Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/QH873RJVvKAWXwllCCJIDVOzgFc.roa
File: QH873RJVvKAWXwllCCJIDVOzgFc.roa (raw, json)
Hash identifier: /Ft7kWa5G4as6guiuZOnOC2rXcP3azK4nNwJMX400YQ=
Subject key identifier: 40:7F:3B:DD:12:55:BC:A0:16:5F:09:65:08:22:48:0D:53:B3:80:57
Certificate issuer: /CN=c1bc9eff2dbfd54425ae6d709b84e48c1f05fc3e
Certificate serial: 018CC8011E37CAD62A6C0CC0E6533073B8D0
Authority key identifier: C1:BC:9E:FF:2D:BF:D5:44:25:AE:6D:70:9B:84:E4:8C:1F:05:FC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbye_y2_1UQlrm1wm4TkjB8F_D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/QH873RJVvKAWXwllCCJIDVOzgFc.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51621
IP address blocks: 185.217.130.0/24 maxlen: 24
2a12:1580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/wbye_y2_1UQlrm1wm4TkjB8F_D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/wbye_y2_1UQlrm1wm4TkjB8F_D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wbye_y2_1UQlrm1wm4TkjB8F_D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1e:37:ca:d6:2a:6c:0c:c0:e6:53:30:73:b8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bc9eff2dbfd54425ae6d709b84e48c1f05fc3e
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=407f3bdd1255bca0165f09650822480d53b38057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:4e:89:a9:e3:8d:da:e9:88:27:12:42:8c:
21:85:ca:4e:58:0a:85:c2:f2:0a:10:78:6f:a8:9e:
e4:87:15:a1:e7:70:7c:3a:a7:9f:7e:fd:e9:32:78:
15:99:02:cd:b4:33:d3:d8:15:4c:73:0f:5f:81:6e:
56:8e:21:2c:4b:65:0d:e0:b7:5e:44:3f:5d:90:7c:
c4:5a:25:e7:bd:5d:57:0d:9e:86:f9:58:d6:a4:bb:
14:4f:b8:70:32:28:84:6d:ee:d1:93:84:3b:15:12:
73:e5:0c:fe:c7:e6:80:99:3a:e6:7f:d5:0a:55:39:
df:b0:b2:d1:52:ce:28:61:d6:b4:08:a7:61:64:07:
9b:0e:29:3a:d4:9a:38:51:07:28:72:69:bf:70:fd:
eb:ef:03:1b:98:a5:29:ed:ee:f3:e4:62:67:26:4e:
3e:1a:3d:42:7e:a0:c1:fd:18:3a:db:cb:ab:fd:8e:
5e:98:84:31:77:d2:51:4a:4f:26:a8:05:b9:29:09:
94:6b:59:c9:65:50:ef:75:39:9b:9c:1f:bb:60:57:
c6:b2:79:79:87:00:20:06:98:e1:b6:96:58:99:5a:
a8:62:98:8a:77:6b:00:7b:f9:85:92:78:73:22:0d:
2b:52:4b:0c:84:b7:30:cd:65:a7:d4:27:6f:5d:67:
b2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7F:3B:DD:12:55:BC:A0:16:5F:09:65:08:22:48:0D:53:B3:80:57
X509v3 Authority Key Identifier:
keyid:C1:BC:9E:FF:2D:BF:D5:44:25:AE:6D:70:9B:84:E4:8C:1F:05:FC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbye_y2_1UQlrm1wm4TkjB8F_D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/QH873RJVvKAWXwllCCJIDVOzgFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2cf0d5-e25e-48a5-bbe6-1f41df69e98c/1/wbye_y2_1UQlrm1wm4TkjB8F_D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.130.0/24
IPv6:
2a12:1580::/29
Signature Algorithm: sha256WithRSAEncryption
15:e8:94:ad:14:e2:89:e5:06:3b:af:4a:d1:86:8c:c9:e6:cf:
15:dd:47:f3:a2:d2:b7:2f:19:00:ca:2f:1c:6e:8a:33:1f:22:
0c:8c:61:50:92:b8:fd:41:42:b3:b5:af:2f:d6:8f:f7:e4:0f:
a6:eb:c2:ad:0c:e2:5a:26:65:65:0b:8a:34:31:84:55:d4:97:
49:fb:6b:5a:71:13:01:e3:8e:2e:bf:fe:a2:bd:37:2d:40:57:
ca:59:1a:22:39:a0:17:65:fc:73:1c:fa:32:cb:ee:08:ca:eb:
73:cb:c7:0b:98:7a:b7:23:54:00:f9:07:9f:5a:67:da:be:69:
ab:02:9e:76:54:4b:bb:67:40:eb:52:ac:a1:e2:4c:49:6d:4a:
fa:68:12:12:c9:46:3a:d6:27:52:64:14:ec:3b:7d:e3:de:db:
0a:1d:ad:48:8e:bd:8c:3b:16:65:ae:58:4e:13:9a:15:eb:79:
f2:63:4c:26:0d:ef:a9:2d:80:86:99:e9:28:88:a7:22:9d:72:
ca:13:6a:4e:d5:c2:55:29:14:60:7b:6f:fa:35:25:62:c1:d8:
13:68:2e:0d:51:32:57:31:26:ee:4d:5d:84:49:dc:c3:07:aa:
f7:7e:1e:41:f0:93:67:c7:63:49:8e:7c:54:72:75:ac:f1:3a:
5a:51:06:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAR43ytYqbAzA5lMwc7jQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmM5ZWZmMmRiZmQ1NDQyNWFlNmQ3MDliODRlNDhjMWYw
NWZjM2UwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdmM2JkZDEyNTViY2EwMTY1ZjA5NjUwODIyNDgwZDUzYjM4MDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKVOianjjdrpiCcSQowhhcpOWAqF
wvIKEHhvqJ7khxWh53B8Oqeffv3pMngVmQLNtDPT2BVMcw9fgW5WjiEsS2UN4Lde
RD9dkHzEWiXnvV1XDZ6G+VjWpLsUT7hwMiiEbe7Rk4Q7FRJz5Qz+x+aAmTrmf9UK
VTnfsLLRUs4oYda0CKdhZAebDik61Jo4UQcocmm/cP3r7wMbmKUp7e7z5GJnJk4+
Gj1CfqDB/Rg628ur/Y5emIQxd9JRSk8mqAW5KQmUa1nJZVDvdTmbnB+7YFfGsnl5
hwAgBpjhtpZYmVqoYpiKd2sAe/mFknhzIg0rUksMhLcwzWWn1CdvXWeyOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEB/O90SVbygFl8JZQgiSA1Ts4BXMB8GA1UdIwQY
MBaAFMG8nv8tv9VEJa5tcJuE5IwfBfw+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2J5ZV95Ml8xVVFscm0xd200VGtqQjhGX0Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yY2YwZDUtZTI1ZS00OGE1LWJiZTYt
MWY0MWRmNjllOThjLzEvUUg4NzNSSlZ2S0FXWHdsbENDSklEVk96Z0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yY2YwZDUtZTI1ZS00OGE1LWJiZTYtMWY0MWRmNjllOThj
LzEvd2J5ZV95Ml8xVVFscm0xd200VGtqQjhGX0Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudmCMA0E
AgACMAcDBQMqEhWAMA0GCSqGSIb3DQEBCwUAA4IBAQAV6JStFOKJ5QY7r0rRhozJ
5s8V3UfzotK3LxkAyi8cboozHyIMjGFQkrj9QUKzta8v1o/35A+m68KtDOJaJmVl
C4o0MYRV1JdJ+2tacRMB444uv/6ivTctQFfKWRoiOaAXZfxzHPoyy+4Iyutzy8cL
mHq3I1QA+QefWmfavmmrAp52VEu7Z0DrUqyh4kxJbUr6aBISyUY61idSZBTsO33j
3tsKHa1Ijr2MOxZlrlhOE5oV63nyY0wmDe+pLYCGmekoiKcinXLKE2pO1cJVKRRg
e2/6NSViwdgTaC4NUTJXMSbuTV2ESdzDB6r3fh5B8JNnx2NJjnxUcnWs8TpaUQay
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:11:34 2024 by rpki-client on console-ams.rpki-client.org