Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/QsaA6w_DHvHg4FKptzoEWHdt61k.roa
File: QsaA6w_DHvHg4FKptzoEWHdt61k.roa (raw, json)
Hash identifier: 3Lo4mYFrNBKFUmfbVfunPqToNhDIUSNFTj9IJgZZGRI=
Subject key identifier: 42:C6:80:EB:0F:C3:1E:F1:E0:E0:52:A9:B7:3A:04:58:77:6D:EB:59
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 018CC6B92D7AEC2975564793BC0882EE4034
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/QsaA6w_DHvHg4FKptzoEWHdt61k.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48158
IP address blocks: 176.58.41.0/24 maxlen: 24
176.58.40.0/23 maxlen: 24
176.58.39.0/24 maxlen: 24
176.58.38.0/23 maxlen: 24
176.58.43.0/24 maxlen: 24
176.58.42.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.47.0/24 maxlen: 24
176.58.46.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.50.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.54.0/24 maxlen: 24
176.58.53.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
176.58.56.0/24 maxlen: 24
146.255.212.0/22 maxlen: 24
146.255.216.0/21 maxlen: 24
185.190.190.0/24 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2d:7a:ec:29:75:56:47:93:bc:08:82:ee:40:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42c680eb0fc31ef1e0e052a9b73a0458776deb59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:c9:bf:39:02:7b:d3:ab:70:a4:62:9e:a2:
0e:68:5b:25:5e:e1:e8:e7:90:b1:15:be:73:5d:a3:
12:b9:7b:ad:1b:47:16:ce:bd:ff:52:01:26:2b:3f:
e4:d5:78:ff:a4:c2:fd:4e:81:48:cf:28:f8:54:9f:
3f:8f:c8:6e:41:8e:df:a8:e3:26:42:20:6c:5a:2f:
ca:bb:6c:b4:aa:83:d4:75:6c:b3:f4:16:f1:ef:fd:
33:16:92:f9:2e:b8:a9:9c:7d:c9:c9:7f:d4:ee:53:
28:c4:c0:dc:bd:e0:ce:76:a0:fe:92:6e:a6:36:d9:
3b:6a:dd:14:35:9b:5d:eb:0a:0f:61:0c:ff:6a:e5:
35:f7:00:b1:10:e0:b4:75:aa:35:c3:32:f6:0a:20:
8f:62:25:a9:fd:0a:94:9a:e9:68:58:35:9e:36:23:
ce:d1:dc:78:63:f2:e6:f4:ce:7b:b2:11:1c:6c:ab:
36:96:8a:62:f4:3b:af:16:c9:ba:c6:1d:59:f8:1f:
38:0a:27:be:00:f7:75:dd:0e:cb:97:56:e1:8e:a5:
7d:6d:13:05:a9:24:72:81:a6:38:20:cd:85:14:1b:
30:39:f6:f9:80:58:a4:0e:04:b4:8f:6a:0c:c6:75:
85:e7:74:fb:93:18:2e:a7:89:50:9e:39:6c:f5:ae:
7e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C6:80:EB:0F:C3:1E:F1:E0:E0:52:A9:B7:3A:04:58:77:6D:EB:59
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/QsaA6w_DHvHg4FKptzoEWHdt61k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.212.0-146.255.223.255
176.58.38.0-176.58.43.255
176.58.45.0-176.58.50.255
176.58.52.0-176.58.57.255
185.190.190.0/24
212.124.96.0/21
Signature Algorithm: sha256WithRSAEncryption
60:c8:cd:e6:f4:93:8c:4e:61:91:1a:88:7d:b5:04:e8:d7:d0:
1c:b4:39:11:69:87:d9:09:90:e3:0e:d5:91:58:d4:bb:bf:3f:
78:d0:ac:a1:f3:2a:ac:84:21:4b:8b:00:98:62:12:c6:2f:0d:
58:7f:7a:b9:82:b3:f2:c2:02:68:d0:b2:78:31:9e:66:d3:67:
63:56:7c:52:ae:d6:96:43:88:c1:26:3c:2a:2a:65:59:dc:80:
0e:7b:f0:3b:16:61:93:76:63:83:63:00:46:6a:51:a9:9e:08:
fc:43:cc:b3:eb:c1:a1:f9:4d:53:3f:10:84:69:5d:cc:7b:eb:
3e:02:6c:f7:f5:e5:46:b2:77:8d:63:45:17:be:bc:4a:0d:78:
f5:44:a9:25:21:8d:13:0a:cf:9a:38:e2:ee:df:c3:13:fe:6e:
a6:da:94:54:a8:04:fc:b4:6f:04:46:59:46:dc:04:63:1e:b2:
1b:5c:fa:d2:8d:24:26:0c:3c:5e:9b:98:3a:39:24:c0:f9:92:
55:3f:13:cb:25:3a:a6:42:2f:a3:7e:df:7c:f0:53:61:f4:af:
ce:cb:52:62:f5:37:a4:8e:42:e7:1e:58:ef:21:0d:8d:17:c2:
50:49:91:a5:fc:56:61:09:0b:0b:ef:b3:cd:c8:c6:ce:f0:7c:
09:87:b2:35
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzGuS167Cl1VkeTvAiC7kA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmM2ODBlYjBmYzMxZWYxZTBlMDUyYTliNzNhMDQ1ODc3NmRlYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGPJvzkCe9OrcKRinqIOaFslXuHo
55CxFb5zXaMSuXutG0cWzr3/UgEmKz/k1Xj/pML9ToFIzyj4VJ8/j8huQY7fqOMm
QiBsWi/Ku2y0qoPUdWyz9Bbx7/0zFpL5LripnH3JyX/U7lMoxMDcveDOdqD+km6m
Ntk7at0UNZtd6woPYQz/auU19wCxEOC0dao1wzL2CiCPYiWp/QqUmuloWDWeNiPO
0dx4Y/Lm9M57shEcbKs2lopi9DuvFsm6xh1Z+B84Cie+APd13Q7Ll1bhjqV9bRMF
qSRygaY4IM2FFBswOfb5gFikDgS0j2oMxnWF53T7kxgup4lQnjls9a5+mwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFELGgOsPwx7x4OBSqbc6BFh3betZMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvUXNhQTZ3X0RIdkhnNEZLcHR6b0VXSGR0NjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAKS/9QD
BAWS/8AwDAMEAbA6JgMEArA6KDAMAwQAsDotAwQAsDoyMAwDBAKwOjQDBAGwOjgD
BAC5vr4DBAPUfGAwDQYJKoZIhvcNAQELBQADggEBAGDIzeb0k4xOYZEaiH21BOjX
0By0ORFph9kJkOMO1ZFY1Lu/P3jQrKHzKqyEIUuLAJhiEsYvDVh/ermCs/LCAmjQ
sngxnmbTZ2NWfFKu1pZDiMEmPCoqZVncgA578DsWYZN2Y4NjAEZqUameCPxDzLPr
waH5TVM/EIRpXcx76z4CbPf15Uayd41jRRe+vEoNePVEqSUhjRMKz5o44u7fwxP+
bqbalFSoBPy0bwRGWUbcBGMeshtc+tKNJCYMPF6bmDo5JMD5klU/E8slOqZCL6N+
33zwU2H0r87LUmL1N6SOQuceWO8hDY0XwlBJkaX8VmEJCwvvs83Ixs7wfAmHsjU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:51:22 2024 by rpki-client on console-fra.rpki-client.org