Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/csQbqjJff_Q5T4R-wk6vn4Sq3uk.roa
File: csQbqjJff_Q5T4R-wk6vn4Sq3uk.roa (raw, json)
Hash identifier: DjiL2fqOPChYfJnqM6I/0QBxfCU85ROAWSJPUqC5qGc=
Subject key identifier: 72:C4:1B:AA:32:5F:7F:F4:39:4F:84:7E:C2:4E:AF:9F:84:AA:DE:E9
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 018CC72583E7EB0A19CEABC9C12A7DB2DF2D
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/csQbqjJff_Q5T4R-wk6vn4Sq3uk.roa
Signing time: Mon 01 Jan 2024 22:29:33 +0000
ROA not before: Mon 01 Jan 2024 22:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41608
IP address blocks: 185.213.175.0/24 maxlen: 24
185.213.174.0/24 maxlen: 24
88.151.32.0/22 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
185.213.172.0/24 maxlen: 24
185.213.172.0/23 maxlen: 23
2a0b:8bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:83:e7:eb:0a:19:ce:ab:c9:c1:2a:7d:b2:df:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Jan 1 22:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72c41baa325f7ff4394f847ec24eaf9f84aadee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:2b:32:51:a5:14:09:56:03:9b:4f:2f:08:
c8:64:ee:a1:05:c1:9e:a1:3a:7a:c9:eb:7a:fe:99:
1f:05:2b:9f:f2:ce:b1:38:5f:ed:71:46:c3:4e:7a:
ab:42:59:d7:7e:93:8f:97:a0:e3:02:1c:05:a8:ed:
6e:87:c6:b9:3f:f2:b8:b9:9f:d4:61:be:08:46:69:
5f:58:ca:60:b3:a6:b9:64:3c:b0:e3:8e:aa:75:4d:
ff:28:c2:32:95:61:d9:06:01:a1:f5:a8:83:1d:04:
e7:32:d7:da:ee:a0:4b:da:03:b2:6b:3f:c8:c4:97:
84:59:6c:7c:40:31:8a:1e:bd:11:d8:9d:c3:c8:84:
1a:1f:45:c7:16:e4:b1:ed:f7:40:53:98:d4:3c:67:
e2:4a:1f:84:01:10:21:ba:88:86:97:f5:91:e0:1a:
8f:b6:63:a4:43:af:11:cd:10:8a:21:ba:7b:0b:0f:
2c:5c:f4:f5:38:8f:6a:dd:33:a1:8d:00:c5:32:ce:
57:63:94:9d:4f:4b:c2:f0:3c:c4:65:ae:7a:2e:63:
41:99:c3:4d:e6:44:90:68:df:81:38:be:c2:16:64:
69:53:e0:75:60:b0:f1:a7:6a:d6:10:c3:c3:ff:19:
be:f8:a5:24:9c:cb:db:4f:d1:7d:30:b9:66:ac:98:
ce:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C4:1B:AA:32:5F:7F:F4:39:4F:84:7E:C2:4E:AF:9F:84:AA:DE:E9
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/csQbqjJff_Q5T4R-wk6vn4Sq3uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.32.0/22
185.213.172.0/22
195.170.165.0/24
195.170.172.0/24
IPv6:
2a0b:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
42:28:78:1d:d4:30:3f:00:89:67:c9:2b:30:e0:e6:17:95:c8:
02:bd:6e:7c:67:fb:28:c5:35:68:cf:27:b0:62:cc:3d:af:04:
62:ac:58:34:b8:d5:66:86:d4:5b:6e:1a:f5:c2:98:18:95:ea:
5c:d8:41:e5:2c:ba:c9:46:06:0c:bb:a3:a1:5f:82:87:52:88:
14:84:39:42:23:8d:c7:01:79:73:3a:36:e1:a3:af:d4:42:b3:
17:fe:7a:6e:18:0e:34:33:0c:15:c9:06:f1:e6:7d:9f:24:e6:
7a:f2:1d:b6:d0:22:46:2f:0f:e3:95:fc:9e:37:78:85:45:ba:
26:eb:04:a9:48:80:49:a4:7d:b6:50:d2:45:93:21:81:e9:f3:
63:d3:3b:b7:53:9a:65:6f:8d:9e:93:f0:93:6f:a2:27:f0:69:
20:65:a9:c4:77:d2:00:3d:d5:cc:2c:d8:60:26:b7:d0:a9:1a:
f7:ad:bf:58:bf:40:1d:c6:16:97:66:50:34:f2:13:9b:d0:55:
0f:05:c0:4b:b7:2e:92:eb:a6:06:ec:2d:7b:16:0c:58:4c:0a:
3e:4c:9c:b2:70:aa:3c:31:8d:d7:f3:ab:41:e1:47:64:b2:ad:
c4:c3:05:5d:cf:67:97:9a:b8:8a:a8:1f:5f:44:63:58:99:03:
59:de:e7:5d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJYPn6woZzqvJwSp9st8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzI1MmViYmIzMzQ4NGFkY2VjNzQwNWFkZWE0ZGUwOGEw
YWZiMDQwHhcNMjQwMTAxMjIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM0MWJhYTMyNWY3ZmY0Mzk0Zjg0N2VjMjRlYWY5Zjg0YWFkZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxsrMlGlFAlWA5tPLwjIZO6hBcGe
oTp6yet6/pkfBSuf8s6xOF/tcUbDTnqrQlnXfpOPl6DjAhwFqO1uh8a5P/K4uZ/U
Yb4IRmlfWMpgs6a5ZDyw446qdU3/KMIylWHZBgGh9aiDHQTnMtfa7qBL2gOyaz/I
xJeEWWx8QDGKHr0R2J3DyIQaH0XHFuSx7fdAU5jUPGfiSh+EARAhuoiGl/WR4BqP
tmOkQ68RzRCKIbp7Cw8sXPT1OI9q3TOhjQDFMs5XY5SdT0vC8DzEZa56LmNBmcNN
5kSQaN+BOL7CFmRpU+B1YLDxp2rWEMPD/xm++KUknMvbT9F9MLlmrJjOvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHLEG6oyX3/0OU+EfsJOr5+Eqt7pMB8GA1UdIwQY
MBaAFGFyUuu7M0hK3Ox0Ba3qTeCKCvsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMt
NjYzNWRlYmMzOTVjLzEvY3NRYnFqSmZmX1E1VDRSLXdrNnZuNFNxM3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMtNjYzNWRlYmMzOTVj
LzEvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCWJcgAwQC
udWsAwQAw6qlAwQAw6qsMA0EAgACMAcDBQMqC4vAMA0GCSqGSIb3DQEBCwUAA4IB
AQBCKHgd1DA/AIlnySsw4OYXlcgCvW58Z/soxTVozyewYsw9rwRirFg0uNVmhtRb
bhr1wpgYlepc2EHlLLrJRgYMu6OhX4KHUogUhDlCI43HAXlzOjbho6/UQrMX/npu
GA40MwwVyQbx5n2fJOZ68h220CJGLw/jlfyeN3iFRbom6wSpSIBJpH22UNJFkyGB
6fNj0zu3U5plb42ek/CTb6In8GkgZanEd9IAPdXMLNhgJrfQqRr3rb9Yv0AdxhaX
ZlA08hOb0FUPBcBLty6S66YG7C17FgxYTAo+TJyycKo8MY3X86tB4Udksq3EwwVd
z2eXmriKqB9fRGNYmQNZ3udd
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:31:56 2024 by rpki-client on console-fra.rpki-client.org