Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/QCM7JT0BWjHmwYtSa8iC_Ma237I.roa
File: QCM7JT0BWjHmwYtSa8iC_Ma237I.roa (raw, json)
Hash identifier: /4cnJ6DhHbj/hpYY6g8AghFlJRfDhNPOZKPXU9dae44=
Subject key identifier: 40:23:3B:25:3D:01:5A:31:E6:C1:8B:52:6B:C8:82:FC:C6:B6:DF:B2
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 018CC49307507405384144B1EB2701E6D55D
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/QCM7JT0BWjHmwYtSa8iC_Ma237I.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 195.220.0.0/16 maxlen: 16
195.83.163.0/24 maxlen: 24
195.83.164.0/24 maxlen: 24
195.83.165.0/24 maxlen: 24
193.48.80.0/24 maxlen: 24
193.48.81.0/24 maxlen: 24
195.98.224.0/19 maxlen: 19
193.48.91.0/24 maxlen: 24
193.48.104.0/24 maxlen: 24
193.48.101.0/24 maxlen: 24
193.48.0.0/14 maxlen: 14
194.167.190.0/24 maxlen: 24
193.52.0.0/24 maxlen: 24
193.52.1.0/24 maxlen: 24
193.52.0.0/16 maxlen: 16
193.48.179.0/24 maxlen: 24
193.48.106.0/24 maxlen: 24
195.221.235.0/24 maxlen: 24
195.221.234.0/24 maxlen: 24
195.83.225.0/24 maxlen: 24
195.83.226.0/24 maxlen: 24
194.254.0.0/16 maxlen: 16
194.57.0.0/16 maxlen: 16
194.254.139.0/24 maxlen: 24
194.57.138.0/24 maxlen: 24
194.199.0.0/16 maxlen: 16
194.167.0.0/16 maxlen: 16
81.194.0.0/16 maxlen: 16
193.54.67.0/24 maxlen: 24
195.221.0.0/16 maxlen: 16
193.52.68.0/24 maxlen: 24
194.214.0.0/16 maxlen: 16
193.54.0.0/15 maxlen: 15
193.52.216.0/24 maxlen: 24
193.52.217.0/24 maxlen: 24
193.54.149.0/24 maxlen: 24
193.51.56.0/24 maxlen: 24
194.167.41.0/24 maxlen: 24
194.57.177.0/24 maxlen: 24
194.57.176.0/24 maxlen: 24
195.83.0.0/16 maxlen: 16
193.49.96.0/24 maxlen: 24
194.57.216.0/24 maxlen: 24
194.57.215.0/24 maxlen: 24
2001:660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:07:50:74:05:38:41:44:b1:eb:27:01:e6:d5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40233b253d015a31e6c18b526bc882fcc6b6dfb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:18:07:86:b8:34:fc:2c:8f:e2:14:6b:d6:10:
f6:a0:db:cf:7e:c0:f8:71:8f:68:62:6a:8f:4b:47:
33:60:cd:2c:55:1e:9a:f0:0c:84:7d:7b:a4:6c:08:
de:7d:09:7c:be:bc:2c:7a:c0:99:bd:55:b1:7b:fe:
f1:1f:6a:a0:ef:b2:e2:0c:5a:a7:59:68:83:36:3b:
a3:e8:1b:d9:44:59:d6:79:a0:19:ff:1a:27:1d:30:
16:0d:19:e8:5e:d9:b1:14:e3:f6:53:9f:11:44:58:
4d:60:cc:a0:5c:fb:a1:4c:82:e0:d2:be:28:ca:95:
94:7d:4c:cb:6d:de:79:8b:06:18:92:4b:03:c5:d7:
bd:b6:62:34:d5:3d:b0:39:fb:5c:5e:36:cc:c8:fb:
af:d6:ad:60:2b:92:d0:13:24:35:0d:6e:f1:d2:ca:
28:92:6f:05:f3:c8:44:ee:9f:43:70:01:33:a5:f5:
71:e2:b6:f0:b3:d3:f5:d1:51:30:99:69:38:b1:66:
a1:fc:59:2f:73:65:54:36:fa:19:e0:f7:f4:d8:5e:
6e:22:0b:3d:c3:a0:a4:ed:04:b4:61:15:35:29:8f:
0c:f7:f2:c0:0e:90:80:e3:d0:56:af:7c:ac:de:36:
66:d1:26:98:c1:f2:1b:c2:15:eb:73:6d:e9:8e:12:
bf:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:23:3B:25:3D:01:5A:31:E6:C1:8B:52:6B:C8:82:FC:C6:B6:DF:B2
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/QCM7JT0BWjHmwYtSa8iC_Ma237I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.194.0.0/16
193.48.0.0-193.52.255.255
193.54.0.0/15
194.57.0.0/16
194.167.0.0/16
194.199.0.0/16
194.214.0.0/16
194.254.0.0/16
195.83.0.0/16
195.98.224.0/19
195.220.0.0/15
IPv6:
2001:660::/32
Signature Algorithm: sha256WithRSAEncryption
81:ce:50:33:3a:59:cc:36:82:84:ba:c9:04:fa:3b:2d:37:10:
d3:85:4f:81:75:4a:33:6e:e2:04:bc:94:8a:15:b3:13:c6:a9:
a5:ef:31:e4:d0:30:93:c5:eb:2b:41:ae:42:ce:bc:98:17:8d:
fe:16:49:bd:82:9b:c2:85:8a:5b:51:7e:9a:e5:47:b3:95:31:
7c:d6:40:f0:e3:af:a5:76:f5:00:c5:87:6a:be:48:c2:95:d6:
bb:eb:87:38:24:76:f2:e8:d4:3d:ab:f7:12:aa:52:d3:b4:ce:
11:b8:fe:da:db:e9:26:1f:59:46:89:ee:21:c9:7b:70:fa:7a:
09:e5:27:d5:00:b5:ba:f3:2e:38:1d:05:45:14:d2:b4:1d:93:
ee:48:8d:34:7d:85:93:5f:f5:c2:ca:8f:04:bd:27:ab:c3:f3:
22:83:a2:f1:8e:bd:65:b1:ba:43:6e:7d:2f:2f:6d:c3:94:d4:
d8:a9:86:9f:d6:21:f1:b0:e6:30:f3:ec:e4:5f:a3:3b:87:79:
db:e6:60:e7:5d:1d:ab:35:41:41:e9:67:81:9e:db:88:bf:9d:
49:6f:09:02:35:97:da:5a:9e:54:15:9a:f1:58:4e:03:32:f0:
cf:79:df:7a:f9:33:06:83:9d:25:8a:32:62:0b:a4:eb:e1:9f:
96:af:87:da
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzEkwdQdAU4QUSx6ycB5tVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIzM2IyNTNkMDE1YTMxZTZjMThiNTI2YmM4ODJmY2M2YjZkZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxgHhrg0/CyP4hRr1hD2oNvPfsD4
cY9oYmqPS0czYM0sVR6a8AyEfXukbAjefQl8vrwsesCZvVWxe/7xH2qg77LiDFqn
WWiDNjuj6BvZRFnWeaAZ/xonHTAWDRnoXtmxFOP2U58RRFhNYMygXPuhTILg0r4o
ypWUfUzLbd55iwYYkksDxde9tmI01T2wOftcXjbMyPuv1q1gK5LQEyQ1DW7x0soo
km8F88hE7p9DcAEzpfVx4rbws9P10VEwmWk4sWah/Fkvc2VUNvoZ4Pf02F5uIgs9
w6Ck7QS0YRU1KY8M9/LADpCA49BWr3ys3jZm0SaYwfIbwhXrc23pjhK/6wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEAjOyU9AVox5sGLUmvIgvzGtt+yMB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvUUNNN0pUMEJXakhtd1l0U2E4aUNfTWEyMzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwMAUcIwCgMD
BMEwAwMAwTQDAwHBNgMDAMI5AwMAwqcDAwDCxwMDAMLWAwMAwv4DAwDDUwMEBcNi
4AMDAcPcMA0EAgACMAcDBQAgAQZgMA0GCSqGSIb3DQEBCwUAA4IBAQCBzlAzOlnM
NoKEuskE+jstNxDThU+BdUozbuIEvJSKFbMTxqml7zHk0DCTxesrQa5CzryYF43+
Fkm9gpvChYpbUX6a5UezlTF81kDw46+ldvUAxYdqvkjClda764c4JHby6NQ9q/cS
qlLTtM4RuP7a2+kmH1lGie4hyXtw+noJ5SfVALW68y44HQVFFNK0HZPuSI00fYWT
X/XCyo8EvSerw/Mig6Lxjr1lsbpDbn0vL23DlNTYqYaf1iHxsOYw8+zkX6M7h3nb
5mDnXR2rNUFB6WeBntuIv51JbwkCNZfaWp5UFZrxWE4DMvDPed96+TMGg50lijJi
C6Tr4Z+Wr4fa
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:22:00 2024 by rpki-client on console-ams.rpki-client.org