Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/QjKRCgsZm7miQ6Sx_YIJ4ecfw-Y.roa
File: QjKRCgsZm7miQ6Sx_YIJ4ecfw-Y.roa (raw, json)
Hash identifier: DV7hjc5UObbs4shHmCCrheKJQPT8h8wCl31pOuE3KAA=
Subject key identifier: 42:32:91:0A:0B:19:9B:B9:A2:43:A4:B1:FD:82:09:E1:E7:1F:C3:E6
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 0192900E5789F8280F7B01297C6B77BD807F
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/QjKRCgsZm7miQ6Sx_YIJ4ecfw-Y.roa
Signing time: Tue 15 Oct 2024 12:01:51 +0000
ROA not before: Tue 15 Oct 2024 12:01:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41176
IP address blocks: 89.108.0.0/18 maxlen: 18
89.108.26.0/23 maxlen: 23
89.108.26.0/24 maxlen: 24
89.108.27.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.29.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
185.20.152.0/22 maxlen: 22
185.20.152.0/24 maxlen: 24
188.117.64.0/18 maxlen: 18
188.117.72.0/22 maxlen: 22
188.117.76.0/22 maxlen: 22
188.117.76.0/24 maxlen: 24
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.80.0/23 maxlen: 23
188.117.80.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.100.0/23 maxlen: 23
188.117.104.0/24 maxlen: 24
188.117.107.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.64.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.70.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.85.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.36.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.39.0/24 maxlen: 24
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.53.0/24 maxlen: 24
213.236.56.0/21 maxlen: 21
213.236.56.0/22 maxlen: 22
213.236.59.0/24 maxlen: 24
213.236.60.0/22 maxlen: 22
213.236.60.0/24 maxlen: 24
213.236.62.0/24 maxlen: 24
2a02:d70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:90:0e:57:89:f8:28:0f:7b:01:29:7c:6b:77:bd:80:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Oct 15 12:01:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4232910a0b199bb9a243a4b1fd8209e1e71fc3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5f:49:9e:cf:85:ef:3e:70:2f:3f:97:3f:4f:
e1:9f:e3:f1:a2:fc:81:ed:c0:e5:f0:a3:e8:37:f3:
65:4a:05:10:59:e2:9f:48:67:3b:60:d2:4d:d2:15:
77:27:16:e9:f8:19:47:cd:df:c7:1f:ab:4e:60:db:
5e:da:bb:3f:b6:b6:49:ec:72:34:f4:3a:4f:b8:00:
31:ff:26:65:44:c2:f5:b6:a6:0e:d4:62:26:1c:a1:
27:3c:e6:a0:77:87:4a:7e:44:2b:ad:0f:ed:1b:ec:
50:6b:c7:13:5c:16:0a:4e:bf:33:3f:38:ee:cb:12:
72:ed:48:18:68:3a:23:42:62:bb:7f:50:56:1d:e6:
64:d0:cc:bd:96:91:02:f6:19:19:b5:1c:1a:ab:2f:
3b:0f:ad:32:a4:cd:60:c4:98:7d:49:36:21:82:16:
9b:03:f6:25:d2:8f:42:8c:60:55:5b:dc:c4:02:fb:
cb:df:70:ae:8a:09:4c:a0:04:cc:3d:c0:0d:ca:76:
77:37:b2:9e:23:ce:00:d7:77:2f:c2:c1:a9:b1:e0:
7d:d2:25:f2:a5:c4:8e:63:c9:f7:5a:00:93:01:79:
5e:42:f7:70:f2:7f:cf:04:9d:8b:19:25:79:2b:bf:
a4:40:c7:53:97:bc:ea:68:41:d0:60:f9:14:fc:bb:
8a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:32:91:0A:0B:19:9B:B9:A2:43:A4:B1:FD:82:09:E1:E7:1F:C3:E6
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/QjKRCgsZm7miQ6Sx_YIJ4ecfw-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
31:23:03:c1:23:5f:b2:94:b8:b2:e6:87:07:af:58:65:59:85:
57:d7:a3:7c:41:f5:09:c0:1a:3f:25:40:4b:6b:70:e9:b6:a4:
32:28:ad:2a:6b:d9:bd:6e:25:29:be:2c:5f:66:6b:2e:0d:2d:
d6:ea:3d:21:ea:42:28:18:4c:01:bb:02:be:7f:a5:c3:c4:f5:
0a:30:10:ad:4f:14:6c:1b:4e:c8:57:3c:8f:09:92:30:43:f0:
1c:06:87:82:ba:e9:4e:6b:b4:f1:d7:eb:8a:a6:9e:ac:f8:d4:
39:11:e6:29:a2:d3:7b:13:e2:b8:b5:ea:62:ea:51:2d:ac:3a:
2a:21:10:9d:ea:e0:d7:e6:8c:ac:41:19:94:44:f8:b2:83:da:
d3:3f:9a:ad:3e:95:30:81:5b:36:ca:f1:53:1a:5e:df:1c:03:
43:65:e5:95:e7:1e:91:9c:67:53:6e:46:0e:cd:3b:dd:b2:cf:
f1:76:0a:3c:88:f0:0b:77:c3:02:7c:97:3c:98:db:e4:d0:9f:
d2:b8:80:ce:ad:3e:b7:a0:38:ae:a9:37:87:5a:6a:3a:b6:26:
41:db:3c:b5:66:af:1d:4e:87:00:e0:3f:a7:15:9b:1d:a1:dc:
a7:44:35:42:8d:5c:50:cb:61:cc:ef:37:0a:69:25:6e:4a:09:
51:29:2a:81
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZKQDleJ+CgPewEpfGt3vYB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjQxMDE1MTIwMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMyOTEwYTBiMTk5YmI5YTI0M2E0YjFmZDgyMDllMWU3MWZjM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l9Jns+F7z5wLz+XP0/hn+PxovyB
7cDl8KPoN/NlSgUQWeKfSGc7YNJN0hV3Jxbp+BlHzd/HH6tOYNte2rs/trZJ7HI0
9DpPuAAx/yZlRML1tqYO1GImHKEnPOagd4dKfkQrrQ/tG+xQa8cTXBYKTr8zPzju
yxJy7UgYaDojQmK7f1BWHeZk0My9lpEC9hkZtRwaqy87D60ypM1gxJh9STYhghab
A/Yl0o9CjGBVW9zEAvvL33CuiglMoATMPcANynZ3N7KeI84A13cvwsGpseB90iXy
pcSOY8n3WgCTAXleQvdw8n/PBJ2LGSV5K7+kQMdTl7zqaEHQYPkU/LuKIwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEIykQoLGZu5okOksf2CCeHnH8PmMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvUWpLUkNnc1ptN21pUTZTeF9ZSUo0ZWNmdy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQAxIwPBI1+ylLiy5ocHr1hlWYVX16N8QfUJwBo/JUBLa3DptqQyKK0q
a9m9biUpvixfZmsuDS3W6j0h6kIoGEwBuwK+f6XDxPUKMBCtTxRsG07IVzyPCZIw
Q/AcBoeCuulOa7Tx1+uKpp6s+NQ5EeYpotN7E+K4tepi6lEtrDoqIRCd6uDX5oys
QRmURPiyg9rTP5qtPpUwgVs2yvFTGl7fHANDZeWV5x6RnGdTbkYOzTvdss/xdgo8
iPALd8MCfJc8mNvk0J/SuIDOrT63oDiuqTeHWmo6tiZB2zy1Zq8dTocA4D+nFZsd
odynRDVCjVxQy2HM7zcKaSVuSglRKSqB
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:10 2024 by rpki-client on console-fra.rpki-client.org