Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/dQvAeoHJBaTYbQ8iNuGnnSDWYSk.roa
File: dQvAeoHJBaTYbQ8iNuGnnSDWYSk.roa (raw, json)
Hash identifier: viESUXHq0yMcUWYiqlCzxnRc3GMSdCp4o26GKzPIMZo=
Subject key identifier: 75:0B:C0:7A:81:C9:05:A4:D8:6D:0F:22:36:E1:A7:9D:20:D6:61:29
Certificate issuer: /CN=b8c0dde38bab6258b5a0294ec134f6cac15d366e
Certificate serial: 018D89C526F06BD7CD667EDCEEED1D646E60
Authority key identifier: B8:C0:DD:E3:8B:AB:62:58:B5:A0:29:4E:C1:34:F6:CA:C1:5D:36:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMDd44urYli1oClOwTT2ysFdNm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/dQvAeoHJBaTYbQ8iNuGnnSDWYSk.roa
Signing time: Thu 08 Feb 2024 17:30:15 +0000
ROA not before: Thu 08 Feb 2024 17:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197112
IP address blocks: 91.219.84.0/24 maxlen: 24
91.219.85.0/24 maxlen: 24
91.219.86.0/24 maxlen: 24
91.219.87.0/24 maxlen: 24
171.25.180.0/24 maxlen: 24
171.25.181.0/24 maxlen: 24
193.16.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/uMDd44urYli1oClOwTT2ysFdNm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/uMDd44urYli1oClOwTT2ysFdNm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uMDd44urYli1oClOwTT2ysFdNm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:c5:26:f0:6b:d7:cd:66:7e:dc:ee:ed:1d:64:6e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c0dde38bab6258b5a0294ec134f6cac15d366e
Validity
Not Before: Feb 8 17:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=750bc07a81c905a4d86d0f2236e1a79d20d66129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bc:7c:e4:09:db:0c:c1:c0:62:ba:66:7a:43:
05:ca:c0:c8:0d:53:31:00:b1:0e:a1:6d:20:11:33:
3e:3c:61:66:46:e0:21:8e:29:01:d8:c4:87:3c:fb:
51:01:77:f7:ce:66:00:6d:58:c4:ef:08:a6:ac:97:
42:bb:a5:4f:6a:b9:e3:b8:ff:ec:a5:1f:b1:aa:22:
e5:8d:57:d4:07:25:06:6b:db:36:b8:00:9c:b2:d0:
01:f0:09:3b:e0:6e:84:cb:40:5f:c4:97:85:59:43:
2f:f1:70:c1:7c:32:f9:12:a3:7a:a8:07:5e:dd:4f:
45:e6:d7:c8:23:83:e5:a4:26:ac:22:97:a5:b6:f9:
9f:b8:9e:de:70:ee:83:90:31:12:ed:6b:2b:c9:34:
a9:e4:af:7a:c5:2d:06:83:9f:4e:7c:b6:39:69:e4:
8e:c8:65:07:9d:24:6a:1d:89:6a:25:f7:c2:20:34:
fd:7b:04:8d:e0:27:3a:a7:75:bd:89:28:3f:95:4d:
b9:df:4a:27:48:bf:27:11:89:8c:a0:39:75:e2:2b:
bb:2c:be:af:50:b8:14:b9:45:fb:13:37:73:8d:1a:
b4:62:47:c9:f8:db:70:40:65:4c:1a:3a:04:9a:32:
be:f5:15:7d:5d:50:b8:38:e0:28:b3:a4:3c:d6:e5:
c4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0B:C0:7A:81:C9:05:A4:D8:6D:0F:22:36:E1:A7:9D:20:D6:61:29
X509v3 Authority Key Identifier:
keyid:B8:C0:DD:E3:8B:AB:62:58:B5:A0:29:4E:C1:34:F6:CA:C1:5D:36:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMDd44urYli1oClOwTT2ysFdNm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/dQvAeoHJBaTYbQ8iNuGnnSDWYSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7a526c-2dc7-4069-9e32-04edbdbcec37/1/uMDd44urYli1oClOwTT2ysFdNm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.84.0/22
171.25.180.0/23
193.16.46.0/24
Signature Algorithm: sha256WithRSAEncryption
59:dc:85:80:71:0d:24:b6:fd:32:93:9b:ed:cb:2b:70:8d:71:
11:cd:c4:6c:bf:c0:d5:7b:a9:f7:5a:e6:06:5f:e0:bb:92:09:
5f:04:20:a9:0f:fd:9f:22:79:d9:ab:46:cc:43:ed:7c:82:74:
69:a1:25:71:4c:04:13:a3:f4:7a:41:78:49:04:bc:cf:60:e3:
f6:f5:47:c2:fc:0e:cc:31:49:cd:a4:f6:19:0c:a5:72:c7:0f:
76:dc:07:03:40:82:ba:6c:fb:85:1f:55:4c:9f:e4:bb:a8:cd:
94:49:4a:31:bd:a9:c3:97:a5:c2:6c:5e:e1:69:a3:e7:70:57:
b4:fd:fc:ea:a8:7f:62:1d:8e:7f:55:52:9a:56:1f:e2:f4:8c:
eb:21:1c:d6:6a:7e:c8:7b:8b:9c:d4:f3:74:b1:71:57:74:b3:
3b:1e:de:06:7e:91:eb:78:e3:fa:44:cb:29:4f:49:93:c0:56:
0c:4d:79:ca:07:88:69:b2:ac:9a:62:a6:34:e3:26:4b:17:5b:
a0:d7:75:a0:08:db:d2:68:ae:55:4a:97:4c:47:43:7a:25:c9:
09:c0:33:eb:c2:e5:2b:48:00:f7:eb:4b:d9:60:bf:ab:04:e0:
db:8d:d2:80:81:59:a7:d2:2a:73:68:d5:49:b9:c7:1a:1b:cc:
32:3e:61:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2JxSbwa9fNZn7c7u0dZG5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzBkZGUzOGJhYjYyNThiNWEwMjk0ZWMxMzRmNmNhYzE1
ZDM2NmUwHhcNMjQwMjA4MTczMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBiYzA3YTgxYzkwNWE0ZDg2ZDBmMjIzNmUxYTc5ZDIwZDY2MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7x85AnbDMHAYrpmekMFysDIDVMx
ALEOoW0gETM+PGFmRuAhjikB2MSHPPtRAXf3zmYAbVjE7wimrJdCu6VParnjuP/s
pR+xqiLljVfUByUGa9s2uACcstAB8Ak74G6Ey0BfxJeFWUMv8XDBfDL5EqN6qAde
3U9F5tfII4PlpCasIpeltvmfuJ7ecO6DkDES7WsryTSp5K96xS0Gg59OfLY5aeSO
yGUHnSRqHYlqJffCIDT9ewSN4Cc6p3W9iSg/lU2530onSL8nEYmMoDl14iu7LL6v
ULgUuUX7EzdzjRq0YkfJ+NtwQGVMGjoEmjK+9RV9XVC4OOAos6Q81uXEvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHULwHqByQWk2G0PIjbhp50g1mEpMB8GA1UdIwQY
MBaAFLjA3eOLq2JYtaApTsE09srBXTZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1EZDQ0dXJZbGkxb0NsT3dUVDJ5c0ZkTm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83YTUyNmMtMmRjNy00MDY5LTllMzIt
MDRlZGJkYmNlYzM3LzEvZFF2QWVvSEpCYVRZYlE4aU51R25uU0RXWVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83YTUyNmMtMmRjNy00MDY5LTllMzItMDRlZGJkYmNlYzM3
LzEvdU1EZDQ0dXJZbGkxb0NsT3dUVDJ5c0ZkTm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9tUAwQB
qxm0AwQAwRAuMA0GCSqGSIb3DQEBCwUAA4IBAQBZ3IWAcQ0ktv0yk5vtyytwjXER
zcRsv8DVe6n3WuYGX+C7kglfBCCpD/2fInnZq0bMQ+18gnRpoSVxTAQTo/R6QXhJ
BLzPYOP29UfC/A7MMUnNpPYZDKVyxw923AcDQIK6bPuFH1VMn+S7qM2USUoxvanD
l6XCbF7haaPncFe0/fzqqH9iHY5/VVKaVh/i9IzrIRzWan7Ie4uc1PN0sXFXdLM7
Ht4GfpHreOP6RMspT0mTwFYMTXnKB4hpsqyaYqY04yZLF1ug13WgCNvSaK5VSpdM
R0N6JckJwDPrwuUrSAD360vZYL+rBODbjdKAgVmn0ipzaNVJuccaG8wyPmFu
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:04:10 2024 by rpki-client on console-fra.rpki-client.org