Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qFh90H2M8lh76-AC7P0hHRY2kLk.roa
File: qFh90H2M8lh76-AC7P0hHRY2kLk.roa (raw, json)
Hash identifier: vq3m6rjQPAWyVCj5KMdMR8bDWFuTwMi3CjsiVCHNKR4=
Subject key identifier: A8:58:7D:D0:7D:8C:F2:58:7B:EB:E0:02:EC:FD:21:1D:16:36:90:B9
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC80200758731FA4B030FCDFA6DAA3968
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qFh90H2M8lh76-AC7P0hHRY2kLk.roa
Signing time: Tue 02 Jan 2024 02:30:23 +0000
ROA not before: Tue 02 Jan 2024 02:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16287
IP address blocks: 87.103.216.0/21 maxlen: 21
217.116.128.0/24 maxlen: 24
217.116.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:00:75:87:31:fa:4b:03:0f:cd:fa:6d:aa:39:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8587dd07d8cf2587bebe002ecfd211d163690b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7a:4b:d9:a1:ca:9c:bc:b1:4d:cf:4c:7c:3e:
52:ee:42:df:65:9c:f8:d0:2a:e7:93:18:d5:48:80:
ce:2d:79:ec:ca:bd:64:8b:7d:1a:c8:4c:86:49:dd:
c5:22:84:59:40:a8:63:64:f6:81:39:e8:b7:fe:cb:
9f:2c:38:de:67:8c:f9:7f:01:bb:d5:d6:bf:85:da:
75:6f:1f:1a:aa:06:a4:5b:73:a2:85:40:cd:65:04:
52:a0:06:b4:d8:5f:d7:f4:59:d0:4d:1e:f3:39:d7:
43:0b:8f:bd:23:c8:ce:97:c1:24:09:11:cd:7d:d7:
2c:0f:25:30:29:35:1b:e7:4b:19:dc:b6:8e:6e:49:
2d:d4:49:7d:28:6a:34:69:11:e1:93:73:14:20:50:
83:3f:6d:b7:4c:cc:58:75:4f:2e:f1:08:ed:5c:a9:
8b:08:9a:a6:a9:ce:dd:03:77:f7:66:21:44:b4:b8:
bd:bd:07:be:97:9a:b0:28:62:27:9d:f1:80:2a:b6:
8a:0a:69:e3:54:39:a7:be:a4:8c:09:e4:35:20:5f:
ad:07:b8:61:98:fe:fd:45:89:c5:a5:eb:1a:c7:1d:
be:c6:d2:26:eb:88:28:22:04:3d:c2:d7:6e:44:9f:
00:7b:aa:fb:54:f3:87:d5:1e:f6:bc:16:08:0b:82:
19:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:58:7D:D0:7D:8C:F2:58:7B:EB:E0:02:EC:FD:21:1D:16:36:90:B9
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qFh90H2M8lh76-AC7P0hHRY2kLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.103.216.0/21
217.116.128.0/24
217.116.140.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:a3:4c:13:19:3e:cf:db:21:13:ca:b4:ff:07:b4:aa:d2:c7:
4b:35:92:63:0a:d1:ca:a8:96:c2:11:53:57:39:35:bb:ef:81:
de:ac:72:fe:7c:d3:17:dc:c3:7b:8a:c0:3b:77:2d:e3:c8:9b:
04:03:6a:84:39:c2:9e:9f:6d:51:32:a9:fd:ae:a6:d9:44:16:
6c:b6:af:49:48:13:58:2e:29:e3:56:2d:fa:0d:e2:90:46:68:
00:ad:e8:1f:94:8f:ed:96:b1:90:4a:a0:46:4b:08:a2:8c:58:
02:c8:60:18:82:30:62:ad:0f:8f:82:49:90:ca:26:56:bb:19:
62:c6:5a:d2:c3:67:01:c6:7a:46:3e:6d:16:12:26:94:18:ec:
a9:bc:5a:6d:a6:3a:df:f7:6f:a4:b6:ae:7d:62:3e:2f:a3:a7:
ca:77:ae:8e:68:19:be:f1:aa:7d:65:08:82:70:31:07:2c:03:
50:0f:87:ab:af:74:89:b0:9d:90:04:35:6d:ec:cd:47:08:1c:
e5:ec:9c:e2:39:80:7b:63:4e:84:51:39:67:a9:e2:02:cf:25:
0c:c7:cf:04:ba:01:f7:fe:fe:b1:b2:1f:23:b8:ed:06:59:f0:
53:86:6a:50:ec:19:b6:e9:4b:ae:68:cc:ba:7b:28:2a:34:1f:
15:36:47:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAgB1hzH6SwMPzfptqjloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU4N2RkMDdkOGNmMjU4N2JlYmUwMDJlY2ZkMjExZDE2MzY5MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHpL2aHKnLyxTc9MfD5S7kLfZZz4
0CrnkxjVSIDOLXnsyr1ki30ayEyGSd3FIoRZQKhjZPaBOei3/sufLDjeZ4z5fwG7
1da/hdp1bx8aqgakW3OihUDNZQRSoAa02F/X9FnQTR7zOddDC4+9I8jOl8EkCRHN
fdcsDyUwKTUb50sZ3LaObkkt1El9KGo0aRHhk3MUIFCDP223TMxYdU8u8QjtXKmL
CJqmqc7dA3f3ZiFEtLi9vQe+l5qwKGInnfGAKraKCmnjVDmnvqSMCeQ1IF+tB7hh
mP79RYnFpesaxx2+xtIm64goIgQ9wtduRJ8Ae6r7VPOH1R72vBYIC4IZDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKhYfdB9jPJYe+vgAuz9IR0WNpC5MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcUZoOTBIMk04bGg3Ni1BQzdQMGhIUlkya0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDV2fYAwQA
2XSAAwQA2XSMMA0GCSqGSIb3DQEBCwUAA4IBAQA9o0wTGT7P2yETyrT/B7Sq0sdL
NZJjCtHKqJbCEVNXOTW774HerHL+fNMX3MN7isA7dy3jyJsEA2qEOcKen21RMqn9
rqbZRBZstq9JSBNYLinjVi36DeKQRmgAregflI/tlrGQSqBGSwiijFgCyGAYgjBi
rQ+PgkmQyiZWuxlixlrSw2cBxnpGPm0WEiaUGOypvFptpjrf92+ktq59Yj4vo6fK
d66OaBm+8ap9ZQiCcDEHLANQD4err3SJsJ2QBDVt7M1HCBzl7JziOYB7Y06EUTln
qeICzyUMx88EugH3/v6xsh8juO0GWfBThmpQ7Bm26UuuaMy6eygqNB8VNkfn
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org