Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Qf34fUZbEuMOZezQWWnPfNNHmdU.roa
File: Qf34fUZbEuMOZezQWWnPfNNHmdU.roa (raw, json)
Hash identifier: brOhURT7IbexmY84ZWgQxUEwIhRu2Oh+M3CmfKlcH/Y=
Subject key identifier: 41:FD:F8:7D:46:5B:12:E3:0E:65:EC:D0:59:69:CF:7C:D3:47:99:D5
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018CC8018437E1D245BE628FE059FF58FBCD
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Qf34fUZbEuMOZezQWWnPfNNHmdU.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16633
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
185.225.27.0/24 maxlen: 24
193.41.32.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
87.236.163.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
188.190.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:37:e1:d2:45:be:62:8f:e0:59:ff:58:fb:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41fdf87d465b12e30e65ecd05969cf7cd34799d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cd:2c:01:08:05:9f:be:13:6b:52:b8:6f:4a:
c9:60:25:f4:c5:a5:7a:6b:54:af:2c:7d:4c:13:9d:
08:d7:8d:4e:01:2f:ee:af:43:3d:d3:0d:57:ea:72:
55:1c:92:07:b6:b8:fe:22:06:82:28:5d:52:23:63:
92:84:b9:b7:8e:03:25:8a:7b:c1:25:9d:81:cf:dc:
f3:53:43:40:e9:74:ae:b2:d7:c5:f8:fa:6d:d1:9a:
78:b7:23:aa:49:0c:12:dc:7e:98:78:8e:e9:a3:4b:
9a:b3:cb:4f:9f:41:eb:3e:fe:de:8d:63:00:75:ff:
89:88:76:e5:3b:da:b0:3e:c2:cf:7c:70:e4:32:a7:
b1:54:23:80:bc:c0:4d:97:ce:10:cc:51:9d:fc:6a:
27:e5:b9:0c:ab:4c:59:70:71:80:b0:9a:16:5e:cd:
e9:06:92:8c:f5:ba:6c:49:19:7b:23:3b:da:5d:99:
8a:3a:a4:41:26:b9:7d:a9:56:34:75:74:e9:af:d3:
32:70:bf:89:40:d5:6b:02:a1:9a:10:4f:4f:ea:fb:
ee:4c:27:79:e3:8c:8d:7a:09:1c:5d:2b:37:6e:7d:
43:5f:9e:dd:34:8c:10:8f:d6:75:d7:25:a7:a2:c8:
c2:14:89:40:79:2f:c2:3e:3c:fa:fd:6c:73:e9:1b:
f4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FD:F8:7D:46:5B:12:E3:0E:65:EC:D0:59:69:CF:7C:D3:47:99:D5
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Qf34fUZbEuMOZezQWWnPfNNHmdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
87.236.163.0/24
185.201.17.0-185.201.18.255
185.225.27.0/24
188.190.112.0/24
193.41.32.0/24
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:10:e6:07:43:45:af:6b:a8:c7:60:27:21:55:e6:bb:1b:d3:
5d:b0:e4:17:72:33:6d:91:2c:70:3f:3d:b7:a2:49:b1:3c:ec:
28:52:ac:5f:68:52:86:a0:27:77:f4:87:16:25:fb:63:84:6f:
32:66:74:b0:6b:80:81:7a:ef:3f:ef:c7:9a:e3:45:94:ef:ff:
ba:9c:30:be:41:78:b4:06:fd:9f:30:71:b0:de:cb:18:6b:d1:
46:c9:38:49:31:98:fa:80:3e:9a:45:fb:f0:c2:f1:4d:d9:a9:
51:c2:07:13:7b:5d:0d:2b:43:cc:0d:cb:92:9d:bb:41:a6:92:
3a:71:30:df:da:74:3e:61:42:be:6a:30:7e:ec:a4:3f:be:11:
73:0e:4e:9e:e4:17:04:08:0f:d7:00:12:77:69:bd:be:8b:46:
3a:6c:ab:ff:9b:6b:f4:20:a4:c5:55:10:9b:4e:82:a9:6f:d2:
63:af:81:04:eb:ca:47:ff:1f:f8:5f:fc:cf:af:ed:37:a2:2f:
dc:17:9d:1b:63:a9:b9:63:fe:6f:d6:a0:e4:6f:bd:f7:b6:23:
9c:f4:ce:e8:7f:b0:2b:f9:d1:5f:19:28:16:e2:9f:28:70:2a:
a9:da:86:59:40:f5:23:0c:01:c4:13:6f:e2:ec:ba:2e:37:5d:
8d:c9:59:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzIAYQ34dJFvmKP4Fn/WPvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZkZjg3ZDQ2NWIxMmUzMGU2NWVjZDA1OTY5Y2Y3Y2QzNDc5OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s0sAQgFn74Ta1K4b0rJYCX0xaV6
a1SvLH1ME50I141OAS/ur0M90w1X6nJVHJIHtrj+IgaCKF1SI2OShLm3jgMlinvB
JZ2Bz9zzU0NA6XSustfF+Ppt0Zp4tyOqSQwS3H6YeI7po0uas8tPn0HrPv7ejWMA
df+JiHblO9qwPsLPfHDkMqexVCOAvMBNl84QzFGd/Gon5bkMq0xZcHGAsJoWXs3p
BpKM9bpsSRl7IzvaXZmKOqRBJrl9qVY0dXTpr9MycL+JQNVrAqGaEE9P6vvuTCd5
44yNegkcXSs3bn1DX57dNIwQj9Z11yWnosjCFIlAeS/CPjz6/Wxz6Rv08wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEH9+H1GWxLjDmXs0Flpz3zTR5nVMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvUWYzNGZVWmJFdU1PWmV6UVdXblBmTk5IbWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZNfAwQA
LuXwAwQAV+yjMAwDBAC5yREDBAC5yRIDBAC54RsDBAC8vnADBADBKSADBADByNYw
DQYJKoZIhvcNAQELBQADggEBAKcQ5gdDRa9rqMdgJyFV5rsb012w5BdyM22RLHA/
PbeiSbE87ChSrF9oUoagJ3f0hxYl+2OEbzJmdLBrgIF67z/vx5rjRZTv/7qcML5B
eLQG/Z8wcbDeyxhr0UbJOEkxmPqAPppF+/DC8U3ZqVHCBxN7XQ0rQ8wNy5Kdu0Gm
kjpxMN/adD5hQr5qMH7spD++EXMOTp7kFwQID9cAEndpvb6LRjpsq/+ba/QgpMVV
EJtOgqlv0mOvgQTrykf/H/hf/M+v7TeiL9wXnRtjqblj/m/WoORvvfe2I5z0zuh/
sCv50V8ZKBbinyhwKqnahllA9SMMAcQTb+Lsui43XY3JWdA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:07:00 2024 by rpki-client on console-fra.rpki-client.org