Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/1QRo-_uA5yCxyQb5NqiQ-cehuv0.roa
File: 1QRo-_uA5yCxyQb5NqiQ-cehuv0.roa (raw, json)
Hash identifier: QZV3zWsiiwhxP0h2+lptQRnFpZKl6BXGZ0Dbls1FSpw=
Subject key identifier: D5:04:68:FB:FB:80:E7:20:B1:C9:06:F9:36:A8:90:F9:C7:A1:BA:FD
Certificate issuer: /CN=abf0a84ff8f5057f9491defbe6ad55eeae98cc06
Certificate serial: 018CC801F49CAFEE3FFA14ED174A663B44A3
Authority key identifier: AB:F0:A8:4F:F8:F5:05:7F:94:91:DE:FB:E6:AD:55:EE:AE:98:CC:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_CoT_j1BX-Ukd775q1V7q6YzAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/1QRo-_uA5yCxyQb5NqiQ-cehuv0.roa
Signing time: Tue 02 Jan 2024 02:30:20 +0000
ROA not before: Tue 02 Jan 2024 02:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197663
IP address blocks: 91.240.52.0/24 maxlen: 24
91.240.55.0/24 maxlen: 24
91.240.54.0/24 maxlen: 24
91.240.53.0/24 maxlen: 24
195.47.243.0/24 maxlen: 24
193.35.111.0/24 maxlen: 24
91.225.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/q_CoT_j1BX-Ukd775q1V7q6YzAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/q_CoT_j1BX-Ukd775q1V7q6YzAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/q_CoT_j1BX-Ukd775q1V7q6YzAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f4:9c:af:ee:3f:fa:14:ed:17:4a:66:3b:44:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf0a84ff8f5057f9491defbe6ad55eeae98cc06
Validity
Not Before: Jan 2 02:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d50468fbfb80e720b1c906f936a890f9c7a1bafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:52:18:bd:6a:ac:59:8a:25:dd:3f:31:8a:
4b:bd:b9:4f:79:63:21:ec:07:0c:3c:f7:44:b4:44:
1a:df:55:a4:6c:9e:ac:51:8c:d1:a6:11:aa:5e:4b:
24:ae:56:26:e4:83:f6:b3:a1:ed:bc:b9:75:07:8f:
1a:75:0f:19:bc:d9:06:04:fc:12:0b:46:82:a7:b8:
42:e4:ae:38:20:9b:74:29:de:39:1b:12:50:be:48:
1b:93:ca:6a:ac:8a:41:8d:29:f8:06:6e:fc:38:61:
55:bc:96:f4:b3:69:0c:12:79:bf:66:c9:ce:a4:30:
ad:79:55:9f:52:40:fb:eb:75:8d:1e:f7:f4:e2:a5:
81:a9:c4:bb:56:c4:27:7c:41:13:63:29:87:6b:00:
08:f7:71:78:ac:3e:9b:02:52:ec:8d:14:ce:a0:cd:
37:10:1c:c0:ac:80:4d:bc:b0:a9:c5:69:ec:27:8c:
e3:7c:7d:e4:eb:d8:ca:56:9a:d8:c9:e7:31:f3:2e:
52:5e:13:4f:d7:af:08:11:a4:6f:07:6e:44:ea:b4:
e4:a9:f4:a6:23:53:9f:07:40:97:66:d8:38:07:d3:
c9:2b:b9:78:6e:cf:65:f6:83:9d:a5:a0:16:9f:ce:
ec:a1:d0:49:42:d2:38:97:9f:2b:92:bd:52:df:64:
1f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:04:68:FB:FB:80:E7:20:B1:C9:06:F9:36:A8:90:F9:C7:A1:BA:FD
X509v3 Authority Key Identifier:
keyid:AB:F0:A8:4F:F8:F5:05:7F:94:91:DE:FB:E6:AD:55:EE:AE:98:CC:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_CoT_j1BX-Ukd775q1V7q6YzAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/1QRo-_uA5yCxyQb5NqiQ-cehuv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f98bd4-de07-42cd-9848-944ca1a80b18/1/q_CoT_j1BX-Ukd775q1V7q6YzAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.96.0/22
91.240.52.0/22
193.35.111.0/24
195.47.243.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:90:b2:e8:6f:0d:c5:ed:06:8b:65:e2:c4:c6:02:fc:b6:f8:
bf:76:1b:1d:86:b7:61:25:12:cf:8d:41:bd:3c:fb:dc:4d:77:
71:18:4b:04:1e:6b:a7:f6:90:04:af:21:cf:62:fc:ad:e4:16:
9d:42:c0:cf:f9:ac:7e:1d:a7:0b:ae:2a:98:4e:56:f6:e4:f1:
81:31:fd:81:6b:00:ae:ed:cf:49:fe:9b:eb:b1:73:df:4c:c2:
4e:47:ce:2d:6f:52:48:10:1d:85:32:7d:cd:e7:ba:5c:07:8d:
fd:a0:3f:59:a6:81:a2:59:92:a4:6b:06:9b:d6:a4:90:a2:1e:
28:b0:d1:ae:e5:47:7c:9e:22:29:d7:b6:a0:70:47:2d:7f:6a:
f7:28:91:7c:c8:38:69:aa:48:f8:fd:13:31:ca:bb:bf:5e:1c:
b9:9e:ae:4b:b3:29:ec:e2:1b:c4:12:f7:bc:a6:dc:ef:97:a9:
84:81:13:2f:f8:1b:ed:c5:77:2b:e8:b3:2e:fa:c0:de:17:c8:
f9:45:3a:5e:e0:dc:4a:0d:6e:5e:26:d3:e7:39:17:34:5a:ae:
4f:e5:24:f5:e7:2d:31:a3:98:fc:09:47:16:22:46:e9:1c:6e:
04:f5:87:0a:a8:bf:10:89:27:eb:b2:01:bf:c2:8b:81:36:2c:
1d:fc:04:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAfScr+4/+hTtF0pmO0SjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjBhODRmZjhmNTA1N2Y5NDkxZGVmYmU2YWQ1NWVlYWU5
OGNjMDYwHhcNMjQwMTAyMDIzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA0NjhmYmZiODBlNzIwYjFjOTA2ZjkzNmE4OTBmOWM3YTFiYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw1SGL1qrFmKJd0/MYpLvblPeWMh
7AcMPPdEtEQa31WkbJ6sUYzRphGqXkskrlYm5IP2s6HtvLl1B48adQ8ZvNkGBPwS
C0aCp7hC5K44IJt0Kd45GxJQvkgbk8pqrIpBjSn4Bm78OGFVvJb0s2kMEnm/ZsnO
pDCteVWfUkD763WNHvf04qWBqcS7VsQnfEETYymHawAI93F4rD6bAlLsjRTOoM03
EBzArIBNvLCpxWnsJ4zjfH3k69jKVprYyecx8y5SXhNP168IEaRvB25E6rTkqfSm
I1OfB0CXZtg4B9PJK7l4bs9l9oOdpaAWn87sodBJQtI4l58rkr1S32QfhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNUEaPv7gOcgsckG+TaokPnHobr9MB8GA1UdIwQY
MBaAFKvwqE/49QV/lJHe++atVe6umMwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9Db1RfajFCWC1Va2Q3NzVxMVY3cTZZekFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mOThiZDQtZGUwNy00MmNkLTk4NDgt
OTQ0Y2ExYTgwYjE4LzEvMVFSby1fdUE1eUN4eVFiNU5xaVEtY2VodXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mOThiZDQtZGUwNy00MmNkLTk4NDgtOTQ0Y2ExYTgwYjE4
LzEvcV9Db1RfajFCWC1Va2Q3NzVxMVY3cTZZekFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+FgAwQC
W/A0AwQAwSNvAwQAwy/zMA0GCSqGSIb3DQEBCwUAA4IBAQBbkLLobw3F7QaLZeLE
xgL8tvi/dhsdhrdhJRLPjUG9PPvcTXdxGEsEHmun9pAEryHPYvyt5BadQsDP+ax+
HacLriqYTlb25PGBMf2BawCu7c9J/pvrsXPfTMJOR84tb1JIEB2FMn3N57pcB439
oD9ZpoGiWZKkawab1qSQoh4osNGu5Ud8niIp17agcEctf2r3KJF8yDhpqkj4/RMx
yru/Xhy5nq5Lsyns4hvEEve8ptzvl6mEgRMv+BvtxXcr6LMu+sDeF8j5RTpe4NxK
DW5eJtPnORc0Wq5P5ST15y0xo5j8CUcWIkbpHG4E9YcKqL8QiSfrsgG/wouBNiwd
/AQu
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:12:15 2024 by rpki-client on console-fra.rpki-client.org