Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/qi0NTVOqgGLRbOc7n5kGkYBKFL4.roa
File: qi0NTVOqgGLRbOc7n5kGkYBKFL4.roa (raw, json)
Hash identifier: uxTSoR8SvD/jzcobrlGp9hBPluoNXWFx2q89b0lkVg8=
Subject key identifier: AA:2D:0D:4D:53:AA:80:62:D1:6C:E7:3B:9F:99:06:91:80:4A:14:BE
Certificate issuer: /CN=694a2ed9a412747fcd644749de57d9ff780393aa
Certificate serial: 018CC64B7B9871D21B8749C9C7355615CCD5
Authority key identifier: 69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/qi0NTVOqgGLRbOc7n5kGkYBKFL4.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62336
IP address blocks: 45.148.112.0/22 maxlen: 22
45.130.92.0/22 maxlen: 22
45.81.44.0/22 maxlen: 22
45.93.104.0/22 maxlen: 22
91.212.40.0/23 maxlen: 23
194.99.82.0/24 maxlen: 24
194.99.85.0/24 maxlen: 24
194.99.91.0/24 maxlen: 24
91.212.54.0/23 maxlen: 23
45.138.40.0/22 maxlen: 22
194.99.110.0/24 maxlen: 24
45.89.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7b:98:71:d2:1b:87:49:c9:c7:35:56:15:cc:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694a2ed9a412747fcd644749de57d9ff780393aa
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa2d0d4d53aa8062d16ce73b9f990691804a14be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:ba:59:16:0c:1d:0d:2d:50:64:8f:dd:1a:
bc:04:4d:84:f8:6e:29:be:8f:f8:4b:3e:b3:64:08:
94:f2:7f:0a:7f:3c:52:6b:0f:89:b2:11:ca:f7:34:
24:72:5d:fd:44:65:bd:d6:12:93:98:80:a7:c9:67:
96:7f:a4:0d:24:8d:cf:5e:44:97:79:f3:b0:fe:e9:
bd:55:a1:f8:9e:88:76:26:fb:e4:4d:65:f3:5b:89:
ae:d0:41:f9:2b:25:be:64:08:74:4c:ae:32:be:d9:
90:4b:2f:ed:6d:61:bf:bd:2f:57:ba:4c:05:ae:eb:
e3:0a:14:51:fa:31:a2:7e:99:de:29:dd:4b:a5:cd:
39:e4:7d:38:a6:74:7a:99:29:ff:e0:1d:7b:3f:88:
28:b5:38:3c:5e:e8:03:9e:40:ef:46:62:3d:70:f1:
07:c1:26:43:fb:79:96:86:72:9c:f3:bb:51:62:75:
ed:5a:cc:73:7b:ed:d7:37:5e:04:6b:f4:36:34:70:
f3:ce:5d:45:24:42:9d:e5:f4:b1:c3:f3:bd:ae:e7:
3d:9b:76:72:a9:5f:b6:25:ae:73:c1:7f:71:eb:8e:
cd:ea:b9:a1:b6:e1:6b:76:fd:2b:e9:18:78:27:b0:
7c:a1:a8:56:d2:b3:f6:53:d2:0a:10:be:bb:b4:fa:
c3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2D:0D:4D:53:AA:80:62:D1:6C:E7:3B:9F:99:06:91:80:4A:14:BE
X509v3 Authority Key Identifier:
keyid:69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/qi0NTVOqgGLRbOc7n5kGkYBKFL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.44.0/22
45.89.92.0/22
45.93.104.0/22
45.130.92.0/22
45.138.40.0/22
45.148.112.0/22
91.212.40.0/23
91.212.54.0/23
194.99.82.0/24
194.99.85.0/24
194.99.91.0/24
194.99.110.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:81:9d:a9:24:b0:f1:f0:76:44:60:8b:fb:07:fc:bf:b5:68:
5c:77:db:b6:15:28:c6:f5:55:b2:0a:55:c2:7a:e2:ea:a5:14:
57:2e:57:c1:31:8e:ae:ab:42:49:e1:ec:1e:e1:97:53:c5:c7:
35:ea:a2:64:42:78:a4:9d:85:35:69:50:28:10:18:22:01:c0:
e2:51:8b:4b:d5:e5:9f:8c:b6:49:7a:8d:4f:c1:6b:16:37:5c:
c6:21:b9:1f:d2:d6:61:b7:0b:ee:b6:ba:35:58:a7:06:91:5d:
aa:21:fc:42:84:6f:ea:d5:2e:4b:a9:d9:15:02:7c:04:26:37:
5a:8d:91:1f:fa:f2:fb:f0:24:8b:ca:94:a0:09:87:94:9b:5e:
c2:bf:e1:0b:7d:17:9f:56:c4:b9:16:eb:85:14:b7:92:cb:3c:
22:b6:2a:8e:f8:4b:5c:fa:48:bb:43:b3:d2:75:1f:51:f6:ed:
13:c3:dc:0e:e7:3e:24:83:3d:2c:cf:a7:91:d1:6f:83:f7:47:
73:11:08:3c:fb:09:78:97:3e:24:0c:f7:fe:3b:0a:42:b6:48:
05:f4:bc:27:de:60:24:07:49:e5:ab:5d:13:dd:ff:73:f5:80:
80:17:1d:81:4c:39:6c:04:2b:1e:27:2d:77:dc:53:63:96:64:
e9:b3:58:6b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzGS3uYcdIbh0nJxzVWFczVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGEyZWQ5YTQxMjc0N2ZjZDY0NDc0OWRlNTdkOWZmNzgw
MzkzYWEwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTJkMGQ0ZDUzYWE4MDYyZDE2Y2U3M2I5Zjk5MDY5MTgwNGExNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzm6WRYMHQ0tUGSP3Rq8BE2E+G4p
vo/4Sz6zZAiU8n8KfzxSaw+JshHK9zQkcl39RGW91hKTmICnyWeWf6QNJI3PXkSX
efOw/um9VaH4noh2JvvkTWXzW4mu0EH5KyW+ZAh0TK4yvtmQSy/tbWG/vS9XukwF
ruvjChRR+jGifpneKd1Lpc055H04pnR6mSn/4B17P4gotTg8XugDnkDvRmI9cPEH
wSZD+3mWhnKc87tRYnXtWsxze+3XN14Ea/Q2NHDzzl1FJEKd5fSxw/O9ruc9m3Zy
qV+2Ja5zwX9x647N6rmhtuFrdv0r6Rh4J7B8oahW0rP2U9IKEL67tPrDpwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKotDU1TqoBi0WznO5+ZBpGAShS+MB8GA1UdIwQY
MBaAFGlKLtmkEnR/zWRHSd5X2f94A5OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVvdTJhUVNkSF9OWkVkSjNsZlpfM2dEazZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZTRmMjEtZjllNi00OTQyLTk2MDEt
YWRmNDNmMDRlYzljLzEvcWkwTlRWT3FnR0xSYk9jN241a0drWUJLRkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZTRmMjEtZjllNi00OTQyLTk2MDEtYWRmNDNmMDRlYzlj
LzEvYVVvdTJhUVNkSF9OWkVkSjNsZlpfM2dEazZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLVEsAwQC
LVlcAwQCLV1oAwQCLYJcAwQCLYooAwQCLZRwAwQBW9QoAwQBW9Q2AwQAwmNSAwQA
wmNVAwQAwmNbAwQAwmNuMA0GCSqGSIb3DQEBCwUAA4IBAQDJgZ2pJLDx8HZEYIv7
B/y/tWhcd9u2FSjG9VWyClXCeuLqpRRXLlfBMY6uq0JJ4ewe4ZdTxcc16qJkQnik
nYU1aVAoEBgiAcDiUYtL1eWfjLZJeo1PwWsWN1zGIbkf0tZhtwvutro1WKcGkV2q
IfxChG/q1S5LqdkVAnwEJjdajZEf+vL78CSLypSgCYeUm17Cv+ELfRefVsS5FuuF
FLeSyzwitiqO+Etc+ki7Q7PSdR9R9u0Tw9wO5z4kgz0sz6eR0W+D90dzEQg8+wl4
lz4kDPf+OwpCtkgF9Lwn3mAkB0nlq10T3f9z9YCAFx2BTDlsBCseJy133FNjlmTp
s1hr
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:21:12 2024 by rpki-client on console-fra.rpki-client.org