Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/qSzVvqhIQgEd-SuzuiucCa4czZw.roa
File: qSzVvqhIQgEd-SuzuiucCa4czZw.roa (raw, json)
Hash identifier: OnjzTfNHqqGlJ+mbMyy7ZPBTjj2sVMlqDeSDowpIk5U=
Subject key identifier: A9:2C:D5:BE:A8:48:42:01:1D:F9:2B:B3:BA:2B:9C:09:AE:1C:CD:9C
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 018CC2DAF8EF61C84A86587B7A1D2A084089
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/qSzVvqhIQgEd-SuzuiucCa4czZw.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204085
IP address blocks: 185.132.8.0/23 maxlen: 23
185.132.10.0/23 maxlen: 23
185.127.44.0/23 maxlen: 23
185.127.46.0/23 maxlen: 23
185.110.0.0/23 maxlen: 23
185.110.3.0/24 maxlen: 24
185.110.2.0/24 maxlen: 24
185.123.248.0/22 maxlen: 22
185.123.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f8:ef:61:c8:4a:86:58:7b:7a:1d:2a:08:40:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a92cd5bea84842011df92bb3ba2b9c09ae1ccd9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:28:9b:50:c9:cd:f6:42:52:6d:2a:8c:e8:84:
ac:67:e9:d1:d1:06:ac:cc:f3:db:60:9e:a3:65:d5:
91:ff:56:03:c2:5e:84:2d:50:c7:cc:44:ce:9e:92:
86:af:83:6d:bc:2a:75:2a:94:a5:9f:32:b9:97:81:
33:00:29:0e:92:f6:c6:76:33:97:02:ea:67:4a:06:
ae:44:0d:88:aa:60:f7:b6:6f:ed:38:16:88:65:3b:
2d:d2:20:76:ba:8f:ca:67:12:f3:27:b2:c6:c1:28:
d7:62:23:46:dd:56:18:00:6d:9f:ef:ad:6a:75:8a:
b0:97:26:7d:14:3d:08:fc:5d:a9:c0:6d:20:ea:6c:
a9:d2:00:d0:79:a7:60:e2:0d:a2:46:e1:4b:93:6a:
99:a5:f8:2d:89:a1:ed:f2:e1:04:89:bb:93:47:45:
8c:b0:0b:0c:7c:f6:e7:13:26:c5:33:23:f3:68:21:
41:92:ee:09:1d:ed:a8:f8:3a:da:65:73:db:5e:2d:
1a:bf:41:96:dc:e7:b4:d4:c1:4a:cb:97:c3:c4:21:
4d:cb:06:29:f7:0e:d4:b9:54:42:ff:5c:ef:7d:22:
75:7a:06:8e:2f:08:ef:cf:00:b9:f3:87:a5:f4:d8:
39:9e:17:5f:4e:d6:75:38:64:a7:cc:7b:48:42:e2:
22:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2C:D5:BE:A8:48:42:01:1D:F9:2B:B3:BA:2B:9C:09:AE:1C:CD:9C
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/qSzVvqhIQgEd-SuzuiucCa4czZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.0.0/22
185.123.248.0/21
185.127.44.0/22
185.132.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:d7:9e:dc:8d:50:cd:8b:80:86:7e:5a:55:0e:86:c7:16:61:
12:18:22:51:95:29:2d:fe:31:d2:05:11:18:87:43:9f:29:4c:
43:32:6e:a6:36:2e:08:2b:16:77:51:db:ab:73:ca:d3:47:34:
9f:fb:4e:14:e6:83:c0:ac:27:c0:db:3d:e1:81:07:7d:9c:c5:
94:44:7b:c7:75:73:7d:3b:32:bc:38:94:e4:66:66:c7:ac:df:
e1:da:3a:69:63:1f:ca:19:89:c0:4b:aa:93:cf:8c:3a:d9:56:
69:ba:3a:c3:62:67:88:64:a4:40:50:e0:60:f1:32:14:7f:03:
38:71:91:bf:cb:0e:af:4d:59:ee:69:02:04:e9:88:d6:27:cb:
e5:14:92:ee:31:8f:90:40:3f:b3:bd:a3:41:8f:80:e9:85:53:
3e:8c:b6:cb:18:41:c0:60:9c:c7:c9:f6:44:40:15:e2:f9:19:
4e:4f:e6:b4:bd:b7:e9:ec:f6:02:39:29:35:d0:74:8e:69:e9:
aa:f8:4e:2a:c3:78:a6:03:e6:9a:8e:f1:90:c6:8f:a9:81:b5:
f0:5a:40:8c:c9:fb:12:50:0f:74:c4:90:bc:1a:3d:09:15:77:
c7:e2:c2:54:13:7a:70:d5:8a:be:23:75:55:5d:1e:7d:e3:31:
8b:43:99:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2vjvYchKhlh7eh0qCECJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJjZDViZWE4NDg0MjAxMWRmOTJiYjNiYTJiOWMwOWFlMWNjZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyibUMnN9kJSbSqM6ISsZ+nR0Qas
zPPbYJ6jZdWR/1YDwl6ELVDHzETOnpKGr4NtvCp1KpSlnzK5l4EzACkOkvbGdjOX
AupnSgauRA2IqmD3tm/tOBaIZTst0iB2uo/KZxLzJ7LGwSjXYiNG3VYYAG2f761q
dYqwlyZ9FD0I/F2pwG0g6myp0gDQeadg4g2iRuFLk2qZpfgtiaHt8uEEibuTR0WM
sAsMfPbnEybFMyPzaCFBku4JHe2o+DraZXPbXi0av0GW3Oe01MFKy5fDxCFNywYp
9w7UuVRC/1zvfSJ1egaOLwjvzwC584el9Ng5nhdfTtZ1OGSnzHtIQuIiCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKks1b6oSEIBHfkrs7ornAmuHM2cMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvcVN6VnZxaElRZ0VkLVN1enVpdWNDYTRjelp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuW4AAwQD
uXv4AwQCuX8sAwQCuYQIMA0GCSqGSIb3DQEBCwUAA4IBAQAv157cjVDNi4CGflpV
DobHFmESGCJRlSkt/jHSBREYh0OfKUxDMm6mNi4IKxZ3Udurc8rTRzSf+04U5oPA
rCfA2z3hgQd9nMWURHvHdXN9OzK8OJTkZmbHrN/h2jppYx/KGYnAS6qTz4w62VZp
ujrDYmeIZKRAUOBg8TIUfwM4cZG/yw6vTVnuaQIE6YjWJ8vlFJLuMY+QQD+zvaNB
j4DphVM+jLbLGEHAYJzHyfZEQBXi+RlOT+a0vbfp7PYCOSk10HSOaemq+E4qw3im
A+aajvGQxo+pgbXwWkCMyfsSUA90xJC8Gj0JFXfH4sJUE3pw1Yq+I3VVXR594zGL
Q5nU
-----END CERTIFICATE-----
Generated at Sun May 19 05:11:14 2024 by rpki-client on console-fra.rpki-client.org