Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/QBb8TzqesrK0Nbj_phj1-I4Epyc.roa
File: QBb8TzqesrK0Nbj_phj1-I4Epyc.roa (raw, json)
Hash identifier: JKdGyoZdjeUuYxIOlsv637wqUG8BBjDrMWTtiLs6N1s=
Subject key identifier: 40:16:FC:4F:3A:9E:B2:B2:B4:35:B8:FF:A6:18:F5:F8:8E:04:A7:27
Certificate issuer: /CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Certificate serial: 018CC5DC57D1A51A6535EBC5649B0D832ACA
Authority key identifier: 78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/QBb8TzqesrK0Nbj_phj1-I4Epyc.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51978
IP address blocks: 194.182.192.0/19 maxlen: 19
82.180.64.0/18 maxlen: 18
194.182.200.0/22 maxlen: 22
185.8.136.0/22 maxlen: 22
46.30.112.0/21 maxlen: 21
64.190.238.0/23 maxlen: 23
130.193.112.0/21 maxlen: 21
46.35.32.0/20 maxlen: 20
2a03:b580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:57:d1:a5:1a:65:35:eb:c5:64:9b:0d:83:2a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4016fc4f3a9eb2b2b435b8ffa618f5f88e04a727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:29:52:ce:67:26:22:17:07:38:56:9a:c2:
39:92:6e:6e:06:9f:79:d3:93:46:13:b6:7f:e8:25:
fb:d6:d3:c5:2e:a0:1f:e2:b2:f8:de:67:62:3d:0e:
35:f6:e9:40:1a:ce:03:bf:04:69:50:29:a0:48:18:
0a:75:36:18:c2:9c:6a:6a:cb:a3:c9:d1:cc:33:44:
8e:f4:ee:2e:4e:e6:12:43:c0:ed:73:e0:bd:b3:ee:
e5:70:13:56:31:67:1f:95:2a:67:93:53:fb:e0:09:
6d:70:f7:16:dc:33:01:b2:f6:6c:32:a5:8c:96:df:
da:84:f4:b9:0e:87:77:52:1c:4d:43:fe:79:84:9d:
fc:3d:08:70:6e:b6:ec:0d:51:d6:e4:87:12:a8:59:
88:64:de:25:eb:cb:22:3b:01:fe:f4:37:20:b9:25:
ce:60:23:1d:c4:1a:0d:fc:b1:12:ca:49:c8:6e:98:
5e:8b:36:2c:16:ce:c9:e1:2c:02:2c:14:0a:bc:cc:
94:66:84:ef:fd:8e:d1:3c:83:41:49:ab:c7:3a:d1:
8b:30:c5:31:ce:83:c0:bc:61:64:74:a4:a1:81:d0:
97:60:1d:7d:f5:b0:bc:19:a4:d8:e3:94:f8:91:9f:
aa:31:ed:c4:7c:e3:35:b4:b8:e7:63:c5:03:3c:63:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:16:FC:4F:3A:9E:B2:B2:B4:35:B8:FF:A6:18:F5:F8:8E:04:A7:27
X509v3 Authority Key Identifier:
keyid:78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/QBb8TzqesrK0Nbj_phj1-I4Epyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.112.0/21
46.35.32.0/20
64.190.238.0/23
82.180.64.0/18
130.193.112.0/21
185.8.136.0/22
194.182.192.0/19
IPv6:
2a03:b580::/32
Signature Algorithm: sha256WithRSAEncryption
1a:27:5e:64:07:4c:bd:41:d7:b9:9a:a0:86:e0:eb:a6:48:89:
59:09:87:10:3c:67:6c:06:54:b1:04:09:40:4d:65:62:be:e8:
52:e2:04:36:b3:98:1d:a3:27:06:db:15:b9:d3:12:b9:52:0a:
e3:bc:99:01:61:7e:f7:9d:a9:2a:9c:06:b2:9f:8c:16:07:f5:
87:aa:62:53:de:2c:cb:ae:d3:05:5d:0c:3a:db:6c:ad:80:a7:
97:37:f3:e8:6a:23:61:21:4c:11:d3:e2:2a:06:c0:f2:7d:ae:
dc:d5:59:5c:1e:73:08:49:19:7f:f5:0d:6e:62:83:a9:1c:c8:
4b:6b:5f:41:fc:dc:58:39:ee:58:01:31:fc:80:da:95:d5:73:
b6:64:40:8b:38:c5:05:b0:0a:8b:91:f6:3b:c0:01:1b:90:7c:
30:cf:1c:8e:71:41:74:83:f5:e1:0c:7c:8c:91:86:64:26:18:
3a:11:76:67:7a:47:52:1e:81:71:c8:ac:8f:07:7d:1a:73:e6:
b9:36:52:20:53:50:b9:b5:1f:13:51:31:1f:70:ef:b2:55:4e:
04:1f:89:fd:b5:fb:f4:b5:6f:ca:bb:a8:f1:6b:22:bd:c1:66:
13:54:f2:7d:71:55:0b:c4:ba:b3:39:d3:5c:c2:e1:ac:28:b5:
4a:4e:c2:fb
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzF3FfRpRplNevFZJsNgyrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YTRjNGVhZWY2ZmUxNzA1Njk4YjAwZTYxOTE1Njc3YTJm
YjhkNWIwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE2ZmM0ZjNhOWViMmIyYjQzNWI4ZmZhNjE4ZjVmODhlMDRhNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzIpUs5nJiIXBzhWmsI5km5uBp95
05NGE7Z/6CX71tPFLqAf4rL43mdiPQ419ulAGs4DvwRpUCmgSBgKdTYYwpxqasuj
ydHMM0SO9O4uTuYSQ8Dtc+C9s+7lcBNWMWcflSpnk1P74AltcPcW3DMBsvZsMqWM
lt/ahPS5Dod3UhxNQ/55hJ38PQhwbrbsDVHW5IcSqFmIZN4l68siOwH+9DcguSXO
YCMdxBoN/LESyknIbpheizYsFs7J4SwCLBQKvMyUZoTv/Y7RPINBSavHOtGLMMUx
zoPAvGFkdKShgdCXYB199bC8GaTY45T4kZ+qMe3EfOM1tLjnY8UDPGPu9QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEAW/E86nrKytDW4/6YY9fiOBKcnMB8GA1UdIwQY
MBaAFHikxOrvb+FwVpiwDmGRVnei+41bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzct
NDI5MzA3ZjI0MzIwLzEvUUJiOFR6cWVzckswTmJqX3BoajEtSTRFcHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzctNDI5MzA3ZjI0MzIw
LzEvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLh5wAwQE
LiMgAwQBQL7uAwQGUrRAAwQDgsFwAwQCuQiIAwQFwrbAMA0EAgACMAcDBQAqA7WA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaJ15kB0y9Qde5mqCG4OumSIlZCYcQPGdsBlSx
BAlATWVivuhS4gQ2s5gdoycG2xW50xK5UgrjvJkBYX73nakqnAayn4wWB/WHqmJT
3izLrtMFXQw622ytgKeXN/PoaiNhIUwR0+IqBsDyfa7c1VlcHnMISRl/9Q1uYoOp
HMhLa19B/NxYOe5YATH8gNqV1XO2ZECLOMUFsAqLkfY7wAEbkHwwzxyOcUF0g/Xh
DHyMkYZkJhg6EXZnekdSHoFxyKyPB30ac+a5NlIgU1C5tR8TUTEfcO+yVU4EH4n9
tfv0tW/Ku6jxayK9wWYTVPJ9cVULxLqzOdNcwuGsKLVKTsL7
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:42:50 2024 by rpki-client on console-ams.rpki-client.org