Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qCTZs4pkJ3I9_nP1JQYovfdD8Mg.roa
File: qCTZs4pkJ3I9_nP1JQYovfdD8Mg.roa (raw, json)
Hash identifier: fgcqVZTm9wM2BGle2YZisMGnKfL1b8mMu13gbClm+Lw=
Subject key identifier: A8:24:D9:B3:8A:64:27:72:3D:FE:73:F5:25:06:28:BD:F7:43:F0:C8
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802CC7BBA2C9B7B77123F812653FD8F
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qCTZs4pkJ3I9_nP1JQYovfdD8Mg.roa
Signing time: Tue 02 Jan 2024 02:31:15 +0000
ROA not before: Tue 02 Jan 2024 02:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50667
IP address blocks: 188.214.156.0/24 maxlen: 24
185.99.89.0/24 maxlen: 24
185.99.88.0/24 maxlen: 24
188.240.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:cc:7b:ba:2c:9b:7b:77:12:3f:81:26:53:fd:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a824d9b38a6427723dfe73f5250628bdf743f0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:86:4a:b8:f8:40:96:12:1c:e1:e9:31:4e:
81:dc:b0:0a:e6:5f:65:63:22:c7:5f:ca:c5:f4:0e:
59:66:2b:fa:94:a9:59:5a:fc:1c:08:d2:43:9f:14:
2f:16:95:9f:8a:87:f9:28:ed:e8:3c:7c:98:72:bb:
c7:61:56:df:7f:27:1a:c2:7e:a9:6f:f9:4f:c1:4e:
8b:63:0f:b9:a6:a3:07:4a:ba:ad:07:e8:bc:9f:f5:
d9:ca:3b:3c:6b:1a:f8:fc:c9:12:fa:96:fd:20:14:
d6:2a:21:07:2f:da:50:33:a0:cf:f0:ef:b7:93:45:
5b:4a:ee:c7:58:22:9a:65:91:c8:d5:49:67:29:65:
33:58:c5:bb:2d:2e:cc:82:e4:e2:fd:cc:30:31:e8:
78:8a:1f:03:c2:91:9f:0c:52:de:8f:19:eb:90:a0:
d4:ed:df:d0:0e:e8:4b:78:8c:9a:99:ee:41:a5:44:
0f:3e:90:22:db:55:40:a8:06:db:ac:9a:93:26:02:
45:91:f7:e6:92:03:7a:95:93:b7:c1:13:d4:fb:5e:
d1:13:3a:e2:b4:0e:28:23:af:62:3a:ef:59:43:9e:
cd:e3:85:b3:45:74:20:c2:92:29:79:2f:87:99:8a:
09:92:d3:84:d4:bb:ed:8b:21:88:1d:e4:b3:63:33:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:24:D9:B3:8A:64:27:72:3D:FE:73:F5:25:06:28:BD:F7:43:F0:C8
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qCTZs4pkJ3I9_nP1JQYovfdD8Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.88.0/23
188.214.156.0/24
188.240.12.0/24
Signature Algorithm: sha256WithRSAEncryption
08:dc:4e:69:bf:7d:0e:06:e2:eb:80:cd:94:6b:36:8e:35:8c:
5a:84:eb:f1:de:5a:c2:74:3f:51:a7:06:94:51:61:92:90:56:
71:24:40:83:e4:f4:fd:3d:71:55:fd:23:61:17:bb:fe:f3:88:
d2:83:b5:6c:fb:aa:4e:b4:97:d2:7f:d0:91:83:8c:be:56:e7:
6d:45:ff:37:4a:6e:79:bf:b2:08:5c:3f:41:6a:f1:fd:a9:d7:
54:44:70:2c:90:ab:b1:a3:9f:a3:eb:cb:e0:27:fd:bd:97:d3:
62:b8:7b:22:c4:26:bc:e8:21:5c:d5:e0:ae:6c:d8:c3:71:da:
14:95:02:ef:a2:2a:b2:4b:eb:f1:ae:8d:f9:3a:62:97:aa:ac:
1a:61:15:00:46:02:49:aa:15:fd:f7:1b:7d:0e:e0:00:6c:7c:
40:c5:02:7a:85:41:8a:54:0c:5a:1d:0e:93:e7:45:d7:ae:d2:
0c:65:a9:17:14:35:6d:53:e2:cf:66:16:b3:e1:7f:fc:b7:2f:
84:1e:84:77:54:33:86:ac:a9:6c:03:e0:d1:7c:93:e5:43:9f:
50:d7:7d:94:f8:69:ce:16:8a:ce:85:60:8b:35:6c:82:7b:cf:
68:56:a4:59:a6:8e:ab:f1:af:24:63:b7:bc:4c:0f:61:7f:17:
10:75:c5:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAsx7uiybe3cSP4EmU/2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI0ZDliMzhhNjQyNzcyM2RmZTczZjUyNTA2MjhiZGY3NDNmMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr12GSrj4QJYSHOHpMU6B3LAK5l9l
YyLHX8rF9A5ZZiv6lKlZWvwcCNJDnxQvFpWfiof5KO3oPHyYcrvHYVbffycawn6p
b/lPwU6LYw+5pqMHSrqtB+i8n/XZyjs8axr4/MkS+pb9IBTWKiEHL9pQM6DP8O+3
k0VbSu7HWCKaZZHI1UlnKWUzWMW7LS7MguTi/cwwMeh4ih8DwpGfDFLejxnrkKDU
7d/QDuhLeIyame5BpUQPPpAi21VAqAbbrJqTJgJFkffmkgN6lZO3wRPU+17REzri
tA4oI69iOu9ZQ57N44WzRXQgwpIpeS+HmYoJktOE1LvtiyGIHeSzYzMXDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKgk2bOKZCdyPf5z9SUGKL33Q/DIMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvcUNUWnM0cGtKM0k5X25QMUpRWW92ZmREOE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuWNYAwQA
vNacAwQAvPAMMA0GCSqGSIb3DQEBCwUAA4IBAQAI3E5pv30OBuLrgM2UazaONYxa
hOvx3lrCdD9RpwaUUWGSkFZxJECD5PT9PXFV/SNhF7v+84jSg7Vs+6pOtJfSf9CR
g4y+VudtRf83Sm55v7IIXD9BavH9qddURHAskKuxo5+j68vgJ/29l9NiuHsixCa8
6CFc1eCubNjDcdoUlQLvoiqyS+vxro35OmKXqqwaYRUARgJJqhX99xt9DuAAbHxA
xQJ6hUGKVAxaHQ6T50XXrtIMZakXFDVtU+LPZhaz4X/8ty+EHoR3VDOGrKlsA+DR
fJPlQ59Q132U+GnOForOhWCLNWyCe89oVqRZpo6r8a8kY7e8TA9hfxcQdcXK
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org