Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/QGlg7eXzfeN-0yS3zaoJ-Vtw4I4.roa
File: QGlg7eXzfeN-0yS3zaoJ-Vtw4I4.roa (raw, json)
Hash identifier: V0wALnZUInZ66287ITtd8CJ4k4oQphB6/doOc0gnlqs=
Subject key identifier: 40:69:60:ED:E5:F3:7D:E3:7E:D3:24:B7:CD:AA:09:F9:5B:70:E0:8E
Certificate issuer: /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial: 018CC500FBFA9EE0076E7AFF302B32ED1A8B
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/QGlg7eXzfeN-0yS3zaoJ-Vtw4I4.roa
Signing time: Mon 01 Jan 2024 12:30:25 +0000
ROA not before: Mon 01 Jan 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 212.104.208.0/24 maxlen: 24
185.83.20.0/22 maxlen: 22
31.25.8.0/23 maxlen: 23
185.175.91.0/24 maxlen: 24
2a11:bd80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:fb:fa:9e:e0:07:6e:7a:ff:30:2b:32:ed:1a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Validity
Not Before: Jan 1 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=406960ede5f37de37ed324b7cdaa09f95b70e08e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b3:3a:6a:c8:5e:38:cf:32:27:99:0c:c7:45:
b6:d9:53:e0:f6:9e:49:07:c8:5d:f6:c9:ec:15:5a:
d5:41:80:1e:a2:2b:31:ab:03:99:e8:bf:88:c0:09:
1f:bb:3b:01:b9:e2:e1:d0:d8:4d:f4:a2:32:dd:60:
97:e8:91:5a:c6:ed:a2:87:3b:c4:27:2c:d8:ca:ac:
77:7a:b5:43:e6:f8:11:60:40:03:1e:59:17:e0:29:
cb:c6:71:a8:8f:7f:de:cf:69:e5:5e:fc:c9:d2:ff:
b8:7e:3f:02:1c:bd:a3:40:ea:82:de:73:74:c2:0d:
2d:e9:86:86:8c:c2:bb:8b:37:11:44:35:1e:dc:4e:
a7:e2:7b:86:95:f9:6c:6a:5e:75:c9:fd:54:82:35:
4c:2e:70:ea:1c:d0:1a:eb:67:49:71:e9:d0:65:4f:
d9:69:83:7d:5a:51:3a:24:e3:e1:ce:b8:c6:43:80:
c7:b6:11:1b:a6:4d:5f:73:57:32:8c:ec:ad:5a:a4:
ef:63:0e:a5:93:52:b9:57:3a:9b:09:f7:eb:91:99:
0c:90:6f:5c:91:80:05:f3:2d:3b:47:e5:b0:4a:24:
fc:c8:b5:63:de:00:30:c7:35:db:4a:f2:1b:69:f3:
44:7d:6b:52:89:b3:0d:4a:df:71:30:a0:4f:96:f1:
c5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:69:60:ED:E5:F3:7D:E3:7E:D3:24:B7:CD:AA:09:F9:5B:70:E0:8E
X509v3 Authority Key Identifier:
keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/QGlg7eXzfeN-0yS3zaoJ-Vtw4I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.8.0/23
185.83.20.0/22
185.175.91.0/24
212.104.208.0/24
IPv6:
2a11:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
76:09:cf:e4:e8:5a:52:51:0d:bd:35:2e:48:cf:0e:b0:12:07:
48:01:89:3d:cf:e9:fe:57:91:22:2e:c8:8c:38:67:b4:30:7b:
53:e6:c5:6b:39:c8:a6:db:00:d3:72:f3:3e:01:f8:3e:52:5a:
d7:08:0d:b3:9e:03:a9:5f:3f:3c:d7:69:eb:06:d2:b6:74:90:
f3:52:30:0d:a4:76:09:d9:63:24:cc:f0:77:42:32:78:3f:f3:
7c:d0:13:2f:5a:9a:1a:e2:c8:fb:ed:2f:f2:55:91:63:31:d9:
6f:86:6f:7d:b9:fc:82:f7:eb:cd:0f:82:51:ba:df:96:88:0b:
f4:1c:1b:f7:68:1f:8f:44:49:71:89:de:5b:c6:dd:23:0a:c5:
a9:41:95:67:81:d1:5c:2b:60:04:7d:df:e1:3c:2a:9b:6f:d4:
87:e7:23:ed:db:73:b1:a8:44:15:30:d6:95:e9:d8:f2:11:2e:
c8:1d:39:8f:0f:d2:94:c8:9f:cd:f7:db:9b:fd:5c:47:20:d4:
95:8a:a4:6a:98:fe:31:be:b9:f4:1b:61:5a:2f:73:89:47:f6:
31:6a:ab:c7:4b:00:e0:83:0b:2a:0e:f1:fc:80:3a:a5:dc:4f:
48:7a:8b:58:bb:5b:94:52:cc:d4:c5:6f:f0:2c:4a:34:60:bb:
6f:3a:75:d6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAPv6nuAHbnr/MCsy7RqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGU4NWJiZDQ3OGY1ZTg0MmY0YzRmOGQ4NTIyNWQxMDBl
MGY0ZGYwHhcNMjQwMTAxMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY5NjBlZGU1ZjM3ZGUzN2VkMzI0YjdjZGFhMDlmOTViNzBlMDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLM6asheOM8yJ5kMx0W22VPg9p5J
B8hd9snsFVrVQYAeoisxqwOZ6L+IwAkfuzsBueLh0NhN9KIy3WCX6JFaxu2ihzvE
JyzYyqx3erVD5vgRYEADHlkX4CnLxnGoj3/ez2nlXvzJ0v+4fj8CHL2jQOqC3nN0
wg0t6YaGjMK7izcRRDUe3E6n4nuGlflsal51yf1UgjVMLnDqHNAa62dJcenQZU/Z
aYN9WlE6JOPhzrjGQ4DHthEbpk1fc1cyjOytWqTvYw6lk1K5VzqbCffrkZkMkG9c
kYAF8y07R+WwSiT8yLVj3gAwxzXbSvIbafNEfWtSibMNSt9xMKBPlvHF+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEBpYO3l833jftMkt82qCflbcOCOMB8GA1UdIwQY
MBaAFM/ehbvUePXoQvTE+NhSJdEA4PTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgt
ZjkzZDFmODE1YjdkLzEvUUdsZzdlWHpmZU4tMHlTM3phb0otVnR3NEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgtZjkzZDFmODE1Yjdk
LzEvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBHxkIAwQC
uVMUAwQAua9bAwQA1GjQMA0EAgACMAcDBQAqEb2AMA0GCSqGSIb3DQEBCwUAA4IB
AQB2Cc/k6FpSUQ29NS5Izw6wEgdIAYk9z+n+V5EiLsiMOGe0MHtT5sVrOcim2wDT
cvM+Afg+UlrXCA2zngOpXz8812nrBtK2dJDzUjANpHYJ2WMkzPB3QjJ4P/N80BMv
Wpoa4sj77S/yVZFjMdlvhm99ufyC9+vND4JRut+WiAv0HBv3aB+PRElxid5bxt0j
CsWpQZVngdFcK2AEfd/hPCqbb9SH5yPt23OxqEQVMNaV6djyES7IHTmPD9KUyJ/N
99ub/VxHINSViqRqmP4xvrn0G2FaL3OJR/YxaqvHSwDggwsqDvH8gDql3E9IeotY
u1uUUszUxW/wLEo0YLtvOnXW
-----END CERTIFICATE-----
Generated at Thu May 2 21:30:22 2024 by rpki-client on console-fra.rpki-client.org