Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/q7fvuaVPzl7C4q4T4E9qT5sAG_E.roa
File: q7fvuaVPzl7C4q4T4E9qT5sAG_E.roa (raw, json)
Hash identifier: aQo/kAuXRk2oELppLaY4YHs4ON4FR+JqW+lr17+K7Lo=
Subject key identifier: AB:B7:EF:B9:A5:4F:CE:5E:C2:E2:AE:13:E0:4F:6A:4F:9B:00:1B:F1
Certificate issuer: /CN=0de2720c57db027610c821c84047b110bc36ddc3
Certificate serial: 018CC3B714463AFB79E9220F6410A4E4D643
Authority key identifier: 0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/q7fvuaVPzl7C4q4T4E9qT5sAG_E.roa
Signing time: Mon 01 Jan 2024 06:30:04 +0000
ROA not before: Mon 01 Jan 2024 06:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202829
IP address blocks: 185.152.188.0/22 maxlen: 24
194.11.83.0/24 maxlen: 24
194.11.16.0/24 maxlen: 24
194.11.19.0/24 maxlen: 24
194.11.25.0/24 maxlen: 24
2a07:80c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:14:46:3a:fb:79:e9:22:0f:64:10:a4:e4:d6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0de2720c57db027610c821c84047b110bc36ddc3
Validity
Not Before: Jan 1 06:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abb7efb9a54fce5ec2e2ae13e04f6a4f9b001bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:34:18:87:1b:45:39:65:7e:3d:80:71:18:2b:
b5:a8:04:9f:ea:96:fc:0c:62:c0:cd:45:e5:13:b7:
cf:75:b7:61:d9:e4:e7:60:3b:90:52:62:45:50:99:
be:b3:d3:30:aa:7a:9a:90:32:5f:a9:87:8f:09:a5:
ef:05:64:fa:69:8b:c0:0f:f0:18:1b:53:9d:d3:48:
8c:90:6d:c9:60:7e:63:75:24:fc:33:e2:7b:97:e6:
81:27:3b:99:53:79:da:7e:77:52:79:c3:b8:77:95:
29:45:7f:d0:7b:c5:48:06:4d:09:77:de:7e:a6:2b:
e8:cd:33:35:cc:42:f7:c8:81:1e:d2:4a:01:d1:ea:
16:04:6c:5e:f5:61:af:68:00:4e:cd:a7:02:27:ae:
ef:4c:65:ff:27:c2:5a:13:b3:da:ce:41:91:11:f0:
a5:dd:9d:79:60:00:d3:4e:fb:4e:f2:12:67:45:a2:
92:ac:1b:3f:2f:3d:cd:28:0f:a9:e8:fd:6d:d1:a1:
2e:42:23:70:a3:d0:f6:b9:0b:59:e5:1f:c8:43:fb:
e0:7d:8c:da:9a:86:3f:63:63:94:07:b4:6e:81:38:
1a:65:79:fb:ed:38:d6:4f:16:ad:f6:ce:fa:01:b5:
97:6e:d8:79:05:4f:73:fa:83:3e:a5:b1:b6:06:4b:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B7:EF:B9:A5:4F:CE:5E:C2:E2:AE:13:E0:4F:6A:4F:9B:00:1B:F1
X509v3 Authority Key Identifier:
keyid:0D:E2:72:0C:57:DB:02:76:10:C8:21:C8:40:47:B1:10:BC:36:DD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DeJyDFfbAnYQyCHIQEexELw23cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/q7fvuaVPzl7C4q4T4E9qT5sAG_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/c5a530-130b-4a62-9820-6310bf63051f/1/DeJyDFfbAnYQyCHIQEexELw23cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.188.0/22
194.11.16.0/24
194.11.19.0/24
194.11.25.0/24
194.11.83.0/24
IPv6:
2a07:80c0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:2e:2c:2b:86:1d:69:6b:8b:16:71:84:71:d1:a2:5f:5b:3c:
97:26:7f:c6:dc:f2:2a:6f:e9:6f:cc:a6:5f:56:4a:ba:71:e1:
ec:53:37:3d:aa:3d:75:44:8f:a4:9d:53:bc:75:51:39:46:5b:
53:8a:3b:c9:ea:dd:5e:6e:33:d0:ae:6c:fb:22:53:31:13:1b:
05:91:8d:ce:69:e7:55:2a:cd:74:ee:50:e0:a9:32:fc:1f:9a:
35:61:fd:14:4a:69:58:4d:1d:d4:2d:9c:ea:aa:10:fa:68:4f:
b2:c0:1f:74:3f:4a:34:e9:63:9f:8f:c4:1a:2e:54:f8:2f:08:
72:94:7c:bc:ab:66:06:b3:3a:46:b9:fb:22:d2:de:e8:30:32:
6f:30:60:ae:26:dc:1f:f4:3a:4d:41:8e:3a:bb:7f:bf:16:e9:
a4:1d:aa:89:b0:30:c7:35:c1:a3:59:5e:48:12:75:57:0c:1a:
ea:36:30:2e:1c:9f:3c:1e:48:91:5e:86:f4:65:da:f4:89:15:
c6:c7:15:2c:6e:d8:b8:be:52:9c:35:bd:cf:61:b0:fe:9e:74:
98:58:d8:2b:27:ff:c9:87:37:e6:ae:ac:86:5d:16:45:aa:bd:
30:cc:7d:43:a7:f1:fb:5d:1f:f4:b8:b3:b3:91:ff:03:99:65:
2c:53:a7:87
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtxRGOvt56SIPZBCk5NZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZTI3MjBjNTdkYjAyNzYxMGM4MjFjODQwNDdiMTEwYmMz
NmRkYzMwHhcNMjQwMTAxMDYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI3ZWZiOWE1NGZjZTVlYzJlMmFlMTNlMDRmNmE0ZjliMDAxYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjQYhxtFOWV+PYBxGCu1qASf6pb8
DGLAzUXlE7fPdbdh2eTnYDuQUmJFUJm+s9MwqnqakDJfqYePCaXvBWT6aYvAD/AY
G1Od00iMkG3JYH5jdST8M+J7l+aBJzuZU3nafndSecO4d5UpRX/Qe8VIBk0Jd95+
pivozTM1zEL3yIEe0koB0eoWBGxe9WGvaABOzacCJ67vTGX/J8JaE7PazkGREfCl
3Z15YADTTvtO8hJnRaKSrBs/Lz3NKA+p6P1t0aEuQiNwo9D2uQtZ5R/IQ/vgfYza
moY/Y2OUB7RugTgaZXn77TjWTxat9s76AbWXbth5BU9z+oM+pbG2Bks7cwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKu377mlT85ewuKuE+BPak+bABvxMB8GA1UdIwQY
MBaAFA3icgxX2wJ2EMghyEBHsRC8Nt3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAt
NjMxMGJmNjMwNTFmLzEvcTdmdnVhVlB6bDdDNHE0VDRFOXFUNXNBR19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jNWE1MzAtMTMwYi00YTYyLTk4MjAtNjMxMGJmNjMwNTFm
LzEvRGVKeURGZmJBbllReUNISVFFZXhFTHcyM2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuZi8AwQA
wgsQAwQAwgsTAwQAwgsZAwQAwgtTMA0EAgACMAcDBQMqB4DAMA0GCSqGSIb3DQEB
CwUAA4IBAQBaLiwrhh1pa4sWcYRx0aJfWzyXJn/G3PIqb+lvzKZfVkq6ceHsUzc9
qj11RI+knVO8dVE5RltTijvJ6t1ebjPQrmz7IlMxExsFkY3OaedVKs107lDgqTL8
H5o1Yf0USmlYTR3ULZzqqhD6aE+ywB90P0o06WOfj8QaLlT4LwhylHy8q2YGszpG
ufsi0t7oMDJvMGCuJtwf9DpNQY46u3+/FumkHaqJsDDHNcGjWV5IEnVXDBrqNjAu
HJ88HkiRXob0Zdr0iRXGxxUsbti4vlKcNb3PYbD+nnSYWNgrJ//JhzfmrqyGXRZF
qr0wzH1Dp/H7XR/0uLOzkf8DmWUsU6eH
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:11 2024 by rpki-client on console-fra.rpki-client.org