Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/gQPLxngSYwT39WFntuhtHPOFffw.roa
File: gQPLxngSYwT39WFntuhtHPOFffw.roa (raw, json)
Hash identifier: eq+GpsGLp3S8yRLtMVpEEJiak8gESCMaSDWC5OQdMz0=
Subject key identifier: 81:03:CB:C6:78:12:63:04:F7:F5:61:67:B6:E8:6D:1C:F3:85:7D:FC
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF262C84ADD571E6575283EF98A2C
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/gQPLxngSYwT39WFntuhtHPOFffw.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44247
IP address blocks: 109.160.63.0/24 maxlen: 24
109.160.64.0/22 maxlen: 22
109.160.70.0/24 maxlen: 24
109.160.69.0/24 maxlen: 24
109.160.82.0/23 maxlen: 23
109.160.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f2:62:c8:4a:dd:57:1e:65:75:28:3e:f9:8a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8103cbc678126304f7f56167b6e86d1cf3857dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:32:a6:24:84:a1:98:be:dd:17:40:bc:66:
d9:b6:da:7d:1a:a8:22:9c:23:21:f1:1a:4c:a0:99:
b2:cb:3b:65:ec:31:55:20:b9:c1:90:15:9b:f8:36:
85:ec:92:96:b3:ed:0d:2a:50:66:ed:8f:7d:36:7d:
5b:69:c5:99:8e:36:77:f9:0e:75:b0:83:72:cc:b5:
c7:47:ff:c0:f8:67:eb:96:a7:64:0e:25:34:02:1e:
e8:2b:5e:42:e9:e8:d2:57:84:63:e2:60:e9:18:0c:
b2:f8:38:88:06:0c:31:df:7b:b0:56:83:39:ad:b7:
c5:87:c5:52:2a:63:71:9a:0c:8a:9e:d9:56:94:06:
3e:85:ea:c5:80:3a:bd:c7:be:67:57:83:ad:d1:56:
4e:72:93:06:76:12:60:94:61:69:3d:74:b6:8b:09:
b2:e9:73:50:a6:a4:e6:a7:bf:de:c8:29:b7:8f:8d:
de:06:e2:59:d9:64:11:3f:d9:f5:d4:da:b4:bd:23:
eb:db:6a:3d:af:d9:82:08:0c:ed:88:47:14:1d:50:
1e:12:87:b7:e5:a7:6f:a5:cc:a4:f6:61:f8:58:87:
c7:95:0d:60:3e:f6:ba:b3:b4:67:c6:97:b6:6e:4c:
6b:b9:09:d6:95:bd:d4:f0:d4:ea:3a:69:b5:b1:02:
16:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:03:CB:C6:78:12:63:04:F7:F5:61:67:B6:E8:6D:1C:F3:85:7D:FC
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/gQPLxngSYwT39WFntuhtHPOFffw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.63.0-109.160.67.255
109.160.69.0-109.160.70.255
109.160.82.0-109.160.84.255
Signature Algorithm: sha256WithRSAEncryption
87:16:46:34:44:0b:f0:fb:23:60:28:ba:18:77:13:f7:a4:a0:
60:05:54:df:bd:98:8a:1e:80:23:88:fe:15:16:44:2d:08:53:
b1:21:97:c5:bd:58:42:62:f1:5c:2c:01:69:8b:04:1f:1c:34:
e4:8d:1e:a7:c3:32:ac:72:84:b1:49:b3:13:d0:86:84:99:f7:
72:bc:bd:68:a3:5c:a5:07:dd:ad:3c:48:15:f0:a6:d3:dd:6a:
2b:0e:66:6b:ed:75:8b:67:1c:dc:0a:0f:49:70:a6:eb:36:a6:
29:86:d9:dd:af:68:f1:62:ba:d2:8e:38:4f:d1:ac:50:e9:43:
8b:93:f5:37:31:cd:9c:2a:c2:d4:39:55:3e:d8:9d:86:39:6b:
de:a7:16:c9:4f:b9:df:fe:a9:02:b2:5c:b8:d8:28:9a:20:32:
be:4a:1f:da:98:75:b4:40:54:29:c3:80:46:dc:d3:ba:47:97:
0b:bf:9b:57:c7:87:2c:e6:2d:ca:36:e5:42:be:87:6a:8a:0b:
7f:26:25:58:f8:fa:87:bc:8b:3d:42:e5:56:e5:43:3d:54:72:
59:c2:4c:10:ef:f3:18:93:d2:96:ac:92:d7:46:89:0d:47:c8:
3c:3e:23:d0:e1:04:0a:67:31:07:c2:e3:3b:40:02:b2:19:5c:
e5:a0:f3:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzFbvJiyErdVx5ldSg++YosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTAzY2JjNjc4MTI2MzA0ZjdmNTYxNjdiNmU4NmQxY2YzODU3ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BgypiSEoZi+3RdAvGbZttp9Gqgi
nCMh8RpMoJmyyztl7DFVILnBkBWb+DaF7JKWs+0NKlBm7Y99Nn1bacWZjjZ3+Q51
sINyzLXHR//A+GfrlqdkDiU0Ah7oK15C6ejSV4Rj4mDpGAyy+DiIBgwx33uwVoM5
rbfFh8VSKmNxmgyKntlWlAY+herFgDq9x75nV4Ot0VZOcpMGdhJglGFpPXS2iwmy
6XNQpqTmp7/eyCm3j43eBuJZ2WQRP9n11Nq0vSPr22o9r9mCCAztiEcUHVAeEoe3
5advpcyk9mH4WIfHlQ1gPva6s7Rnxpe2bkxruQnWlb3U8NTqOmm1sQIWJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIEDy8Z4EmME9/VhZ7bobRzzhX38MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvZ1FQTHhuZ1NZd1QzOVdGbnR1aHRIUE9GZmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBABtoD8D
BAJtoEAwDAMEAG2gRQMEAG2gRjAMAwQBbaBSAwQAbaBUMA0GCSqGSIb3DQEBCwUA
A4IBAQCHFkY0RAvw+yNgKLoYdxP3pKBgBVTfvZiKHoAjiP4VFkQtCFOxIZfFvVhC
YvFcLAFpiwQfHDTkjR6nwzKscoSxSbMT0IaEmfdyvL1oo1ylB92tPEgV8KbT3Wor
DmZr7XWLZxzcCg9JcKbrNqYphtndr2jxYrrSjjhP0axQ6UOLk/U3Mc2cKsLUOVU+
2J2GOWvepxbJT7nf/qkCsly42CiaIDK+Sh/amHW0QFQpw4BG3NO6R5cLv5tXx4cs
5i3KNuVCvodqigt/JiVY+PqHvIs9QuVW5UM9VHJZwkwQ7/MYk9KWrJLXRokNR8g8
PiPQ4QQKZzEHwuM7QAKyGVzloPMU
-----END CERTIFICATE-----
Generated at Tue Apr 30 09:15:16 2024 by rpki-client on console-fra.rpki-client.org