Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/qxLT8PaGvB_gT4QbPbQHOKMVUMo.roa
File: qxLT8PaGvB_gT4QbPbQHOKMVUMo.roa (raw, json)
Hash identifier: H4vhkp9fMo7tnStXJfI2q/32WlKRVMW/Q0boQTFa9wo=
Subject key identifier: AB:12:D3:F0:F6:86:BC:1F:E0:4F:84:1B:3D:B4:07:38:A3:15:50:CA
Certificate issuer: /CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Certificate serial: 018F5D664D8BC8C40AA5EB8A50F40ABA6A0B
Authority key identifier: 04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/qxLT8PaGvB_gT4QbPbQHOKMVUMo.roa
Signing time: Thu 09 May 2024 12:48:56 +0000
ROA not before: Thu 09 May 2024 12:48:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8529
IP address blocks: 82.178.32.0/24 maxlen: 24
82.178.33.0/24 maxlen: 24
82.178.158.0/23 maxlen: 23
82.178.158.0/24 maxlen: 24
82.178.159.0/24 maxlen: 24
134.0.216.0/22 maxlen: 24
134.0.220.0/22 maxlen: 24
185.200.124.0/24 maxlen: 24
185.200.125.0/24 maxlen: 24
213.202.0.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:66:4d:8b:c8:c4:0a:a5:eb:8a:50:f4:0a:ba:6a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Validity
Not Before: May 9 12:48:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab12d3f0f686bc1fe04f841b3db40738a31550ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:79:77:8b:a3:fe:60:ce:85:95:e0:66:76:
44:cf:f2:78:1f:d0:80:fb:f7:68:19:68:bb:ab:9b:
f6:bf:0c:c6:13:4f:dc:e0:e0:a2:a6:e1:53:ab:b2:
36:93:51:38:b5:13:53:59:15:09:06:8d:30:69:f8:
8b:b0:e8:ef:18:b3:02:6f:29:c5:d3:50:fb:cb:84:
6b:b9:e2:32:40:a2:a2:2c:6b:b9:8d:06:e3:87:0c:
0d:5d:67:fe:bc:d8:cb:83:1b:90:d3:dc:11:65:92:
22:e9:7b:06:97:a9:36:4f:b3:7b:d7:44:3f:b3:9a:
5a:aa:ca:e9:29:db:84:34:ae:b7:27:8d:15:83:86:
c8:20:c4:83:dd:4f:c2:1f:97:cf:f6:5c:78:36:69:
4d:6a:d4:9e:0e:1c:82:86:83:93:3a:19:91:e5:cf:
cf:a8:2f:f5:ea:66:64:49:e5:83:61:3d:b3:7c:4e:
24:d9:3f:f3:e5:ab:58:6e:52:53:22:bf:12:f2:26:
88:e2:08:32:b6:1f:98:f5:52:8f:f7:23:0d:78:bd:
ba:46:4b:21:94:59:e1:df:ea:c6:3d:1b:e6:28:75:
89:d8:41:4e:13:bc:9f:9e:51:92:b2:97:2b:05:06:
f8:91:a2:d7:eb:3c:c9:23:0d:5b:1a:d0:b4:0e:7f:
4e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:12:D3:F0:F6:86:BC:1F:E0:4F:84:1B:3D:B4:07:38:A3:15:50:CA
X509v3 Authority Key Identifier:
keyid:04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/qxLT8PaGvB_gT4QbPbQHOKMVUMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.32.0/23
82.178.158.0/23
134.0.216.0/21
185.200.124.0/23
213.202.0.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:27:02:a0:6a:9a:f3:dd:5d:a5:42:f2:80:f0:e4:bf:c6:b5:
16:09:69:29:3c:c6:4d:52:9d:d3:14:ed:fe:31:3f:ba:f5:e8:
0f:13:2f:23:04:2e:b7:9f:4a:2a:7e:df:84:75:4a:7a:d2:09:
f8:b2:47:d7:00:22:5f:59:e9:50:8f:eb:df:55:be:a6:fd:b5:
9c:9a:ca:fc:aa:b4:28:e5:cc:4e:34:05:73:88:6c:b2:fb:30:
b9:80:fb:48:8e:2e:62:2a:4b:4e:a8:b5:c8:6a:64:69:d3:8c:
c6:26:1d:d8:3d:7f:3c:5d:7d:ed:91:1b:2a:06:34:1c:5b:dc:
53:a8:0b:3f:29:83:ae:3d:ed:10:d0:6b:1a:10:3a:4c:da:eb:
7b:77:8c:f1:b6:4f:8a:11:ff:6b:2c:a1:29:d5:f8:6b:9b:bc:
ac:06:4c:a9:2f:a6:27:6e:f6:e1:ee:66:9d:0b:dd:90:9d:84:
51:66:09:0c:d9:15:66:3c:c5:e7:98:fe:c9:a3:57:fb:62:09:
bb:06:0d:15:af:13:de:47:32:03:11:62:a3:43:21:e2:cb:f6:
f0:13:ae:2a:df:6d:96:a2:f4:9b:c3:55:c1:d9:9d:24:a6:c7:
32:ef:97:9b:51:50:4e:70:5e:fd:4d:49:2a:9d:52:48:1f:01:
7c:4e:95:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9dZk2LyMQKpeuKUPQKumoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmQ5ZjRkNmFmZjM4M2M1OWU5ZGU3ODAyZGJlZTAyNGVl
ODg3ZGMwHhcNMjQwNTA5MTI0ODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjEyZDNmMGY2ODZiYzFmZTA0Zjg0MWIzZGI0MDczOGEzMTU1MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2x5d4uj/mDOhZXgZnZEz/J4H9CA
+/doGWi7q5v2vwzGE0/c4OCipuFTq7I2k1E4tRNTWRUJBo0wafiLsOjvGLMCbynF
01D7y4RrueIyQKKiLGu5jQbjhwwNXWf+vNjLgxuQ09wRZZIi6XsGl6k2T7N710Q/
s5paqsrpKduENK63J40Vg4bIIMSD3U/CH5fP9lx4NmlNatSeDhyChoOTOhmR5c/P
qC/16mZkSeWDYT2zfE4k2T/z5atYblJTIr8S8iaI4ggyth+Y9VKP9yMNeL26Rksh
lFnh3+rGPRvmKHWJ2EFOE7yfnlGSspcrBQb4kaLX6zzJIw1bGtC0Dn9ORQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKsS0/D2hrwf4E+EGz20BzijFVDKMB8GA1UdIwQY
MBaAFAQtn01q/zg8WeneeALb7gJO6IfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEt
YWFlMTQ0NzYwM2MwLzEvcXhMVDhQYUd2Ql9nVDRRYlBiUUhPS01WVU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEtYWFlMTQ0NzYwM2Mw
LzEvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUrIgAwQB
UrKeAwQDhgDYAwQBuch8AwQD1coAMA0GCSqGSIb3DQEBCwUAA4IBAQAOJwKgaprz
3V2lQvKA8OS/xrUWCWkpPMZNUp3TFO3+MT+69egPEy8jBC63n0oqft+EdUp60gn4
skfXACJfWelQj+vfVb6m/bWcmsr8qrQo5cxONAVziGyy+zC5gPtIji5iKktOqLXI
amRp04zGJh3YPX88XX3tkRsqBjQcW9xTqAs/KYOuPe0Q0GsaEDpM2ut7d4zxtk+K
Ef9rLKEp1fhrm7ysBkypL6Ynbvbh7madC92QnYRRZgkM2RVmPMXnmP7Jo1f7Ygm7
Bg0VrxPeRzIDEWKjQyHiy/bwE64q322WovSbw1XB2Z0kpscy75ebUVBOcF79TUkq
nVJIHwF8TpW4
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:57:26 2024 by rpki-client on console-fra.rpki-client.org