Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/zQO3rkho9gr8dygDFBFMSvjIRB4.roa
File: zQO3rkho9gr8dygDFBFMSvjIRB4.roa (raw, json)
Hash identifier: jiX4yYVPprMJEhDVWbcv7tCoWKcPoyvmfUWeZeVD9so=
Subject key identifier: CD:03:B7:AE:48:68:F6:0A:FC:77:28:03:14:11:4C:4A:F8:C8:44:1E
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018FC3D3B542E7C31BB995D520108A30B88F
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/zQO3rkho9gr8dygDFBFMSvjIRB4.roa
Signing time: Wed 29 May 2024 10:09:42 +0000
ROA not before: Wed 29 May 2024 10:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 85.198.34.0/24 maxlen: 24
85.198.35.0/24 maxlen: 24
85.198.38.0/24 maxlen: 24
85.198.39.0/24 maxlen: 24
85.198.42.0/24 maxlen: 24
85.198.43.0/24 maxlen: 24
91.123.12.0/24 maxlen: 24
91.123.13.0/24 maxlen: 24
91.123.14.0/24 maxlen: 24
91.123.15.0/24 maxlen: 24
190.106.177.0/24 maxlen: 24
190.106.178.0/24 maxlen: 24
190.106.179.0/24 maxlen: 24
190.106.180.0/24 maxlen: 24
190.106.181.0/24 maxlen: 24
190.106.182.0/24 maxlen: 24
190.106.184.0/24 maxlen: 24
206.195.137.0/24 maxlen: 24
206.195.138.0/24 maxlen: 24
206.195.139.0/24 maxlen: 24
206.195.141.0/24 maxlen: 24
206.195.142.0/24 maxlen: 24
206.195.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:d3:b5:42:e7:c3:1b:b9:95:d5:20:10:8a:30:b8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: May 29 10:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd03b7ae4868f60afc77280314114c4af8c8441e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b8:f0:81:1c:c4:8a:70:c2:a6:e1:cb:82:c1:
97:f4:9f:fa:8b:dc:9c:2e:30:7d:be:b8:1d:0e:e4:
48:12:dc:63:ab:cd:85:c3:be:74:07:4a:e9:c9:65:
69:7c:6a:d0:eb:10:2c:0a:14:0c:d1:0b:fe:54:17:
88:34:b0:64:30:7c:86:5f:9b:ee:1c:f9:d2:26:de:
62:47:ca:b0:b5:7f:31:ae:b5:ab:c6:6a:0a:08:94:
5c:cc:ff:6e:80:ed:a6:20:14:c0:92:b2:82:f0:15:
6c:63:93:db:20:24:0c:b1:41:2e:f8:2b:79:07:e9:
35:d6:cb:ca:c5:db:99:07:cd:5e:af:5a:b3:08:81:
d0:8a:1e:7c:27:4b:da:8e:5a:bd:64:cb:e1:04:71:
ec:82:9c:71:c7:61:c2:89:ca:7b:a9:61:a6:a3:37:
d2:46:cb:96:f9:4d:89:4e:35:a4:bf:c0:7f:06:21:
66:95:27:b0:1f:59:9b:92:81:22:27:35:cf:55:f3:
8c:0d:ca:99:b6:19:22:21:0e:0c:df:cc:d3:94:f3:
27:8b:d1:c6:f3:5a:4a:26:e9:7a:ea:3d:5d:50:66:
97:aa:5b:6b:79:ac:7d:b2:b2:d1:24:0c:ac:b2:13:
4e:a8:98:56:6e:8e:ab:38:ed:04:a6:45:14:0f:be:
41:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:03:B7:AE:48:68:F6:0A:FC:77:28:03:14:11:4C:4A:F8:C8:44:1E
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/zQO3rkho9gr8dygDFBFMSvjIRB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.34.0/23
85.198.38.0/23
85.198.42.0/23
91.123.12.0/22
190.106.177.0-190.106.182.255
190.106.184.0/24
206.195.137.0-206.195.139.255
206.195.141.0-206.195.143.255
Signature Algorithm: sha256WithRSAEncryption
3c:d6:e4:99:48:64:ba:73:48:2e:84:0d:29:2c:e2:69:60:fd:
5d:08:fd:c1:a8:18:0c:c0:86:79:ac:e5:5a:1e:3a:2d:d2:67:
8c:1f:74:dc:b3:74:41:f2:fc:01:24:12:96:23:10:76:c9:a4:
01:6f:41:f5:b6:5d:70:b4:5e:1a:0f:60:01:b6:75:6f:0d:28:
fb:0e:e7:73:40:4a:03:16:6e:8b:be:cb:e0:e9:a0:83:94:b0:
b7:05:7a:7a:94:f9:88:ed:0f:6a:0f:2a:86:0d:8d:a8:b3:48:
22:f5:c9:d5:5e:17:23:2e:57:93:48:82:f1:c5:96:ec:4d:e1:
4b:5c:f6:53:2c:29:f0:a0:8e:df:cd:40:98:5e:e0:8a:a4:c9:
94:e3:a8:01:60:12:ee:5d:cb:87:b6:d1:cb:b1:9b:17:7e:55:
6c:f4:22:1c:ae:ad:6b:4a:5d:b4:98:a3:07:5a:d1:f6:46:a7:
9a:84:93:ab:14:dd:82:65:99:03:43:97:bf:09:d2:26:d2:b6:
3f:b6:c8:5b:72:be:d3:ae:bd:f0:9c:54:80:7c:54:01:ef:6a:
c1:5f:7b:69:4b:d6:9c:5e:a8:55:d7:60:76:bd:08:39:f8:56:
e3:d1:66:1b:46:18:3f:3e:45:15:98:0e:e2:4c:e6:77:62:d7:
8a:fd:61:b4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY/D07VC58MbuZXVIBCKMLiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjQwNTI5MTAwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAzYjdhZTQ4NjhmNjBhZmM3NzI4MDMxNDExNGM0YWY4Yzg0NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLjwgRzEinDCpuHLgsGX9J/6i9yc
LjB9vrgdDuRIEtxjq82Fw750B0rpyWVpfGrQ6xAsChQM0Qv+VBeINLBkMHyGX5vu
HPnSJt5iR8qwtX8xrrWrxmoKCJRczP9ugO2mIBTAkrKC8BVsY5PbICQMsUEu+Ct5
B+k11svKxduZB81er1qzCIHQih58J0vajlq9ZMvhBHHsgpxxx2HCicp7qWGmozfS
RsuW+U2JTjWkv8B/BiFmlSewH1mbkoEiJzXPVfOMDcqZthkiIQ4M38zTlPMni9HG
81pKJul66j1dUGaXqltreax9srLRJAysshNOqJhWbo6rOO0EpkUUD75B4QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM0Dt65IaPYK/HcoAxQRTEr4yEQeMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvelFPM3JraG85Z3I4ZHlnREZCRk1TdmpJUkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBVcYiAwQB
VcYmAwQBVcYqAwQCW3sMMAwDBAC+arEDBAC+arYDBAC+argwDAMEAM7DiQMEAs7D
iDAMAwQAzsONAwQEzsOAMA0GCSqGSIb3DQEBCwUAA4IBAQA81uSZSGS6c0guhA0p
LOJpYP1dCP3BqBgMwIZ5rOVaHjot0meMH3Tcs3RB8vwBJBKWIxB2yaQBb0H1tl1w
tF4aD2ABtnVvDSj7DudzQEoDFm6Lvsvg6aCDlLC3BXp6lPmI7Q9qDyqGDY2os0gi
9cnVXhcjLleTSILxxZbsTeFLXPZTLCnwoI7fzUCYXuCKpMmU46gBYBLuXcuHttHL
sZsXflVs9CIcrq1rSl20mKMHWtH2RqeahJOrFN2CZZkDQ5e/CdIm0rY/tshbcr7T
rr3wnFSAfFQB72rBX3tpS9acXqhV12B2vQg5+Fbj0WYbRhg/PkUVmA7iTOZ3YteK
/WG0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:07 2024 by rpki-client on console-fra.rpki-client.org