Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/QE1wd9DRg298hH6Hxv-QVv81mrU.roa
File: QE1wd9DRg298hH6Hxv-QVv81mrU.roa (raw, json)
Hash identifier: 2GG4eBykvKFEEP2hMtzD055izlHK+CKu7xNeVeYbTlI=
Subject key identifier: 40:4D:70:77:D0:D1:83:6F:7C:84:7E:87:C6:FF:90:56:FF:35:9A:B5
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 01931C085B5A79D410F82BEFE43C9BF72383
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/QE1wd9DRg298hH6Hxv-QVv81mrU.roa
Signing time: Mon 11 Nov 2024 16:22:09 +0000
ROA not before: Mon 11 Nov 2024 16:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200350
IP address blocks: 37.230.172.0/22 maxlen: 24
37.230.188.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
46.21.244.0/22 maxlen: 24
51.250.0.0/17 maxlen: 24
62.84.112.0/20 maxlen: 24
84.201.128.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
89.169.128.0/18 maxlen: 24
89.232.188.0/22 maxlen: 24
93.77.160.0/19 maxlen: 24
130.193.32.0/19 maxlen: 24
158.160.0.0/16 maxlen: 24
178.154.192.0/18 maxlen: 24
185.206.164.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
213.165.192.0/19 maxlen: 24
217.28.224.0/20 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1c:08:5b:5a:79:d4:10:f8:2b:ef:e4:3c:9b:f7:23:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Nov 11 16:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404d7077d0d1836f7c847e87c6ff9056ff359ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:69:88:14:63:67:31:f6:cb:ce:e8:c3:c1:d7:
e2:68:ac:65:43:bd:f5:aa:78:75:29:50:05:a7:bf:
5a:2a:54:e3:0a:30:9d:74:45:83:f8:c9:b1:45:9f:
9a:f5:f9:ca:89:70:e3:2a:f9:d6:df:65:42:6f:59:
9b:19:82:85:56:89:da:d1:99:2b:9c:f1:c5:67:e2:
79:94:4e:13:4c:73:37:c8:ad:57:9e:f9:7d:ba:3f:
d1:15:bf:82:d0:51:a7:27:e1:57:1b:3e:04:06:2b:
63:60:1e:9d:44:a8:97:60:8c:fa:87:1a:d2:3e:32:
8c:82:d4:56:fd:f5:0f:10:61:bd:30:09:e0:2b:2f:
26:cb:a0:08:dd:c2:6d:7e:8a:81:f4:03:e2:3e:b7:
ae:fd:fb:46:8b:70:87:a4:87:bc:b5:4e:34:1c:3f:
43:77:83:b2:19:0f:0f:24:9d:07:48:bf:9e:eb:60:
d0:05:bb:90:e7:ca:e4:68:f4:67:b7:39:4f:1d:88:
9c:87:5f:f6:ed:90:00:8b:a5:02:81:e1:0a:a4:db:
3e:e3:ec:bf:1e:42:8a:e0:04:64:0d:97:77:9d:5b:
5a:42:b0:02:42:a0:0b:22:b1:74:7e:da:48:af:6f:
e7:b1:d0:c6:4f:d5:f6:44:75:3d:c4:04:f1:a2:93:
8e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4D:70:77:D0:D1:83:6F:7C:84:7E:87:C6:FF:90:56:FF:35:9A:B5
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/QE1wd9DRg298hH6Hxv-QVv81mrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
89.232.188.0/22
93.77.160.0/19
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
213.165.192.0/19
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:1a:f6:cb:fe:bc:33:75:d1:79:dd:2d:b0:c8:0e:23:e2:e6:
f0:f8:14:b7:c4:bd:72:b6:bf:66:b6:94:6c:7d:d1:df:82:42:
46:9b:d4:f9:12:b9:27:e2:4a:72:d4:91:72:e0:fe:54:26:66:
1a:8c:fc:8e:f3:1f:da:9e:a5:95:ba:1e:71:3e:a4:09:6d:50:
91:96:3a:4d:02:24:68:76:55:a5:14:f6:32:09:b5:51:7e:41:
c6:2d:c6:e1:b2:97:19:a9:3b:8f:8d:43:06:e0:12:59:80:9e:
ec:89:bd:b4:c7:8b:4b:df:38:79:f0:bb:2e:60:9f:23:aa:31:
5a:bb:c8:d8:12:d6:e6:ed:37:3a:e2:62:1d:fd:84:57:82:d0:
6f:f7:ae:13:e2:33:48:54:14:8c:f2:64:dd:ba:30:c1:29:ba:
c9:07:59:a0:f2:62:89:20:a6:9a:80:c8:63:a6:c3:78:44:e3:
79:5c:ab:43:95:26:36:d9:a5:26:d7:67:92:54:e0:36:d7:a3:
d5:18:92:97:42:33:d8:64:7f:82:00:88:87:af:88:6d:93:a4:
d3:86:cb:9a:79:b2:4b:b6:77:c7:af:f2:02:e9:16:5a:fd:5e:
ac:4c:45:74:79:12:1b:9e:9d:13:47:fa:0a:2d:d2:62:ec:48:
d6:b0:32:39
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZMcCFtaedQQ+Cvv5Dyb9yODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjQxMTExMTYyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRkNzA3N2QwZDE4MzZmN2M4NDdlODdjNmZmOTA1NmZmMzU5YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mmIFGNnMfbLzujDwdfiaKxlQ731
qnh1KVAFp79aKlTjCjCddEWD+MmxRZ+a9fnKiXDjKvnW32VCb1mbGYKFVona0Zkr
nPHFZ+J5lE4TTHM3yK1Xnvl9uj/RFb+C0FGnJ+FXGz4EBitjYB6dRKiXYIz6hxrS
PjKMgtRW/fUPEGG9MAngKy8my6AI3cJtfoqB9APiPreu/ftGi3CHpIe8tU40HD9D
d4OyGQ8PJJ0HSL+e62DQBbuQ58rkaPRntzlPHYich1/27ZAAi6UCgeEKpNs+4+y/
HkKK4ARkDZd3nVtaQrACQqALIrF0ftpIr2/nsdDGT9X2RHU9xATxopOOIQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFEBNcHfQ0YNvfIR+h8b/kFb/NZq1MB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvUUUxd2Q5RFJnMjk4aEg2SHh2LVFWdjgxbXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB9BAIAATB3AwQCJeas
AwQCJea8AwQCLYVgAwQCLhX0AwQHM/oAAwQEPlRwAwQGVMmAAwQEVPyAAwQGWamA
AwQCWei8AwQFXU2gAwQFgsEgAwMAnqADBAaymsADBAK5zqQDBAG52MIDBALBINgD
BAXVpcADBATZHOADBAPZxqgwDQQCAAIwBwMFAyoN1sAwDQYJKoZIhvcNAQELBQAD
ggEBACIa9sv+vDN10XndLbDIDiPi5vD4FLfEvXK2v2a2lGx90d+CQkab1PkSuSfi
SnLUkXLg/lQmZhqM/I7zH9qepZW6HnE+pAltUJGWOk0CJGh2VaUU9jIJtVF+QcYt
xuGylxmpO4+NQwbgElmAnuyJvbTHi0vfOHnwuy5gnyOqMVq7yNgS1ubtNzriYh39
hFeC0G/3rhPiM0hUFIzyZN26MMEpuskHWaDyYokgppqAyGOmw3hE43lcq0OVJjbZ
pSbXZ5JU4DbXo9UYkpdCM9hkf4IAiIeviG2TpNOGy5p5sku2d8ev8gLpFlr9XqxM
RXR5EhuenRNH+got0mLsSNawMjk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:06:25 2024 by rpki-client on console-ams.rpki-client.org