Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/Qo3pg_HLCzg-4vOMqQD_Wzf309w.roa
File: Qo3pg_HLCzg-4vOMqQD_Wzf309w.roa (raw, json)
Hash identifier: gAXPu/MARfHKah8xDDguvQmTNYmkun8+erV86ucPvx4=
Subject key identifier: 42:8D:E9:83:F1:CB:0B:38:3E:E2:F3:8C:A9:00:FF:5B:37:F7:D3:DC
Certificate issuer: /CN=b7695b98e08a378bf0dc944d2f1a60a1f6954981
Certificate serial: 018CC42561AEB2BC6FA748E105F03DBAC1F2
Authority key identifier: B7:69:5B:98:E0:8A:37:8B:F0:DC:94:4D:2F:1A:60:A1:F6:95:49:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t2lbmOCKN4vw3JRNLxpgofaVSYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/Qo3pg_HLCzg-4vOMqQD_Wzf309w.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42841
IP address blocks: 88.212.0.0/19 maxlen: 19
88.212.0.0/20 maxlen: 20
88.212.0.0/18 maxlen: 18
88.212.16.0/20 maxlen: 20
88.212.32.0/20 maxlen: 20
88.212.32.0/19 maxlen: 19
88.212.48.0/20 maxlen: 20
185.61.16.0/22 maxlen: 22
2a02:130::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/t2lbmOCKN4vw3JRNLxpgofaVSYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/t2lbmOCKN4vw3JRNLxpgofaVSYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/t2lbmOCKN4vw3JRNLxpgofaVSYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:61:ae:b2:bc:6f:a7:48:e1:05:f0:3d:ba:c1:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7695b98e08a378bf0dc944d2f1a60a1f6954981
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=428de983f1cb0b383ee2f38ca900ff5b37f7d3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:89:d3:a9:2c:3e:48:72:23:f0:35:c9:34:c8:
ee:0e:bc:74:f6:ab:37:0b:4a:a0:92:b4:67:63:ca:
50:81:75:4a:1a:a1:91:11:9f:c1:1d:53:b9:d6:68:
1e:ae:cd:c2:69:6d:07:83:85:29:d1:24:d4:9c:26:
b7:7d:4e:07:53:7e:f9:d2:5d:25:31:64:99:70:cb:
e8:72:90:72:76:60:7b:ff:86:07:05:86:72:66:cb:
c5:66:c9:c1:49:7e:0a:7e:28:34:fc:57:bd:8a:58:
f7:77:b0:f0:e1:13:93:b0:ac:37:05:31:b3:7c:76:
03:91:07:e7:0b:b9:d9:8a:38:fc:c7:88:9d:51:43:
5f:8f:c9:93:34:a5:0a:0e:0b:c3:ee:27:71:aa:6a:
7e:27:1a:89:e3:48:74:89:a8:01:b2:0b:e3:2e:57:
82:bd:28:69:61:7b:8a:ce:0e:2a:a2:8d:c1:db:26:
00:85:39:65:ef:f3:c3:21:80:ed:f9:55:a8:1b:80:
99:d1:90:01:6b:41:90:54:10:ec:10:8e:75:46:52:
cf:53:75:62:34:42:95:5c:37:cf:29:05:4d:9a:71:
dc:b2:3f:31:90:39:16:f8:29:0a:ab:4b:8a:61:ec:
7b:ba:97:cd:43:fe:99:85:a7:84:1f:6e:7b:94:41:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8D:E9:83:F1:CB:0B:38:3E:E2:F3:8C:A9:00:FF:5B:37:F7:D3:DC
X509v3 Authority Key Identifier:
keyid:B7:69:5B:98:E0:8A:37:8B:F0:DC:94:4D:2F:1A:60:A1:F6:95:49:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t2lbmOCKN4vw3JRNLxpgofaVSYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/Qo3pg_HLCzg-4vOMqQD_Wzf309w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/81e9aa-85ed-4850-b46b-6885aa87c4fd/1/t2lbmOCKN4vw3JRNLxpgofaVSYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.212.0.0/18
185.61.16.0/22
IPv6:
2a02:130::/32
Signature Algorithm: sha256WithRSAEncryption
6f:30:42:35:b2:42:42:9e:9d:a3:26:f0:b9:58:05:19:39:b9:
d4:69:f7:08:e8:e8:26:60:e9:30:54:fb:71:51:c1:a8:fd:c9:
38:43:21:66:e5:4a:78:db:27:86:81:63:8b:a3:02:3f:54:8e:
39:78:20:cf:0b:18:f2:01:b2:e0:a1:56:35:e8:36:fd:9d:cb:
51:44:30:19:6e:75:64:21:93:08:d9:dc:11:b6:d4:e7:e5:41:
4d:9c:0b:3c:cf:07:7b:a2:69:e0:6a:39:87:c7:f9:14:64:81:
3e:9b:93:b7:6e:2f:14:c8:d1:09:de:bb:25:c3:c2:09:4b:11:
a3:8c:94:30:7b:c8:c0:a1:26:57:39:b7:cb:11:7f:49:b8:60:
78:77:56:74:3c:48:2b:dd:55:5c:79:4b:2e:7b:7c:17:ab:58:
23:0e:ac:7a:20:29:f3:64:01:fd:1a:7d:b1:e6:98:33:2d:9e:
33:ce:15:9b:f2:0b:52:a8:ba:b1:44:3c:04:ab:6f:4b:1c:fa:
75:58:2d:5e:1d:9e:0f:b6:ef:c8:07:38:35:3e:b9:76:8d:86:
bd:34:d9:7b:5b:e9:fb:6d:90:69:6a:f6:27:aa:df:f4:66:94:
5d:63:06:48:c6:32:a8:45:c5:ee:57:ff:df:d2:9a:3f:82:6c:
08:c9:3e:ef
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJWGusrxvp0jhBfA9usHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Njk1Yjk4ZTA4YTM3OGJmMGRjOTQ0ZDJmMWE2MGExZjY5
NTQ5ODEwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhkZTk4M2YxY2IwYjM4M2VlMmYzOGNhOTAwZmY1YjM3ZjdkM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4nTqSw+SHIj8DXJNMjuDrx09qs3
C0qgkrRnY8pQgXVKGqGREZ/BHVO51mgers3CaW0Hg4Up0STUnCa3fU4HU3750l0l
MWSZcMvocpBydmB7/4YHBYZyZsvFZsnBSX4Kfig0/Fe9ilj3d7Dw4ROTsKw3BTGz
fHYDkQfnC7nZijj8x4idUUNfj8mTNKUKDgvD7idxqmp+JxqJ40h0iagBsgvjLleC
vShpYXuKzg4qoo3B2yYAhTll7/PDIYDt+VWoG4CZ0ZABa0GQVBDsEI51RlLPU3Vi
NEKVXDfPKQVNmnHcsj8xkDkW+CkKq0uKYex7upfNQ/6ZhaeEH257lEGFaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEKN6YPxyws4PuLzjKkA/1s399PcMB8GA1UdIwQY
MBaAFLdpW5jgijeL8NyUTS8aYKH2lUmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDJsYm1PQ0tONHZ3M0pSTkx4cGdvZmFWU1lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84MWU5YWEtODVlZC00ODUwLWI0NmIt
Njg4NWFhODdjNGZkLzEvUW8zcGdfSExDemctNHZPTXFRRF9XemYzMDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84MWU5YWEtODVlZC00ODUwLWI0NmItNjg4NWFhODdjNGZk
LzEvdDJsYm1PQ0tONHZ3M0pSTkx4cGdvZmFWU1lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGWNQAAwQC
uT0QMA0EAgACMAcDBQAqAgEwMA0GCSqGSIb3DQEBCwUAA4IBAQBvMEI1skJCnp2j
JvC5WAUZObnUafcI6OgmYOkwVPtxUcGo/ck4QyFm5Up42yeGgWOLowI/VI45eCDP
CxjyAbLgoVY16Db9nctRRDAZbnVkIZMI2dwRttTn5UFNnAs8zwd7omngajmHx/kU
ZIE+m5O3bi8UyNEJ3rslw8IJSxGjjJQwe8jAoSZXObfLEX9JuGB4d1Z0PEgr3VVc
eUsue3wXq1gjDqx6ICnzZAH9Gn2x5pgzLZ4zzhWb8gtSqLqxRDwEq29LHPp1WC1e
HZ4Ptu/IBzg1Prl2jYa9NNl7W+n7bZBpavYnqt/0ZpRdYwZIxjKoRcXuV//f0po/
gmwIyT7v
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:39 2024 by rpki-client on console-ams.rpki-client.org