Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QcCwlboKo7aAjT-XBY2E11ir-tI.roa
File: QcCwlboKo7aAjT-XBY2E11ir-tI.roa (raw, json)
Hash identifier: 0HxXEZAvH0HsFu4pnXv+G+jXgNXIX7kknxZhiZcn708=
Subject key identifier: 41:C0:B0:95:BA:0A:A3:B6:80:8D:3F:97:05:8D:84:D7:58:AB:FA:D2
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019104DE05CD555BE2305E4F2DD5F90AFB42
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QcCwlboKo7aAjT-XBY2E11ir-tI.roa
Signing time: Tue 30 Jul 2024 18:19:04 +0000
ROA not before: Tue 30 Jul 2024 18:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:04:de:05:cd:55:5b:e2:30:5e:4f:2d:d5:f9:0a:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 30 18:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c0b095ba0aa3b6808d3f97058d84d758abfad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:dd:92:d3:1b:3b:fd:89:c3:89:bb:05:ff:
7e:1d:60:3f:26:99:8b:84:9f:aa:34:66:8a:90:07:
75:73:16:68:67:90:96:90:7e:dd:9d:e4:08:91:94:
eb:07:40:40:23:6f:1c:45:ee:ae:50:ff:a2:33:ee:
72:44:f5:d8:06:88:2f:10:70:54:34:b9:21:20:82:
17:c5:5b:41:10:8f:11:bd:cc:30:40:52:c5:ac:57:
ab:46:bd:4f:45:c2:d5:1e:cd:ab:fd:d1:53:f1:97:
1f:b3:55:aa:1d:0c:15:8b:cf:16:b2:5c:41:18:ad:
d8:d2:96:e5:29:9b:a6:d0:3c:20:cf:fc:25:b5:65:
15:37:ab:28:85:82:a7:ea:a6:65:5d:b9:ed:e9:33:
0d:ee:72:33:a6:c9:ad:38:42:92:94:56:a5:c0:ce:
48:9e:d2:e1:27:2a:b0:0e:f1:07:05:a4:9d:f9:81:
6c:80:cf:9e:63:35:36:8f:96:2d:c2:ea:1a:ab:e6:
1d:55:89:62:a9:92:5e:56:ce:da:ec:e8:47:80:db:
42:c6:25:58:5f:40:9c:86:6b:b2:26:90:16:9b:85:
d4:f7:88:e5:c2:80:3b:c4:bf:bb:59:dc:74:d8:8c:
62:61:26:fc:6c:68:93:b1:84:0f:c3:b7:ab:96:d5:
47:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C0:B0:95:BA:0A:A3:B6:80:8D:3F:97:05:8D:84:D7:58:AB:FA:D2
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QcCwlboKo7aAjT-XBY2E11ir-tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
79.98.182.0/24
162.218.89.0/24
162.218.91.0/24
162.218.93.0/24
185.52.136.0/24
185.52.139.0/24
185.161.191.0/24
185.171.126.0/24
185.187.214.0/23
185.205.206.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
12:5d:4d:93:f4:2f:da:5c:34:c7:a7:41:3e:3f:e6:6b:cb:0e:
4f:d7:38:1b:e3:89:a3:6d:76:1e:05:0e:a0:1a:56:b8:4a:fc:
10:85:55:58:68:cf:ea:96:42:71:34:dd:c2:b4:49:45:b5:74:
d2:c4:92:87:1a:e2:4c:d1:03:cb:3c:60:48:1c:30:92:2a:a8:
6d:cd:ec:21:e8:32:61:54:1e:2d:37:02:3f:08:eb:6e:e2:f9:
f3:97:a4:1e:c4:4b:9d:d4:65:c3:bc:8b:0f:48:70:40:a4:ba:
ce:0f:89:f4:d7:0e:a1:df:42:94:1f:9b:fc:49:60:be:47:f6:
17:35:ea:ce:05:bd:6c:85:5e:98:cf:14:89:be:35:23:c4:06:
98:fb:6a:41:81:d9:ab:1f:44:03:44:2b:85:ec:6c:1c:bf:aa:
04:37:58:e6:b6:6d:27:f7:14:12:6c:8d:93:73:95:ad:b1:2b:
07:4a:c1:be:db:89:58:be:70:b5:d7:cf:09:46:0e:ec:b3:f6:
53:33:f6:d1:28:71:8d:ac:f6:fd:10:1b:31:53:04:8a:cb:fc:
5f:6c:ad:dd:f1:8f:c0:aa:de:66:bc:01:dd:4e:7d:df:35:95:
4d:9b:4c:1e:db:4d:98:e7:a0:bf:00:b2:bb:61:33:b9:5a:c1:
8f:82:8f:d2
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZEE3gXNVVviMF5PLdX5CvtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNzMwMTgxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWMwYjA5NWJhMGFhM2I2ODA4ZDNmOTcwNThkODRkNzU4YWJmYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpDdktMbO/2Jw4m7Bf9+HWA/JpmL
hJ+qNGaKkAd1cxZoZ5CWkH7dneQIkZTrB0BAI28cRe6uUP+iM+5yRPXYBogvEHBU
NLkhIIIXxVtBEI8RvcwwQFLFrFerRr1PRcLVHs2r/dFT8Zcfs1WqHQwVi88WslxB
GK3Y0pblKZum0Dwgz/wltWUVN6sohYKn6qZlXbnt6TMN7nIzpsmtOEKSlFalwM5I
ntLhJyqwDvEHBaSd+YFsgM+eYzU2j5Ytwuoaq+YdVYliqZJeVs7a7OhHgNtCxiVY
X0CchmuyJpAWm4XU94jlwoA7xL+7Wdx02IxiYSb8bGiTsYQPw7erltVH6QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFEHAsJW6CqO2gI0/lwWNhNdYq/rSMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUWNDd2xib0tvN2FBalQtWEJZMkUxMWlyLXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABba4AwQA
LUOSAwQATh/OAwQAT2K2AwQAotpZAwQAotpbAwQAotpdAwQAuTSIAwQAuTSLAwQA
uaG/AwQAuat+AwQBubvWAwQAuc3OMAwDBAO50JgDBAC50JoDBAC55nkwDQYJKoZI
hvcNAQELBQADggEBABJdTZP0L9pcNMenQT4/5mvLDk/XOBvjiaNtdh4FDqAaVrhK
/BCFVVhoz+qWQnE03cK0SUW1dNLEkoca4kzRA8s8YEgcMJIqqG3N7CHoMmFUHi03
Aj8I627i+fOXpB7ES53UZcO8iw9IcECkus4PifTXDqHfQpQfm/xJYL5H9hc16s4F
vWyFXpjPFIm+NSPEBpj7akGB2asfRANEK4XsbBy/qgQ3WOa2bSf3FBJsjZNzla2x
KwdKwb7biVi+cLXXzwlGDuyz9lMz9tEocY2s9v0QGzFTBIrL/F9srd3xj8Cq3ma8
Ad1Ofd81lU2bTB7bTZjnoL8AsrthM7lawY+Cj9I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:41 2024 by rpki-client on console-fra.rpki-client.org