Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Q_Sma2Dm8SlszCDbo43XrSMCzTg.roa
File: Q_Sma2Dm8SlszCDbo43XrSMCzTg.roa (raw, json)
Hash identifier: c6j9OVodQPwHtAofIG7HvpHVuzwUycCaNObAofh0VdA=
Subject key identifier: 43:F4:A6:6B:60:E6:F1:29:6C:CC:20:DB:A3:8D:D7:AD:23:02:CD:38
Certificate issuer: /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial: 018CC349133E8E36B6C4A5CE150CFC64DC5D
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Q_Sma2Dm8SlszCDbo43XrSMCzTg.roa
Signing time: Mon 01 Jan 2024 04:29:55 +0000
ROA not before: Mon 01 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204279
IP address blocks: 185.108.250.0/24 maxlen: 24
185.108.249.0/24 maxlen: 24
185.108.248.0/22 maxlen: 24
178.249.192.0/23 maxlen: 24
178.249.192.0/21 maxlen: 24
178.249.194.0/23 maxlen: 24
153.94.16.0/20 maxlen: 24
2a06:4942:200::/40 maxlen: 40
2a06:4942::/41 maxlen: 41
2a01:a4a0::/32 maxlen: 32
2a06:4940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.mft
rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:13:3e:8e:36:b6:c4:a5:ce:15:0c:fc:64:dc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Validity
Not Before: Jan 1 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43f4a66b60e6f1296ccc20dba38dd7ad2302cd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c6:a6:99:6b:b5:d1:33:35:0e:11:ca:43:aa:
43:69:13:79:a1:b7:be:01:3b:93:c0:df:af:19:e1:
c5:01:b6:ac:09:19:05:49:23:69:74:69:d3:86:22:
e9:cd:8a:f3:06:d2:54:7c:4f:ed:69:48:22:61:59:
4f:4c:1a:b1:01:6d:25:cc:e5:3b:fc:72:ae:19:2a:
57:33:53:61:fb:fa:76:5f:fd:51:92:41:76:e2:c8:
af:a1:e6:1a:fc:32:db:ce:18:a9:f8:47:e3:29:65:
40:54:58:2a:41:ba:9d:0d:55:dd:8d:c9:8e:ed:ca:
d2:0b:cf:f8:bb:91:e6:c3:c6:d7:19:5c:4b:77:6a:
45:d8:c7:34:ac:eb:b0:3c:a6:09:43:13:01:4f:39:
b8:8f:a6:5d:53:0b:f5:ff:eb:df:95:ae:c5:24:0b:
16:1c:32:fd:8e:60:b6:00:50:0e:f3:83:3f:74:67:
c0:66:7d:ba:8b:1a:73:5c:4f:7c:da:f0:ea:81:2a:
7c:ea:6b:f8:d2:96:1b:8e:2c:88:bc:40:7b:f9:70:
ce:e0:17:fa:1a:c4:f9:e2:0e:b8:1b:66:0a:eb:bd:
53:16:13:e3:45:dd:58:73:25:ee:1d:7a:16:b2:ae:
76:cc:f4:d6:1f:d8:0f:4b:96:5a:62:4e:19:59:bc:
bb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F4:A6:6B:60:E6:F1:29:6C:CC:20:DB:A3:8D:D7:AD:23:02:CD:38
X509v3 Authority Key Identifier:
keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/Q_Sma2Dm8SlszCDbo43XrSMCzTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.94.16.0/20
178.249.192.0/21
185.108.248.0/22
IPv6:
2a01:a4a0::/32
2a06:4940::/29
Signature Algorithm: sha256WithRSAEncryption
2d:ff:23:ff:f5:e0:96:1c:bd:97:35:8c:da:86:ee:61:a4:af:
d7:12:d8:8e:d4:08:73:14:dd:b0:0f:73:b8:8c:14:ee:e6:8d:
52:71:b9:ee:8b:17:d1:8a:16:35:6c:fb:e5:64:9d:73:85:0a:
6b:e9:d5:99:bb:f9:e4:6c:3c:66:95:6d:e2:90:db:c2:86:91:
27:57:e0:4d:af:28:aa:a7:17:71:12:99:4b:d0:ba:62:a4:a0:
01:16:fe:af:b7:f0:b7:43:70:b3:cb:85:9e:2f:5c:a3:a6:54:
65:86:dd:18:5d:3a:c4:b3:2f:16:e8:54:a2:74:b6:72:9e:86:
2b:9b:b1:2f:01:d4:50:bb:7d:ba:60:26:1b:ea:c1:64:aa:79:
a3:95:78:a7:10:72:16:53:d2:88:af:7d:bb:d0:1c:ed:9b:d5:
76:6f:25:8f:69:50:f7:56:0d:3a:8c:5d:11:ff:56:b7:59:22:
7f:b3:45:c6:9a:3e:ff:db:40:03:a7:a6:00:37:6b:2e:08:b2:
e2:15:5c:57:7f:37:0b:06:cf:8f:c5:92:e5:93:0e:3d:30:54:
a5:dc:c4:ca:c6:52:f9:de:9b:9e:06:fc:04:dc:bd:54:65:a4:
ee:7e:a7:db:88:4d:67:95:8b:ef:89:f3:19:04:3f:34:1d:aa:
87:26:bf:e3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzDSRM+jja2xKXOFQz8ZNxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZDUwMDE2NGYwNzM4MTM1YjlhZWMwNGUzOGZjMjRjYjkw
ZTBmNWYwHhcNMjQwMTAxMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y0YTY2YjYwZTZmMTI5NmNjYzIwZGJhMzhkZDdhZDIzMDJjZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicammWu10TM1DhHKQ6pDaRN5obe+
ATuTwN+vGeHFAbasCRkFSSNpdGnThiLpzYrzBtJUfE/taUgiYVlPTBqxAW0lzOU7
/HKuGSpXM1Nh+/p2X/1RkkF24sivoeYa/DLbzhip+EfjKWVAVFgqQbqdDVXdjcmO
7crSC8/4u5Hmw8bXGVxLd2pF2Mc0rOuwPKYJQxMBTzm4j6ZdUwv1/+vfla7FJAsW
HDL9jmC2AFAO84M/dGfAZn26ixpzXE982vDqgSp86mv40pYbjiyIvEB7+XDO4Bf6
GsT54g64G2YK671TFhPjRd1YcyXuHXoWsq52zPTWH9gPS5ZaYk4ZWby7ZQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEP0pmtg5vEpbMwg26ON160jAs04MB8GA1UdIwQY
MBaAFH7VABZPBzgTW5rsBOOPwky5Dg9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGIt
ODJkOWE5ZWI0MzBjLzEvUV9TbWEyRG04U2xzekNEYm80M1hyU01DelRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YzUzNTktMzQ1Mi00MmYzLTg4MGItODJkOWE5ZWI0MzBj
LzEvZnRVQUZrOEhPQk5ibXV3RTQ0X0NUTGtPRDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEmV4QAwQD
svnAAwQCuWz4MBQEAgACMA4DBQAqAaSgAwUDKgZJQDANBgkqhkiG9w0BAQsFAAOC
AQEALf8j//Xglhy9lzWM2obuYaSv1xLYjtQIcxTdsA9zuIwU7uaNUnG57osX0YoW
NWz75WSdc4UKa+nVmbv55Gw8ZpVt4pDbwoaRJ1fgTa8oqqcXcRKZS9C6YqSgARb+
r7fwt0Nws8uFni9co6ZUZYbdGF06xLMvFuhUonS2cp6GK5uxLwHUULt9umAmG+rB
ZKp5o5V4pxByFlPSiK99u9Ac7ZvVdm8lj2lQ91YNOoxdEf9Wt1kif7NFxpo+/9tA
A6emADdrLgiy4hVcV383CwbPj8WS5ZMOPTBUpdzEysZS+d6bngb8BNy9VGWk7n6n
24hNZ5WL74nzGQQ/NB2qhya/4w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:40:12 2024 by rpki-client on console-ams.rpki-client.org