Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qgUV1e86XOOPBb9S_1Gq0NYoF2s.roa
File: qgUV1e86XOOPBb9S_1Gq0NYoF2s.roa (raw, json)
Hash identifier: cCUFNwkfuzUlxd7LyRz0hwlC26S9VxYyUr/XDuNGrxA=
Subject key identifier: AA:05:15:D5:EF:3A:5C:E3:8F:05:BF:52:FF:51:AA:D0:D6:28:17:6B
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C77ADAC90CFE1AABC043ED9DF86C
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qgUV1e86XOOPBb9S_1Gq0NYoF2s.roa
Signing time: Tue 02 Jan 2024 02:31:14 +0000
ROA not before: Tue 02 Jan 2024 02:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41571
IP address blocks: 89.35.55.0/24 maxlen: 24
89.34.93.0/24 maxlen: 24
89.36.19.0/24 maxlen: 24
89.42.214.0/24 maxlen: 24
89.34.5.0/24 maxlen: 24
89.41.63.0/24 maxlen: 24
89.42.35.0/24 maxlen: 24
86.104.124.0/24 maxlen: 24
89.35.116.0/24 maxlen: 24
89.33.196.0/24 maxlen: 24
89.36.92.0/24 maxlen: 24
89.44.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c7:7a:da:c9:0c:fe:1a:ab:c0:43:ed:9d:f8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa0515d5ef3a5ce38f05bf52ff51aad0d628176b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ad:1c:a8:a0:d8:c1:38:34:5b:2c:4b:95:9b:
ed:1e:bf:e6:8f:a6:63:50:b4:68:4b:e7:e5:97:5d:
7b:87:3d:f3:6c:c8:d2:84:e6:81:93:5e:95:21:a8:
12:e5:79:eb:0a:75:48:9d:6e:3a:76:e6:b7:c2:58:
c4:e0:28:ca:89:98:72:1e:aa:2e:c0:63:ed:ca:dc:
23:df:fe:84:ad:5d:67:f3:d7:4c:09:f3:81:40:6c:
84:ff:32:d4:df:be:5a:32:ff:0d:c8:99:de:55:fb:
c8:64:76:af:8a:ad:12:dc:5c:89:48:f4:61:a7:c8:
a4:74:6e:a8:95:b3:3b:37:04:63:c1:f7:7a:81:de:
98:e4:d8:bb:75:e9:e1:d2:b7:c6:fb:ee:26:83:ff:
95:b8:b4:b5:b5:2a:ed:2d:78:dc:b1:80:ac:78:e2:
dd:07:14:89:ec:2e:a4:a7:e1:e5:0a:87:69:c5:bd:
b5:19:8f:ce:69:c0:c9:22:7a:c0:e2:90:c1:b9:a1:
60:52:9c:7f:87:ef:bd:e2:cf:a6:3c:2b:52:08:ea:
da:d6:a5:e7:ec:3c:00:b9:c5:a7:58:5b:71:17:c2:
a4:cd:88:33:0f:8b:2e:59:6e:42:74:34:9d:e0:a4:
e3:c4:66:4e:e8:49:16:90:6d:4b:a8:57:d0:bc:2d:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:05:15:D5:EF:3A:5C:E3:8F:05:BF:52:FF:51:AA:D0:D6:28:17:6B
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qgUV1e86XOOPBb9S_1Gq0NYoF2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.124.0/24
89.33.196.0/24
89.34.5.0/24
89.34.93.0/24
89.35.55.0/24
89.35.116.0/24
89.36.19.0/24
89.36.92.0/24
89.41.63.0/24
89.42.35.0/24
89.42.214.0/24
89.44.104.0/24
Signature Algorithm: sha256WithRSAEncryption
47:7f:dc:20:51:8b:42:ad:e9:a7:12:77:f3:31:30:6a:bf:3d:
f0:db:f0:51:b4:a1:84:7d:d5:c7:90:41:94:b7:56:bc:4a:94:
c8:a9:fa:fc:b4:b6:41:82:7b:84:94:66:ec:cf:f5:5f:63:db:
bc:35:bf:a3:d8:29:ad:f4:e4:bf:f4:87:ac:c6:5b:46:cc:68:
92:95:0c:6f:2b:e2:3a:7d:3f:f0:17:52:88:2d:0f:0b:5f:09:
27:ea:25:84:aa:40:a5:52:24:6a:d7:96:bc:f0:9e:44:61:a4:
d5:2e:37:4f:3f:ba:91:1d:3b:1c:a9:db:a3:f5:d7:3a:4b:85:
68:1e:1a:76:e8:05:4c:90:0a:56:30:8c:03:b4:0c:44:82:2f:
21:16:85:73:c9:b7:86:e0:59:4c:15:01:07:e0:b4:9f:07:82:
cf:3d:0f:92:85:fc:7b:03:e9:c0:0f:e1:af:91:5a:24:78:52:
e1:1b:4f:0c:7a:a0:88:ae:49:fc:29:57:24:a8:46:27:1c:25:
14:6d:7e:d8:91:ee:1b:7a:7b:6b:bf:fc:1e:e9:b7:fe:f2:a6:
a6:6a:5f:f1:89:69:63:5a:41:db:1d:6d:bb:e7:a1:eb:2c:26:
09:e1:82:94:4e:d6:be:d7:01:f1:89:2b:c7:7e:38:ab:55:2d:
2e:82:e7:11
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzIAsd62skM/hqrwEPtnfhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA1MTVkNWVmM2E1Y2UzOGYwNWJmNTJmZjUxYWFkMGQ2MjgxNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia0cqKDYwTg0WyxLlZvtHr/mj6Zj
ULRoS+fll117hz3zbMjShOaBk16VIagS5XnrCnVInW46dua3wljE4CjKiZhyHqou
wGPtytwj3/6ErV1n89dMCfOBQGyE/zLU375aMv8NyJneVfvIZHaviq0S3FyJSPRh
p8ikdG6olbM7NwRjwfd6gd6Y5Ni7denh0rfG++4mg/+VuLS1tSrtLXjcsYCseOLd
BxSJ7C6kp+HlCodpxb21GY/OacDJInrA4pDBuaFgUpx/h++94s+mPCtSCOra1qXn
7DwAucWnWFtxF8KkzYgzD4suWW5CdDSd4KTjxGZO6EkWkG1LqFfQvC07wwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKoFFdXvOlzjjwW/Uv9RqtDWKBdrMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvcWdVVjFlODZYT09QQmI5U18xR3EwTllvRjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAVmh8AwQA
WSHEAwQAWSIFAwQAWSJdAwQAWSM3AwQAWSN0AwQAWSQTAwQAWSRcAwQAWSk/AwQA
WSojAwQAWSrWAwQAWSxoMA0GCSqGSIb3DQEBCwUAA4IBAQBHf9wgUYtCremnEnfz
MTBqvz3w2/BRtKGEfdXHkEGUt1a8SpTIqfr8tLZBgnuElGbsz/VfY9u8Nb+j2Cmt
9OS/9IesxltGzGiSlQxvK+I6fT/wF1KILQ8LXwkn6iWEqkClUiRq15a88J5EYaTV
LjdPP7qRHTscqduj9dc6S4VoHhp26AVMkApWMIwDtAxEgi8hFoVzybeG4FlMFQEH
4LSfB4LPPQ+Shfx7A+nAD+GvkVokeFLhG08MeqCIrkn8KVckqEYnHCUUbX7Yke4b
entrv/we6bf+8qamal/xiWljWkHbHW2756HrLCYJ4YKUTta+1wHxiSvHfjirVS0u
gucR
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org