Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Q-gQetdU3_UIbvWjhBcindK1sug.roa
File: Q-gQetdU3_UIbvWjhBcindK1sug.roa (raw, json)
Hash identifier: JOexwtwUR7w8V2LTgt5XiLhFy2uB6Epw8t7/bJ4Ru9A=
Subject key identifier: 43:E8:10:7A:D7:54:DF:F5:08:6E:F5:A3:84:17:22:9D:D2:B5:B2:E8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01924D9DA0F7328D5DDCE4E461A9E158BBA0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Q-gQetdU3_UIbvWjhBcindK1sug.roa
Signing time: Wed 02 Oct 2024 14:23:48 +0000
ROA not before: Wed 02 Oct 2024 14:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:9d:a0:f7:32:8d:5d:dc:e4:e4:61:a9:e1:58:bb:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 2 14:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43e8107ad754dff5086ef5a38417229dd2b5b2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:06:67:b5:e8:1a:4b:f7:92:3e:fd:5e:ee:
7b:19:dd:97:1b:d2:c1:b6:57:f6:75:aa:31:47:bb:
0f:b5:37:99:a8:e8:1a:6e:ba:cb:57:2f:e5:de:64:
73:17:1b:62:7e:a4:63:81:6c:8a:b7:01:11:cb:9e:
fc:e0:aa:96:a0:b3:ec:af:73:5d:40:b6:f9:ea:e0:
0d:47:d7:70:53:2f:45:5e:03:a3:7b:0e:15:45:3a:
90:30:89:ba:bd:12:e1:c5:06:86:ae:93:2a:e5:05:
b3:87:3f:d2:4c:8e:2b:69:c7:f5:49:67:d1:1f:0b:
41:5e:b6:30:1c:b4:59:5b:98:31:77:a5:1c:92:87:
5d:45:ce:7b:81:f4:d2:cd:fb:fc:a0:3a:12:84:78:
22:ae:13:35:2f:2f:80:08:45:d5:df:6a:0c:f3:90:
d6:21:3f:b6:6b:7e:d4:5e:07:4f:d0:90:04:c3:b9:
c3:84:fd:8c:69:8b:a1:92:a8:dd:17:f5:85:62:e9:
c0:c8:42:6d:d4:0d:c5:44:b2:de:2c:6e:d1:3a:fa:
95:9d:e8:fb:4c:5f:5a:11:a4:c8:95:8a:c6:db:c4:
54:54:41:56:7c:6c:2b:a2:15:ad:cf:f5:97:c7:6e:
08:e9:58:23:1b:79:38:82:bf:45:de:ce:1f:28:58:
7d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E8:10:7A:D7:54:DF:F5:08:6E:F5:A3:84:17:22:9D:D2:B5:B2:E8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Q-gQetdU3_UIbvWjhBcindK1sug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0-89.47.98.255
89.47.101.0-89.47.111.255
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
77:bd:59:54:97:ce:3f:f4:97:2d:54:15:ab:09:ff:77:1a:80:
48:2c:58:9c:f4:67:7f:3b:a1:78:0b:06:99:d1:8b:9b:b0:9e:
0d:a6:8e:77:79:56:a1:44:89:89:05:0b:e2:64:5e:62:69:77:
0d:f9:6b:07:a1:2f:56:e7:95:96:38:21:91:d0:df:de:1d:6c:
14:95:fc:86:51:36:c1:db:d9:e8:a7:8e:e8:cf:12:1f:d5:c6:
52:6c:29:2b:e5:76:23:06:f5:71:67:f0:23:95:59:01:22:33:
b4:6b:e0:b6:69:eb:b3:59:d4:44:37:21:5e:ac:11:ad:be:cc:
ec:45:8b:9b:fd:3f:26:23:4b:de:96:13:00:95:53:75:a2:a9:
2b:ea:e5:ad:c8:7d:9e:5a:04:1e:68:4e:e0:51:26:7b:a5:f2:
c0:90:ac:c7:5c:74:ed:28:de:54:6a:a8:b9:ff:a9:36:23:37:
f7:59:f5:11:f4:be:65:45:01:8d:02:bb:e4:cd:18:a1:5e:10:
f0:f4:91:0d:90:61:b3:1c:7f:42:51:73:82:ff:c6:9b:3e:c4:
40:b7:86:92:66:3a:12:82:5b:53:a1:84:96:8d:c9:a9:de:bc:
f3:86:7e:51:51:23:c0:bb:ff:36:99:2b:73:15:61:89:53:b8:
36:47:ec:ba
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZJNnaD3Mo1d3OTkYanhWLugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMDAyMTQyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U4MTA3YWQ3NTRkZmY1MDg2ZWY1YTM4NDE3MjI5ZGQyYjViMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxogGZ7XoGkv3kj79Xu57Gd2XG9LB
tlf2daoxR7sPtTeZqOgabrrLVy/l3mRzFxtifqRjgWyKtwERy5784KqWoLPsr3Nd
QLb56uANR9dwUy9FXgOjew4VRTqQMIm6vRLhxQaGrpMq5QWzhz/STI4racf1SWfR
HwtBXrYwHLRZW5gxd6UckoddRc57gfTSzfv8oDoShHgirhM1Ly+ACEXV32oM85DW
IT+2a37UXgdP0JAEw7nDhP2MaYuhkqjdF/WFYunAyEJt1A3FRLLeLG7ROvqVnej7
TF9aEaTIlYrG28RUVEFWfGwrohWtz/WXx24I6VgjG3k4gr9F3s4fKFh9MQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEPoEHrXVN/1CG71o4QXIp3StbLoMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUS1nUWV0ZFUzX1VJYnZXamhCY2luZEsxc3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQAVmpR
AwQAWSIbAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kMAwDBAVZL2ADBABZL2IwDAME
AFkvZQMEBFkvYAMEAFkveAMEAFkvegMEAF1xzAMEAF1ywgMEALzxAwMEAsETwAME
AcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAd71ZVJfOP/SX
LVQVqwn/dxqASCxYnPRnfzuheAsGmdGLm7CeDaaOd3lWoUSJiQUL4mReYml3Dflr
B6EvVueVljghkdDf3h1sFJX8hlE2wdvZ6KeO6M8SH9XGUmwpK+V2Iwb1cWfwI5VZ
ASIztGvgtmnrs1nURDchXqwRrb7M7EWLm/0/JiNL3pYTAJVTdaKpK+rlrch9nloE
HmhO4FEme6XywJCsx1x07SjeVGqouf+pNiM391n1EfS+ZUUBjQK75M0YoV4Q8PSR
DZBhsxx/QlFzgv/Gmz7EQLeGkmY6EoJbU6GElo3Jqd6884Z+UVEjwLv/NpkrcxVh
iVO4Nkfsug==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:27:26 2024 by rpki-client on console-fra.rpki-client.org