a9:b3:ef:6a:f3:79:86:e8:41:6f:1f:90:bc:e7:f1:
35:ee:b6:5d:21:e3:ce:53:ff:cb:06:36:3d:72:03:
2e:10:f9:c1:de:99:62:b9:27:1f:98:b6:df:37:7e:
bc:67:d0:8f:a0:b0:63:9f:83:17:c0:de:c1:0e:a8:
be:4c:4b:fb:0e:1a:76:a3:e6:91:e9:03:48:e5:96:
12:0a:51:b3:9a:65:74:8d:23:f8:53:9b:bb:b1:32:
b7:b4:82:c1:6d:4f:7c:c1:ee:d0:86:be:cd:be:b3:
df:27:41:ba:88:be:2f:76:94:18:82:50:56:0d:2c:
1a:0f:5d:d6:7d:8f:b5:0b:22:aa:2f:ad:d5:e4:e0:
37:85:cc:04:cd:81:5a:93:a2:7f:3a:9d:86:6f:96:
a6:06:f4:3b:96:2a:86:9c:8e:4b:20:91:ad:aa:00:
a4:e6:7f:01:9a:c4:59:da:5b:7c:9b:2d:a4:de:83:
3e:94:e1:fb:d1:ee:8d:60:32:e0:01:98:57:0b:e4:
31:f5:01:ab:43:5a:aa:0b:ce:ed:88:96:d4:52:18:
ca:85:43:5f:12:55:43:89:2f:ef:3e:14:f6:8e:f1:
c7:cd:dd:bc:b0:29:db:62:72:7b:e1:5a:b9:83:90:
25:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:88:6F:F5:87:1A:67:33:29:7B:00:31:A1:8F:E0:14:8B:DF:C3
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/qQaIb_WHGmczKXsAMaGP4BSL38M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.158.0/23
46.21.16.0/24
46.21.20.0/24
46.21.23.0/24
46.21.28.0/24
46.21.30.0/24
77.220.90.0/23
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
67:92:9a:d9:00:e8:1c:aa:70:33:d1:f3:9c:ac:9f:1a:84:cf:
e2:26:48:01:fa:3d:b6:84:5a:82:f0:10:8f:2d:ea:d0:f8:b6:
c5:0f:aa:c7:cb:89:fd:ec:04:28:2f:63:67:d8:c9:53:06:24:
b7:01:98:1c:21:8d:38:1d:76:37:6b:9f:16:22:b9:a9:ea:20:
e1:0a:90:27:f9:1e:19:f5:29:15:e8:af:61:56:9f:f2:33:6d:
95:db:23:74:a7:b9:23:f3:3f:9e:5a:b9:0c:65:39:39:56:fc:
eb:c3:42:45:18:20:4a:5b:10:16:f1:6e:88:bd:bd:5c:0c:90:
d8:44:5a:fc:f6:b7:4f:86:b4:98:39:c4:f0:70:6b:5e:49:d2:
27:eb:e6:9d:01:67:fc:e3:0f:a0:a1:db:55:e4:22:57:22:bd:
e7:ad:31:e6:81:ff:a3:78:49:e7:ea:48:3f:40:03:47:32:bb:
a1:ca:4a:c2:93:dc:29:32:82:e0:9b:41:2c:61:49:2a:0f:5d:
79:ae:ed:a2:06:62:e0:f5:18:60:f5:49:59:58:ab:34:22:34:
a3:84:b2:24:ca:cf:85:34:2c:12:03:7c:39:b3:d4:08:b2:02:
de:3b:51:96:11:ae:ac:a4:97:eb:2e:e7:f3:8d:c3:89:e4:27:
99:92:c8:f1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY8qYrT4KgcUoyKEgwOh1pg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwNDI5MTUwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2ODg2ZmY1ODcxYTY3MzMyOTdiMDAzMWExOGZlMDE0OGJkZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/AUsWizCGeMs1+RGMj2ps+9q83mG
6EFvH5C85/E17rZdIePOU//LBjY9cgMuEPnB3pliuScfmLbfN368Z9CPoLBjn4MX
wN7BDqi+TEv7Dhp2o+aR6QNI5ZYSClGzmmV0jSP4U5u7sTK3tILBbU98we7Qhr7N
vrPfJ0G6iL4vdpQYglBWDSwaD13WfY+1CyKqL63V5OA3hcwEzYFak6J/Op2Gb5am
BvQ7liqGnI5LIJGtqgCk5n8BmsRZ2lt8my2k3oM+lOH70e6NYDLgAZhXC+Qx9QGr
Q1qqC87tiJbUUhjKhUNfElVDiS/vPhT2jvHHzd28sCnbYnJ74Vq5g5AlKwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKkGiG/1hxpnMyl7ADGhj+AUi9/DMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvcVFhSWJfV0hHbWN6S1hzQU1hR1A0QlNMMzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLY+eAwQA
LhUQAwQALhUUAwQALhUXAwQALhUcAwQALhUeAwQBTdxaAwQBuZu6MA0GCSqGSIb3
DQEBCwUAA4IBAQBnkprZAOgcqnAz0fOcrJ8ahM/iJkgB+j22hFqC8BCPLerQ+LbF
D6rHy4n97AQoL2Nn2MlTBiS3AZgcIY04HXY3a58WIrmp6iDhCpAn+R4Z9SkV6K9h
Vp/yM22V2yN0p7kj8z+eWrkMZTk5Vvzrw0JFGCBKWxAW8W6Ivb1cDJDYRFr89rdP
hrSYOcTwcGteSdIn6+adAWf84w+godtV5CJXIr3nrTHmgf+jeEnn6kg/QANHMruh
ykrCk9wpMoLgm0EsYUkqD115ru2iBmLg9Rhg9UlZWKs0IjSjhLIkys+FNCwSA3w5
s9QIsgLeO1GWEa6spJfrLufzjcOJ5CeZksjx
-----END CERTIFICATE-----
Generated at Sun May 19 06:19:02 2024 by rpki-client on console-fra.rpki-client.org