Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/q3JoRUcESDmwRP_0YiCCA2IF5UM.roa
File: q3JoRUcESDmwRP_0YiCCA2IF5UM.roa (raw, json)
Hash identifier: 8YPidpkxpZoJ+QarSarwqRk/LrChass4UU+fvKpsHvY=
Subject key identifier: AB:72:68:45:47:04:48:39:B0:44:FF:F4:62:20:82:03:62:05:E5:43
Certificate issuer: /CN=de8171491d89092da36c15fc814e538b9bfa3904
Certificate serial: 018CC56DDDAAADB4B121E704B47B7E279EE7
Authority key identifier: DE:81:71:49:1D:89:09:2D:A3:6C:15:FC:81:4E:53:8B:9B:FA:39:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/q3JoRUcESDmwRP_0YiCCA2IF5UM.roa
Signing time: Mon 01 Jan 2024 14:29:20 +0000
ROA not before: Mon 01 Jan 2024 14:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15377
IP address blocks: 193.108.248.0/22 maxlen: 22
46.98.0.0/16 maxlen: 16
185.244.140.0/22 maxlen: 22
91.243.192.0/19 maxlen: 19
91.201.68.0/22 maxlen: 22
178.215.160.0/20 maxlen: 20
185.205.144.0/22 maxlen: 22
5.252.180.0/22 maxlen: 22
91.233.96.0/22 maxlen: 22
192.162.108.0/22 maxlen: 22
91.215.52.0/22 maxlen: 22
212.115.224.0/19 maxlen: 19
91.236.96.0/22 maxlen: 22
88.218.180.0/22 maxlen: 22
2a05:8dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:dd:aa:ad:b4:b1:21:e7:04:b4:7b:7e:27:9e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de8171491d89092da36c15fc814e538b9bfa3904
Validity
Not Before: Jan 1 14:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab72684547044839b044fff4622082036205e543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ee:3a:9c:b2:ee:7d:f7:17:49:a6:0f:6f:0e:
fb:6f:b8:9c:96:fa:44:b8:3a:d4:87:1c:2f:51:6b:
e5:3c:6d:09:a0:21:31:bb:a9:ea:f1:0b:15:5e:f4:
a0:d0:66:4b:16:8d:82:24:e6:0b:33:aa:fc:7f:ef:
e7:75:c7:be:79:fa:2e:99:75:0a:25:45:7c:ae:80:
db:c2:20:c6:ca:d2:ee:9c:16:9a:56:62:76:99:28:
4b:8d:34:b9:fc:8a:71:da:17:97:44:b1:92:6c:6d:
c6:ac:e1:0c:62:5b:54:67:8e:ce:96:5d:ee:dc:5e:
07:7e:1a:41:c3:f8:df:29:c0:bb:74:2a:23:75:30:
5a:85:fc:9e:65:aa:2a:86:44:a6:22:dc:a1:fc:ec:
f7:13:49:c0:c0:db:2a:a1:55:a9:18:5a:80:f5:3e:
b1:47:f0:86:98:ce:9c:d9:7b:07:96:fd:37:fc:e0:
85:d3:e1:41:58:5c:07:3f:04:57:5c:74:28:a5:e9:
06:88:9f:33:14:13:f6:53:42:22:fb:b4:d4:91:b5:
4c:fc:8b:8b:5f:a2:0b:9a:eb:93:c5:ca:2a:3b:3e:
e1:4a:2e:c5:7c:a9:d8:cd:02:8d:29:28:b5:59:83:
cd:60:be:92:e4:aa:b8:3a:3a:5f:ce:2d:8d:cf:bb:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:72:68:45:47:04:48:39:B0:44:FF:F4:62:20:82:03:62:05:E5:43
X509v3 Authority Key Identifier:
keyid:DE:81:71:49:1D:89:09:2D:A3:6C:15:FC:81:4E:53:8B:9B:FA:39:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/q3JoRUcESDmwRP_0YiCCA2IF5UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/aa9187-5e0c-4d6a-b704-894205f2691b/1/3oFxSR2JCS2jbBX8gU5Ti5v6OQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.180.0/22
46.98.0.0/16
88.218.180.0/22
91.201.68.0/22
91.215.52.0/22
91.233.96.0/22
91.236.96.0/22
91.243.192.0/19
178.215.160.0/20
185.205.144.0/22
185.244.140.0/22
192.162.108.0/22
193.108.248.0/22
212.115.224.0/19
IPv6:
2a05:8dc0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:fa:86:5c:fc:bc:d2:41:c9:aa:97:cd:14:16:57:ce:d9:85:
01:40:cb:30:01:e0:be:f9:41:06:21:43:16:21:77:27:b2:2f:
3b:fb:82:c4:2e:99:a3:07:1d:28:01:45:db:cc:b2:8a:e1:88:
e5:03:b4:11:1c:5c:cb:31:a1:ab:7c:26:c4:75:18:d7:7a:3c:
d9:47:91:f7:73:b4:6e:56:f7:f0:9b:04:69:86:22:4f:0d:74:
df:82:b1:8b:b4:0a:56:5c:86:dd:48:b5:ce:2b:dd:75:c3:27:
01:b4:73:d6:49:3c:c1:bd:45:65:33:8d:0b:6e:50:5c:3e:48:
0b:0d:bc:3b:a0:79:b6:20:b8:af:75:2d:33:d9:4c:d9:f0:24:
5c:8c:2f:32:e9:03:ce:91:3a:9c:2f:c2:de:28:f0:48:4e:01:
5b:fb:e8:31:1c:c0:ea:c8:ba:5d:60:96:b4:f4:00:88:37:01:
22:0f:06:9c:b0:c7:6e:68:29:57:a8:56:9c:0e:b1:9d:76:30:
4b:6d:b0:54:ef:61:47:b4:3d:ee:e2:df:26:3a:84:3f:b0:c1:
5e:90:63:1d:dc:df:e4:0a:b6:9d:d4:1e:5f:24:f8:67:50:4d:
d1:bd:15:30:49:db:ee:64:a4:b5:94:89:01:a4:11:53:6c:25:
0a:85:37:51
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzFbd2qrbSxIecEtHt+J57nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODE3MTQ5MWQ4OTA5MmRhMzZjMTVmYzgxNGU1MzhiOWJm
YTM5MDQwHhcNMjQwMTAxMTQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjcyNjg0NTQ3MDQ0ODM5YjA0NGZmZjQ2MjIwODIwMzYyMDVlNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+46nLLuffcXSaYPbw77b7iclvpE
uDrUhxwvUWvlPG0JoCExu6nq8QsVXvSg0GZLFo2CJOYLM6r8f+/ndce+efoumXUK
JUV8roDbwiDGytLunBaaVmJ2mShLjTS5/Ipx2heXRLGSbG3GrOEMYltUZ47Oll3u
3F4HfhpBw/jfKcC7dCojdTBahfyeZaoqhkSmItyh/Oz3E0nAwNsqoVWpGFqA9T6x
R/CGmM6c2XsHlv03/OCF0+FBWFwHPwRXXHQopekGiJ8zFBP2U0Ii+7TUkbVM/IuL
X6ILmuuTxcoqOz7hSi7FfKnYzQKNKSi1WYPNYL6S5Kq4Ojpfzi2Nz7u7zwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKtyaEVHBEg5sET/9GIgggNiBeVDMB8GA1UdIwQY
MBaAFN6BcUkdiQkto2wV/IFOU4ub+jkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29GeFNSMkpDUzJqYkJYOGdVNVRpNXY2T1FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hYTkxODctNWUwYy00ZDZhLWI3MDQt
ODk0MjA1ZjI2OTFiLzEvcTNKb1JVY0VTRG13UlBfMFlpQ0NBMklGNVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hYTkxODctNWUwYy00ZDZhLWI3MDQtODk0MjA1ZjI2OTFi
LzEvM29GeFNSMkpDUzJqYkJYOGdVNVRpNXY2T1FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQCBfy0AwMA
LmIDBAJY2rQDBAJbyUQDBAJb1zQDBAJb6WADBAJb7GADBAVb88ADBASy16ADBAK5
zZADBAK59IwDBALAomwDBALBbPgDBAXUc+AwDQQCAAIwBwMFAyoFjcAwDQYJKoZI
hvcNAQELBQADggEBAA/6hlz8vNJByaqXzRQWV87ZhQFAyzAB4L75QQYhQxYhdyey
Lzv7gsQumaMHHSgBRdvMsorhiOUDtBEcXMsxoat8JsR1GNd6PNlHkfdztG5W9/Cb
BGmGIk8NdN+CsYu0ClZcht1Itc4r3XXDJwG0c9ZJPMG9RWUzjQtuUFw+SAsNvDug
ebYguK91LTPZTNnwJFyMLzLpA86ROpwvwt4o8EhOAVv76DEcwOrIul1glrT0AIg3
ASIPBpywx25oKVeoVpwOsZ12MEttsFTvYUe0Pe7i3yY6hD+wwV6QYx3c3+QKtp3U
Hl8k+GdQTdG9FTBJ2+5kpLWUiQGkEVNsJQqFN1E=
-----END CERTIFICATE-----
Generated at Fri May 17 05:38:07 2024 by rpki-client on console-ams.rpki-client.org