Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Qq06t8oRAKrhsdIgx7O3NJgZ4L4.roa
File: Qq06t8oRAKrhsdIgx7O3NJgZ4L4.roa (raw, json)
Hash identifier: RAupgYPGgzPNwA8kS3bgCQOaD24zRAxF8Ap4h+NsKxQ=
Subject key identifier: 42:AD:3A:B7:CA:11:00:AA:E1:B1:D2:20:C7:B3:B7:34:98:19:E0:BE
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 019026DA88DDB09E7A56FA817FAEE409030E
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Qq06t8oRAKrhsdIgx7O3NJgZ4L4.roa
Signing time: Mon 17 Jun 2024 15:39:34 +0000
ROA not before: Mon 17 Jun 2024 15:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.197.240.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/24 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:da:88:dd:b0:9e:7a:56:fa:81:7f:ae:e4:09:03:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jun 17 15:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42ad3ab7ca1100aae1b1d220c7b3b7349819e0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:83:5e:71:93:3d:ab:aa:3f:9d:64:a4:47:c0:
ac:96:5d:0e:fa:0a:db:d3:e3:f8:c6:c4:b3:9a:af:
dc:8f:79:47:4b:4b:d9:62:93:b5:6c:de:d8:a4:7c:
07:25:40:eb:a9:fc:27:60:7d:0d:53:d5:8a:bc:4f:
7e:53:09:05:5e:82:16:07:5f:de:6e:86:e6:bc:9a:
03:2d:96:ca:56:6a:ce:1c:96:83:9c:ef:9f:36:ef:
67:94:fb:c1:92:50:8d:53:e5:d6:cc:7e:16:dd:3b:
08:aa:d3:97:28:59:03:62:cc:6e:de:d9:75:08:db:
68:8c:e7:4d:db:e3:dd:cc:8d:26:e2:be:2f:8e:fc:
49:01:c8:5f:36:be:15:31:32:89:5d:85:1e:2f:e5:
3a:d6:23:6e:f6:31:da:4c:68:b3:dc:77:1f:87:53:
8d:7c:c1:92:61:8d:5b:ce:f4:a2:49:0f:51:68:c6:
06:bc:68:53:09:53:c4:6b:ca:aa:7c:66:cc:61:0f:
4d:5a:7d:a7:03:df:5f:e6:b3:d1:73:89:a8:09:d0:
13:82:54:be:f8:3b:d4:94:bf:6f:0b:e1:44:f9:c3:
83:ba:fd:03:ce:d1:eb:0e:53:50:1a:59:e5:73:80:
f6:27:2c:72:60:fd:d2:15:81:1b:8d:a7:0e:51:99:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AD:3A:B7:CA:11:00:AA:E1:B1:D2:20:C7:B3:B7:34:98:19:E0:BE
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Qq06t8oRAKrhsdIgx7O3NJgZ4L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.75.140.0/22
185.117.18.0/24
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.227.0.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
97:d9:7d:8b:61:94:c9:85:7b:17:0b:e1:39:da:06:9c:eb:f8:
74:ed:40:de:bd:da:c8:3b:b9:4d:75:9f:1e:d2:00:30:4e:4b:
19:86:f9:6f:1f:f0:a6:8f:f3:5b:b6:99:38:f0:c8:69:9c:cb:
cb:7f:35:de:74:ce:9c:25:99:03:78:cf:00:16:3d:f6:96:a8:
fa:38:f8:98:eb:86:f3:7c:00:de:e3:51:4b:93:99:4a:37:47:
ac:2c:1b:10:45:00:3e:e1:a7:95:8e:eb:13:79:cd:c8:ed:7b:
cb:c3:46:19:2a:11:d3:1a:4b:88:4f:66:8d:c7:e0:9c:82:b9:
77:0d:97:31:7f:e3:22:55:6e:6d:ce:9c:b3:45:d4:8b:a7:55:
2b:c6:74:35:85:1d:61:48:68:c5:db:56:46:79:f3:de:0a:5a:
e4:f6:b2:4e:ef:9f:61:8a:fb:04:63:b4:6c:90:cf:85:3a:d2:
63:a8:3f:1c:a3:98:ca:e3:be:8c:d2:b0:c7:80:3d:17:be:27:
12:74:f5:4a:be:54:6b:4b:f3:b0:b0:e9:e5:36:79:ce:36:4f:
42:1f:4d:dd:ed:55:73:bd:c8:ba:93:43:9f:84:e2:5f:c6:a8:
71:2b:9e:32:98:49:cf:a9:26:e0:ad:9c:10:fa:b6:64:40:63:
5e:88:fb:16
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZAm2ojdsJ56VvqBf67kCQMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNjE3MTUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmFkM2FiN2NhMTEwMGFhZTFiMWQyMjBjN2IzYjczNDk4MTllMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oNecZM9q6o/nWSkR8Csll0O+grb
0+P4xsSzmq/cj3lHS0vZYpO1bN7YpHwHJUDrqfwnYH0NU9WKvE9+UwkFXoIWB1/e
bobmvJoDLZbKVmrOHJaDnO+fNu9nlPvBklCNU+XWzH4W3TsIqtOXKFkDYsxu3tl1
CNtojOdN2+PdzI0m4r4vjvxJAchfNr4VMTKJXYUeL+U61iNu9jHaTGiz3Hcfh1ON
fMGSYY1bzvSiSQ9RaMYGvGhTCVPEa8qqfGbMYQ9NWn2nA99f5rPRc4moCdATglS+
+DvUlL9vC+FE+cODuv0DztHrDlNQGlnlc4D2JyxyYP3SFYEbjacOUZmD6QIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFEKtOrfKEQCq4bHSIMeztzSYGeC+MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvUXEwNnQ4b1JBS3Joc2RJZ3g3TzNOSmdaNEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBnQQCAAEwgZYDBAAl
EE4DBAMl61gDBAItD8wDBAItisADBAMuHXgDBAJV0NgDBABb1OwDBABb5YgDBAJe
nrQDBANtxfADBAK5H5QDBAK5J6gDBAK5S4wDBAC5dRIDBAK5oSwDBAC5p0wDBAK5
tQQDBAK52tQDBAK54wADBAC59hoDBAK59mADBAK5/JwDBADCfrIDBALDWnQDBADD
vhswMwQCAAIwLTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFmAC4DBQAqAiHI
AwUDKgmMQDANBgkqhkiG9w0BAQsFAAOCAQEAl9l9i2GUyYV7FwvhOdoGnOv4dO1A
3r3ayDu5TXWfHtIAME5LGYb5bx/wpo/zW7aZOPDIaZzLy3813nTOnCWZA3jPABY9
9pao+jj4mOuG83wA3uNRS5OZSjdHrCwbEEUAPuGnlY7rE3nNyO17y8NGGSoR0xpL
iE9mjcfgnIK5dw2XMX/jIlVubc6cs0XUi6dVK8Z0NYUdYUhoxdtWRnnz3gpa5Pay
Tu+fYYr7BGO0bJDPhTrSY6g/HKOYyuO+jNKwx4A9F74nEnT1Sr5Ua0vzsLDp5TZ5
zjZPQh9N3e1Vc73IupNDn4TiX8aocSueMphJz6km4K2cEPq2ZEBjXoj7Fg==
-----END CERTIFICATE-----
Generated at Thu Jul 4 03:45:53 2024 by rpki-client on console.sobornost.net