Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/3q-TWeQ3sIDtHAMm4zDfc2tUBHU.roa
File: 3q-TWeQ3sIDtHAMm4zDfc2tUBHU.roa (raw, json)
Hash identifier: Tx4P2H9DjEymQYWHlBhW1lw2Y6g+ry9VLwxcO4JrDSk=
Subject key identifier: DE:AF:93:59:E4:37:B0:80:ED:1C:03:26:E3:30:DF:73:6B:54:04:75
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01922EA67786898BF3B7F4FE834AA54C1373
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/3q-TWeQ3sIDtHAMm4zDfc2tUBHU.roa
Signing time: Thu 26 Sep 2024 14:05:14 +0000
ROA not before: Thu 26 Sep 2024 14:05:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8262
IP address blocks: 82.119.64.0/19 maxlen: 19
82.119.68.0/24 maxlen: 24
82.119.69.0/24 maxlen: 24
82.119.80.0/21 maxlen: 21
82.119.83.0/24 maxlen: 24
82.119.84.0/24 maxlen: 24
82.119.92.0/24 maxlen: 24
82.119.94.0/24 maxlen: 24
85.14.0.0/18 maxlen: 18
85.14.0.0/23 maxlen: 23
85.14.12.0/24 maxlen: 24
85.14.13.0/24 maxlen: 24
85.14.24.0/24 maxlen: 24
85.14.36.0/24 maxlen: 24
85.14.44.0/24 maxlen: 24
85.14.47.0/24 maxlen: 24
85.14.49.0/24 maxlen: 24
89.252.192.0/18 maxlen: 18
89.252.192.0/22 maxlen: 22
89.252.199.0/24 maxlen: 24
89.252.200.0/21 maxlen: 21
89.252.208.0/20 maxlen: 20
89.252.223.0/24 maxlen: 24
89.252.224.0/19 maxlen: 19
89.252.241.0/24 maxlen: 24
89.252.246.0/24 maxlen: 24
176.67.233.0/24 maxlen: 24
176.67.234.0/24 maxlen: 24
185.92.132.0/22 maxlen: 22
194.12.224.0/19 maxlen: 19
194.12.231.0/24 maxlen: 24
194.12.234.0/24 maxlen: 24
194.12.249.0/24 maxlen: 24
194.12.253.0/24 maxlen: 32
194.12.254.0/24 maxlen: 24
2001:1ae0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2e:a6:77:86:89:8b:f3:b7:f4:fe:83:4a:a5:4c:13:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Sep 26 14:05:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deaf9359e437b080ed1c0326e330df736b540475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:33:5b:aa:87:d4:0a:3a:7c:fd:0f:6e:62:cd:
38:e3:94:44:ff:19:8e:8e:f0:1e:21:16:08:51:0b:
3f:ef:80:09:28:fc:0b:c4:52:63:83:5a:cc:f9:9e:
57:0c:6f:2c:97:98:84:22:1d:9f:cf:64:6b:a6:1b:
bf:b7:4f:41:7e:36:45:57:54:1b:6a:79:89:21:cd:
6e:14:01:3a:3d:c5:a3:74:f6:a6:29:b9:7d:31:1e:
de:d7:68:1f:a2:79:38:5e:f7:ae:cb:1d:79:00:af:
2f:ce:72:b6:bf:7e:ea:65:9c:8b:42:7c:78:e3:6a:
ea:9e:c9:ca:88:e4:fb:76:46:b8:22:f2:91:81:a4:
13:3c:26:e8:9e:f6:9c:e0:5e:82:25:6a:95:3b:7b:
cd:d0:c2:bd:3d:d9:53:be:16:39:2e:9e:dd:8b:54:
a2:be:b0:f3:67:b1:ef:7d:ff:84:3e:1b:5d:07:08:
bb:25:60:c1:32:f7:9a:dd:7b:fb:28:43:3a:89:a3:
1b:21:d2:19:89:42:a1:e5:c8:65:36:3b:81:58:59:
49:05:02:59:22:e9:f8:14:18:8f:e0:c5:e5:aa:9d:
8b:c4:48:3e:e4:71:c4:33:d8:f5:4a:31:cf:73:1a:
5b:c4:e2:05:13:2f:88:2b:be:a4:9f:a5:7b:77:fc:
c4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AF:93:59:E4:37:B0:80:ED:1C:03:26:E3:30:DF:73:6B:54:04:75
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/3q-TWeQ3sIDtHAMm4zDfc2tUBHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.64.0/19
85.14.0.0/18
89.252.192.0/18
176.67.233.0-176.67.234.255
185.92.132.0/22
194.12.224.0/19
IPv6:
2001:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:c3:09:50:62:a1:03:21:aa:81:16:cc:55:4d:61:96:d0:ea:
ce:b6:ab:2a:e0:db:f7:fb:73:ba:4c:17:56:3c:9a:8a:04:e0:
12:67:5d:45:1f:35:70:86:6a:75:ee:4a:19:11:78:4e:73:90:
1d:77:a3:5d:a0:91:b0:10:e4:f7:30:3f:00:bb:8e:3c:64:73:
8e:ed:69:26:3d:a1:11:89:45:ef:ef:94:91:93:2b:e8:1f:0e:
6a:cf:3e:1a:ab:e1:20:23:fd:d1:3d:8d:f2:8b:cb:d5:08:f2:
1f:f4:4c:8b:27:02:ff:62:e8:05:11:99:ec:04:03:24:59:2d:
a2:3b:b9:f8:e2:34:20:5f:d3:77:41:63:59:36:16:3c:b2:f6:
0a:52:4d:fa:e3:bc:8f:a3:fa:f7:ba:c6:fc:29:6e:cb:87:57:
e1:f1:5c:88:43:eb:20:12:96:2b:93:ce:1a:69:f5:f7:4f:9f:
1d:f7:cd:7f:04:1e:a7:44:6c:2a:75:78:a2:31:dd:b6:a7:1e:
93:5b:02:8a:45:e0:07:c0:90:c2:7c:9e:f8:20:4c:65:87:ea:
be:41:dd:37:53:84:b4:02:30:e0:7a:ba:f8:69:5d:82:d5:6d:
4e:26:2a:b9:61:e9:9f:cb:56:89:24:c5:d8:4e:15:a2:3d:02:
e7:1a:fa:35
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZIupneGiYvzt/T+g0qlTBNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwOTI2MTQwNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFmOTM1OWU0MzdiMDgwZWQxYzAzMjZlMzMwZGY3MzZiNTQwNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjNbqofUCjp8/Q9uYs0445RE/xmO
jvAeIRYIUQs/74AJKPwLxFJjg1rM+Z5XDG8sl5iEIh2fz2Rrphu/t09BfjZFV1Qb
anmJIc1uFAE6PcWjdPamKbl9MR7e12gfonk4Xveuyx15AK8vznK2v37qZZyLQnx4
42rqnsnKiOT7dka4IvKRgaQTPCbonvac4F6CJWqVO3vN0MK9PdlTvhY5Lp7di1Si
vrDzZ7Hvff+EPhtdBwi7JWDBMvea3Xv7KEM6iaMbIdIZiUKh5chlNjuBWFlJBQJZ
Iun4FBiP4MXlqp2LxEg+5HHEM9j1SjHPcxpbxOIFEy+IK76kn6V7d/zELwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFN6vk1nkN7CA7RwDJuMw33NrVAR1MB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvM3EtVFdlUTNzSUR0SEFNbTR6RGZjMnRVQkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFUndAAwQG
VQ4AAwQGWfzAMAwDBACwQ+kDBACwQ+oDBAK5XIQDBAXCDOAwDQQCAAIwBwMFACAB
GuAwDQYJKoZIhvcNAQELBQADggEBAGvDCVBioQMhqoEWzFVNYZbQ6s62qyrg2/f7
c7pMF1Y8mooE4BJnXUUfNXCGanXuShkReE5zkB13o12gkbAQ5PcwPwC7jjxkc47t
aSY9oRGJRe/vlJGTK+gfDmrPPhqr4SAj/dE9jfKLy9UI8h/0TIsnAv9i6AURmewE
AyRZLaI7ufjiNCBf03dBY1k2Fjyy9gpSTfrjvI+j+ve6xvwpbsuHV+HxXIhD6yAS
liuTzhpp9fdPnx33zX8EHqdEbCp1eKIx3banHpNbAopF4AfAkMJ8nvggTGWH6r5B
3TdThLQCMOB6uvhpXYLVbU4mKrlh6Z/LVokkxdhOFaI9Auca+jU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:37 2024 by rpki-client on console-fra.rpki-client.org