Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/rlqwBPPzkUJ2KuxxuXQzWVi_RuE.roa
File: rlqwBPPzkUJ2KuxxuXQzWVi_RuE.roa (raw, json)
Hash identifier: bOW7MApR9QEy9QqUfJktNtHERdPWXnER7OyhifW6Hmg=
Subject key identifier: AE:5A:B0:04:F3:F3:91:42:76:2A:EC:71:B9:74:33:59:58:BF:46:E1
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018F68BAB157E999143DA2E76F59315A480A
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/rlqwBPPzkUJ2KuxxuXQzWVi_RuE.roa
Signing time: Sat 11 May 2024 17:36:56 +0000
ROA not before: Sat 11 May 2024 17:36:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 212.68.164.0/22 maxlen: 22
212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.172.0/22 maxlen: 22
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/22 maxlen: 22
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.180.0/22 maxlen: 22
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.184.0/22 maxlen: 22
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:68:ba:b1:57:e9:99:14:3d:a2:e7:6f:59:31:5a:48:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: May 11 17:36:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae5ab004f3f39142762aec71b974335958bf46e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:69:6a:31:17:d3:a5:ba:99:36:f8:f1:d5:9c:
8e:e4:23:1a:02:d5:00:7f:3d:fd:a7:90:d8:45:9b:
3d:ed:df:8e:0e:11:bb:2d:6a:52:fc:07:a4:63:0b:
ac:9a:fc:18:2f:3b:7d:46:97:ae:5b:3e:ae:b9:79:
20:2b:1c:a3:53:bf:10:43:04:44:f3:c3:93:07:4b:
63:b2:1e:dc:58:4f:3b:5e:7c:33:7c:2a:e8:44:b3:
f8:07:1e:5a:05:04:66:b2:69:88:fa:25:45:27:88:
a9:13:59:83:33:20:63:58:02:3e:d8:c0:52:24:1d:
75:e3:94:50:2d:38:75:90:5a:e9:ba:14:14:37:dd:
95:af:78:89:2d:94:e2:5d:33:bf:6d:a0:99:b0:56:
8d:cb:2a:ac:5e:be:4c:10:ab:59:b6:81:e0:55:ab:
da:21:78:d5:b8:02:74:02:6f:e7:9c:6e:f2:96:2a:
cf:20:8c:72:0d:48:e8:1b:c7:a9:04:ac:cf:a4:44:
29:86:ca:71:67:65:6b:47:6e:7c:68:fd:15:8f:51:
e2:b2:b9:82:14:08:10:75:2f:05:95:6b:3b:db:fe:
37:b9:3c:a5:15:2f:44:87:75:2a:77:0c:9c:9f:7b:
99:18:7d:8c:45:78:11:be:52:6e:59:5b:a3:76:c9:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5A:B0:04:F3:F3:91:42:76:2A:EC:71:B9:74:33:59:58:BF:46:E1
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/rlqwBPPzkUJ2KuxxuXQzWVi_RuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.191.255
Signature Algorithm: sha256WithRSAEncryption
0c:73:f8:fb:7e:f1:a3:86:dc:4c:f8:2a:08:cf:97:bb:52:be:
c3:18:5f:23:55:12:84:2d:f6:48:f0:40:e9:8f:0c:bf:e1:9d:
06:dc:7e:3a:ed:a3:c9:87:7b:94:e0:7d:38:7c:17:62:64:7d:
07:a3:38:b6:c9:ec:99:e7:38:e4:ce:ca:51:44:95:e9:48:c2:
4e:42:45:3b:74:55:26:d2:8f:1c:0c:a6:fa:fe:d2:8d:5e:ef:
fe:97:1d:77:2c:7a:20:30:d4:6a:56:37:ba:68:4e:a4:ec:4e:
24:ee:bf:2a:c4:1b:ee:35:f2:3b:1c:d3:5e:c9:50:0b:51:61:
1d:fd:9b:95:b1:c6:ce:4c:e3:84:8d:4e:3d:9c:ee:c7:eb:8f:
80:b5:04:dd:56:40:77:02:79:e6:2d:ca:9a:28:ba:ca:6d:5f:
8f:2d:f6:79:11:44:73:7c:da:51:67:b1:e6:e5:05:e1:75:25:
09:19:6f:c4:7e:57:c8:cf:90:4f:2a:7d:68:b3:ce:6b:a1:60:
0d:13:07:db:8f:85:42:15:fa:9f:da:d7:d4:4e:df:f6:41:d2:
58:10:10:33:de:f3:ba:e6:9c:9c:7b:a4:e6:98:30:d5:ff:10:
f6:c4:7f:82:f7:5c:21:27:08:b2:2a:99:d0:85:e8:2e:4e:44:
23:8b:6e:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY9ourFX6ZkUPaLnb1kxWkgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwNTExMTczNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTVhYjAwNGYzZjM5MTQyNzYyYWVjNzFiOTc0MzM1OTU4YmY0NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2lqMRfTpbqZNvjx1ZyO5CMaAtUA
fz39p5DYRZs97d+ODhG7LWpS/AekYwusmvwYLzt9RpeuWz6uuXkgKxyjU78QQwRE
88OTB0tjsh7cWE87XnwzfCroRLP4Bx5aBQRmsmmI+iVFJ4ipE1mDMyBjWAI+2MBS
JB1145RQLTh1kFrpuhQUN92Vr3iJLZTiXTO/baCZsFaNyyqsXr5MEKtZtoHgVava
IXjVuAJ0Am/nnG7ylirPIIxyDUjoG8epBKzPpEQphspxZ2VrR258aP0Vj1HisrmC
FAgQdS8FlWs72/43uTylFS9Eh3Uqdwycn3uZGH2MRXgRvlJuWVujdsne+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK5asATz85FCdirscbl0M1lYv0bhMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvcmxxd0JQUHprVUoyS3V4eHVYUXpXVmlfUnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALURKQD
BAbURIAwDQYJKoZIhvcNAQELBQADggEBAAxz+Pt+8aOG3Ez4KgjPl7tSvsMYXyNV
EoQt9kjwQOmPDL/hnQbcfjrto8mHe5TgfTh8F2JkfQejOLbJ7JnnOOTOylFElelI
wk5CRTt0VSbSjxwMpvr+0o1e7/6XHXcseiAw1GpWN7poTqTsTiTuvyrEG+418jsc
017JUAtRYR39m5Wxxs5M44SNTj2c7sfrj4C1BN1WQHcCeeYtypoousptX48t9nkR
RHN82lFnseblBeF1JQkZb8R+V8jPkE8qfWizzmuhYA0TB9uPhUIV+p/a19RO3/ZB
0lgQEDPe87rmnJx7pOaYMNX/EPbEf4L3XCEnCLIqmdCF6C5ORCOLbmI=
-----END CERTIFICATE-----
Generated at Thu Jun 13 11:47:25 2024 by rpki-client on console-fra.rpki-client.org