Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/0QRTR2eYNlvsQm6aVWWHT0lwRF0.roa
File: 0QRTR2eYNlvsQm6aVWWHT0lwRF0.roa (raw, json)
Hash identifier: mlcCcy+ChP9Whh+5dcQ6qsZ1T2EPjqj18YXw0EoA/Qo=
Subject key identifier: D1:04:53:47:67:98:36:5B:EC:42:6E:9A:55:65:87:4F:49:70:44:5D
Certificate issuer: /CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Certificate serial: 018CC9BC4B5CC644DE46558D2DFD0721D119
Authority key identifier: 3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/0QRTR2eYNlvsQm6aVWWHT0lwRF0.roa
Signing time: Tue 02 Jan 2024 10:33:29 +0000
ROA not before: Tue 02 Jan 2024 10:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41765
IP address blocks: 185.84.112.0/22 maxlen: 24
185.233.48.10/32 maxlen: 32
193.33.46.0/23 maxlen: 23
31.172.164.0/22 maxlen: 22
185.4.63.0/24 maxlen: 24
193.57.96.0/24 maxlen: 24
185.233.48.0/24 maxlen: 24
185.233.48.0/22 maxlen: 22
185.233.50.0/23 maxlen: 23
188.65.168.0/21 maxlen: 21
45.8.233.0/24 maxlen: 24
45.8.234.0/24 maxlen: 24
45.8.235.0/24 maxlen: 24
193.37.150.0/24 maxlen: 24
2a02:2288::/29 maxlen: 29
2a02:2288::/32 maxlen: 32
2a0c:d500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:4b:5c:c6:44:de:46:55:8d:2d:fd:07:21:d1:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Validity
Not Before: Jan 2 10:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d10453476798365bec426e9a5565874f4970445d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:97:78:59:8d:a4:7b:a8:6f:6c:55:3d:a4:e5:
26:fc:3a:ae:1f:37:5b:6e:b3:58:50:35:34:8b:24:
9e:c2:4d:9f:28:69:bf:c6:ec:97:dd:9f:43:ed:7a:
8c:90:8c:48:42:16:14:12:5a:31:28:d0:88:57:53:
a7:a4:3b:52:96:5a:92:e6:dd:7b:e5:c9:e5:35:03:
ac:6f:3c:df:b2:96:29:39:b5:50:99:80:10:5e:b5:
c3:7b:66:dc:e3:bb:7a:9e:12:fe:e3:1b:3d:6f:01:
c3:f5:1f:67:51:7e:ac:48:3c:03:11:d5:dd:5c:25:
60:70:0d:af:3f:c2:df:7c:54:43:8c:b3:cc:73:ea:
f3:0b:8c:5c:9c:e4:5a:02:34:9c:4c:ae:c7:9e:37:
c3:22:b4:6b:b9:c5:fe:8e:b0:5d:a1:0d:23:9f:79:
59:d6:b8:60:4f:e3:23:fe:00:74:0b:2f:d1:1d:ec:
fc:dc:e0:dc:b2:45:67:16:4b:f5:70:28:65:e2:3b:
f7:58:0b:58:18:e5:83:61:9f:3d:6a:79:61:d4:a3:
f8:2b:7b:4e:7c:19:01:d7:d6:cb:0a:ab:33:47:cb:
ce:95:05:1a:7d:be:0b:22:05:55:e5:fa:02:cd:34:
f5:3e:5e:05:5d:7a:7f:0c:d9:88:8d:79:74:77:da:
f5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:53:47:67:98:36:5B:EC:42:6E:9A:55:65:87:4F:49:70:44:5D
X509v3 Authority Key Identifier:
keyid:3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/0QRTR2eYNlvsQm6aVWWHT0lwRF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.164.0/22
45.8.233.0-45.8.235.255
185.4.63.0/24
185.84.112.0/22
185.233.48.0/22
188.65.168.0/21
193.33.46.0/23
193.37.150.0/24
193.57.96.0/24
IPv6:
2a02:2288::/29
2a0c:d500::/29
Signature Algorithm: sha256WithRSAEncryption
4a:a3:a8:39:98:af:2a:13:ce:a7:b7:97:61:c9:e4:62:e7:fc:
2a:e4:49:46:91:a7:89:3b:d4:d8:22:27:e1:14:67:67:8e:5b:
65:ce:ca:c2:eb:fb:a1:04:da:a1:18:0b:4e:a5:a4:39:41:e4:
dd:7d:9a:85:84:3e:c8:ea:5e:7e:87:dd:dd:ba:4c:ee:51:d6:
25:9b:1b:86:4b:d7:3b:ee:93:15:e7:8f:e9:3a:80:64:b7:75:
27:7e:39:0f:09:cf:e2:5f:15:54:6c:33:fa:c3:95:47:ca:d6:
27:04:dc:a2:9d:3e:a7:5a:3d:5e:98:bb:67:67:62:d8:65:98:
fb:6e:63:b5:01:89:22:55:2e:0d:06:16:d9:f8:0e:b8:0a:92:
55:fa:3b:2f:4c:1b:58:06:30:d6:be:2c:30:1b:0b:f3:48:d6:
35:6b:17:bc:5a:a4:e3:a7:d6:e1:ba:49:31:3c:65:6b:b4:10:
ff:f8:84:f5:3e:16:53:1d:dd:89:c9:74:54:86:35:0d:e5:8f:
dd:db:db:5a:a8:8c:16:ab:34:0b:c6:fd:ad:3c:62:d5:fc:a3:
7b:d2:fa:e4:c5:d4:21:0c:dc:d8:56:4f:1e:32:16:0e:f3:20:
b4:4e:b4:d5:ba:3c:78:e7:79:34:80:66:a1:88:2d:bc:70:b2:
aa:3c:69:fd
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzJvEtcxkTeRlWNLf0HIdEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNzk1NGQ4OGMwYWUzZjYzOTg2OTdiZmRmYzE5NTZhNzUz
ZTgzZDgwHhcNMjQwMTAyMTAzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA0NTM0NzY3OTgzNjViZWM0MjZlOWE1NTY1ODc0ZjQ5NzA0NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5d4WY2ke6hvbFU9pOUm/DquHzdb
brNYUDU0iySewk2fKGm/xuyX3Z9D7XqMkIxIQhYUEloxKNCIV1OnpDtSllqS5t17
5cnlNQOsbzzfspYpObVQmYAQXrXDe2bc47t6nhL+4xs9bwHD9R9nUX6sSDwDEdXd
XCVgcA2vP8LffFRDjLPMc+rzC4xcnORaAjScTK7HnjfDIrRrucX+jrBdoQ0jn3lZ
1rhgT+Mj/gB0Cy/RHez83ODcskVnFkv1cChl4jv3WAtYGOWDYZ89anlh1KP4K3tO
fBkB19bLCqszR8vOlQUafb4LIgVV5foCzTT1Pl4FXXp/DNmIjXl0d9r1MwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNEEU0dnmDZb7EJumlVlh09JcERdMB8GA1UdIwQY
MBaAFD95VNiMCuP2OYaXv9/BlWp1PoPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUt
YWY0MDYwODZiODliLzEvMFFSVFIyZVlObHZzUW02YVZXV0hUMGx3UkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUtYWY0MDYwODZiODli
LzEvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCH6ykMAwD
BAAtCOkDBAItCOgDBAC5BD8DBAK5VHADBAK56TADBAO8QagDBAHBIS4DBADBJZYD
BADBOWAwFAQCAAIwDgMFAyoCIogDBQMqDNUAMA0GCSqGSIb3DQEBCwUAA4IBAQBK
o6g5mK8qE86nt5dhyeRi5/wq5ElGkaeJO9TYIifhFGdnjltlzsrC6/uhBNqhGAtO
paQ5QeTdfZqFhD7I6l5+h93dukzuUdYlmxuGS9c77pMV54/pOoBkt3UnfjkPCc/i
XxVUbDP6w5VHytYnBNyinT6nWj1emLtnZ2LYZZj7bmO1AYkiVS4NBhbZ+A64CpJV
+jsvTBtYBjDWviwwGwvzSNY1axe8WqTjp9bhukkxPGVrtBD/+IT1PhZTHd2JyXRU
hjUN5Y/d29taqIwWqzQLxv2tPGLV/KN70vrkxdQhDNzYVk8eMhYO8yC0TrTVujx4
53k0gGahiC28cLKqPGn9
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:49:59 2024 by rpki-client on console-fra.rpki-client.org