Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qLu_ujnuDeWdo5ZqaHAls1FcIl4.roa
File: qLu_ujnuDeWdo5ZqaHAls1FcIl4.roa (raw, json)
Hash identifier: zlzfBbm0k0c6qkPwq2iGf2iXzHmD2aenIzBxhYpwgio=
Subject key identifier: A8:BB:BF:BA:39:EE:0D:E5:9D:A3:96:6A:68:70:25:B3:51:5C:22:5E
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018CC86F1971E4DA9E92E87C8CABE8FE6E04
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qLu_ujnuDeWdo5ZqaHAls1FcIl4.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44094
IP address blocks: 185.250.149.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
2a09:7c47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:19:71:e4:da:9e:92:e8:7c:8c:ab:e8:fe:6e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8bbbfba39ee0de59da3966a687025b3515c225e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cd:7d:6c:15:ea:b5:9f:72:bd:ba:d4:48:ef:
81:ba:08:e8:f4:bb:9b:45:f7:db:aa:9d:ce:f8:c4:
5e:ca:2e:e3:b6:dd:67:e9:af:5a:4f:fd:41:d8:50:
c5:c2:2d:23:ab:f1:3d:7b:95:32:9b:14:a2:5e:af:
d7:f0:a0:d3:fb:7a:44:0c:94:a1:44:14:ce:b5:d6:
06:35:6e:d2:7a:e5:2a:d1:d9:08:b7:d5:a9:97:c0:
b1:18:0e:ed:74:9b:44:d0:73:e4:94:57:28:28:13:
38:f7:c1:e2:e4:63:45:7c:81:8c:12:2a:36:a2:01:
59:3f:92:75:b2:8d:d0:13:28:c0:0a:a2:63:7f:ee:
0e:f8:ad:f6:80:88:ca:31:f5:70:51:df:11:82:42:
4c:97:c2:aa:ca:9f:55:34:83:a5:9d:67:8c:63:4d:
c5:32:ea:28:51:8e:4e:51:8a:35:f3:12:e3:3a:89:
55:8f:42:1d:6b:4f:82:59:70:ba:15:b8:21:fc:26:
d0:ae:50:f7:c4:90:3a:d8:ec:a3:b3:d0:53:40:48:
26:f9:4c:76:8e:af:37:3f:0c:4a:7d:05:fb:36:42:
c3:d4:76:10:04:65:76:df:12:a1:6a:d3:86:6c:3f:
f1:a7:d8:15:57:c7:94:5e:dc:3c:13:32:9c:44:7f:
dd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BB:BF:BA:39:EE:0D:E5:9D:A3:96:6A:68:70:25:B3:51:5C:22:5E
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qLu_ujnuDeWdo5ZqaHAls1FcIl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.230.0/24
185.250.149.0/24
IPv6:
2a09:7c47::/32
Signature Algorithm: sha256WithRSAEncryption
41:cb:dd:1d:fa:cc:7b:d3:4c:27:75:0a:7f:67:3d:60:ae:18:
f8:46:19:81:05:6c:c7:ff:1e:32:9a:d0:ce:48:12:84:39:ff:
99:67:00:e9:08:99:7c:7a:c8:1b:0c:04:ee:f9:ae:7c:f4:59:
cf:2c:58:a7:ad:a5:89:70:1e:8b:3a:b4:84:e1:55:4f:40:eb:
c8:af:d5:5e:83:73:b0:a2:ff:d4:96:18:b1:2a:af:eb:a2:03:
66:71:59:0a:7f:87:c9:0a:cf:42:a6:bf:b0:0b:25:9c:ba:14:
b1:d2:1b:7e:97:c9:89:3c:25:96:92:d1:2d:ac:1a:19:5b:d0:
16:48:82:b6:65:25:21:53:a9:f3:41:db:01:20:82:4d:db:b6:
a4:10:6d:10:d2:27:9a:72:06:69:41:f5:f9:62:0a:8c:5e:de:
ba:d7:00:db:ff:9c:3e:d9:ad:14:cd:a1:7c:be:d7:42:64:46:
b3:6b:29:3a:fa:ee:20:75:5b:43:22:5e:3c:2f:6c:36:2c:d2:
30:26:3e:65:22:c0:fa:97:3e:f4:9c:e5:cd:7e:3e:82:93:2d:
f4:de:6d:16:0d:e6:1f:20:58:e9:32:0d:f9:9d:ca:d2:34:ce:
42:77:4c:e2:7c:e7:ab:49:97:ce:19:18:62:34:21:0d:ca:3b:
17:c1:b6:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIbxlx5Nqekuh8jKvo/m4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJiYmZiYTM5ZWUwZGU1OWRhMzk2NmE2ODcwMjViMzUxNWMyMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs19bBXqtZ9yvbrUSO+Bugjo9Lub
Rffbqp3O+MReyi7jtt1n6a9aT/1B2FDFwi0jq/E9e5UymxSiXq/X8KDT+3pEDJSh
RBTOtdYGNW7SeuUq0dkIt9Wpl8CxGA7tdJtE0HPklFcoKBM498Hi5GNFfIGMEio2
ogFZP5J1so3QEyjACqJjf+4O+K32gIjKMfVwUd8RgkJMl8Kqyp9VNIOlnWeMY03F
MuooUY5OUYo18xLjOolVj0Ida0+CWXC6Fbgh/CbQrlD3xJA62Oyjs9BTQEgm+Ux2
jq83PwxKfQX7NkLD1HYQBGV23xKhatOGbD/xp9gVV8eUXtw8EzKcRH/dqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKi7v7o57g3lnaOWamhwJbNRXCJeMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvcUx1X3VqbnVEZVdkbzVacWFIQWxzMUZjSWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUPmAwQA
ufqVMA0EAgACMAcDBQAqCXxHMA0GCSqGSIb3DQEBCwUAA4IBAQBBy90d+sx700wn
dQp/Zz1grhj4RhmBBWzH/x4ymtDOSBKEOf+ZZwDpCJl8esgbDATu+a589FnPLFin
raWJcB6LOrSE4VVPQOvIr9Veg3Owov/UlhixKq/rogNmcVkKf4fJCs9Cpr+wCyWc
uhSx0ht+l8mJPCWWktEtrBoZW9AWSIK2ZSUhU6nzQdsBIIJN27akEG0Q0ieacgZp
QfX5YgqMXt661wDb/5w+2a0UzaF8vtdCZEazayk6+u4gdVtDIl48L2w2LNIwJj5l
IsD6lz70nOXNfj6Cky303m0WDeYfIFjpMg35ncrSNM5Cd0zifOerSZfOGRhiNCEN
yjsXwbaA
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:15:24 2024 by rpki-client on console-fra.rpki-client.org