Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/Qc2SQI2e87X_MO2Hv2NGGDAatbs.roa
File: Qc2SQI2e87X_MO2Hv2NGGDAatbs.roa (raw, json)
Hash identifier: neft4z+vPcRpl1o/fB9ObkkZpp/JPiiTXLDSbbFn3YI=
Subject key identifier: 41:CD:92:40:8D:9E:F3:B5:FF:30:ED:87:BF:63:46:18:30:1A:B5:BB
Certificate issuer: /CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Certificate serial: 018CC8030308EC7726FEC6C40F93BB3D9A46
Authority key identifier: F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/Qc2SQI2e87X_MO2Hv2NGGDAatbs.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15752
IP address blocks: 149.177.176.0/22 maxlen: 22
149.177.180.0/22 maxlen: 22
149.177.192.0/22 maxlen: 22
149.177.212.0/22 maxlen: 22
149.177.216.0/22 maxlen: 22
149.177.224.0/21 maxlen: 21
149.177.128.0/23 maxlen: 23
149.177.130.0/23 maxlen: 23
149.177.148.0/23 maxlen: 23
149.177.150.0/23 maxlen: 23
149.177.152.0/23 maxlen: 23
149.177.154.0/23 maxlen: 23
149.177.164.0/23 maxlen: 23
149.177.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 19:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:03:08:ec:77:26:fe:c6:c4:0f:93:bb:3d:9a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41cd92408d9ef3b5ff30ed87bf634618301ab5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a2:88:10:cc:ea:7e:bb:db:fe:82:ed:1a:72:
18:26:e7:76:df:d1:42:37:98:63:e1:9e:0b:5b:09:
b7:21:cd:64:1c:e8:62:8b:39:37:1d:c5:99:63:d9:
1b:3d:80:ee:a8:47:28:87:cb:09:1c:68:28:b7:09:
72:7f:9b:8b:a5:d9:d4:95:2b:25:dc:1b:4a:c6:dd:
4f:56:32:f8:20:72:dc:f9:f1:c4:48:bd:9d:6c:e2:
b8:6c:17:a1:ff:51:ac:a8:22:33:5f:cc:6c:06:85:
f2:82:5c:a6:79:db:6f:7f:24:cb:77:d3:45:33:f4:
51:d2:bc:b4:cc:49:75:09:0d:6e:45:16:ab:75:2b:
4f:27:d7:f6:cd:ea:31:28:ae:0b:a9:e0:3b:f4:29:
07:78:33:93:6a:0b:ef:8f:c9:24:64:f9:97:81:e0:
99:a6:c5:8a:e5:e5:35:7e:ce:70:18:ff:43:13:9e:
aa:df:52:a2:18:c7:80:5d:b9:28:9c:f6:ea:21:61:
03:ee:54:3d:d2:5e:f6:a0:89:6a:46:52:e7:57:9a:
95:1e:8f:ce:b7:bd:0a:39:13:9b:34:b9:31:ee:64:
5a:8a:7a:c3:e5:12:8b:97:f4:16:1b:07:ee:1c:a7:
7f:0c:27:18:60:74:35:4f:be:95:31:9f:69:1a:46:
85:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CD:92:40:8D:9E:F3:B5:FF:30:ED:87:BF:63:46:18:30:1A:B5:BB
X509v3 Authority Key Identifier:
keyid:F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/Qc2SQI2e87X_MO2Hv2NGGDAatbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.177.128.0/22
149.177.148.0-149.177.155.255
149.177.164.0/22
149.177.176.0/21
149.177.192.0/22
149.177.212.0-149.177.219.255
149.177.224.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:25:f7:40:c6:1b:27:c3:82:c1:b6:51:9a:90:76:e2:d7:25:
59:99:a3:63:35:95:13:74:88:b6:e6:17:0a:4d:b6:01:8c:bb:
d0:16:62:0f:84:52:9c:17:93:58:21:73:66:db:c1:2b:c9:52:
37:59:0b:b9:c0:e5:0b:b8:c5:cb:8a:31:46:d9:3e:af:3a:81:
ba:bf:8a:60:c1:5f:ad:23:1a:b7:eb:9c:64:65:2f:b2:7e:d8:
06:12:53:14:61:f9:af:e1:9a:39:5e:b2:a3:10:0f:95:9b:46:
42:60:79:2c:16:c0:1f:38:00:25:d2:55:54:0d:25:6c:72:03:
1b:73:1a:1e:8b:22:fa:e9:27:50:88:1a:aa:2c:09:ae:ff:04:
87:58:5d:40:db:66:5a:22:df:96:c6:0a:14:ac:ee:67:35:b8:
65:83:41:ca:fc:16:65:50:a2:c8:97:ac:a1:4b:81:8a:ec:9a:
a7:bb:3d:51:fb:b5:47:73:d3:75:ba:49:7b:24:c3:be:34:01:
f9:ed:61:f3:53:38:2f:45:ff:42:17:cb:11:72:7d:94:5f:c8:
f4:fa:b5:79:c4:73:d6:ef:ec:7d:a1:24:89:a5:0e:c1:67:56:
8c:af:67:e7:f1:06:b6:28:dd:da:da:19:61:4e:92:5f:67:6b:
6d:8f:40:72
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIAwMI7Hcm/sbED5O7PZpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDYwZDY1NTRkNTgxZWJiODBlMzllNDUwMTVjZDdkMzZk
OTNmNjYwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNkOTI0MDhkOWVmM2I1ZmYzMGVkODdiZjYzNDYxODMwMWFiNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6KIEMzqfrvb/oLtGnIYJud239FC
N5hj4Z4LWwm3Ic1kHOhiizk3HcWZY9kbPYDuqEcoh8sJHGgotwlyf5uLpdnUlSsl
3BtKxt1PVjL4IHLc+fHESL2dbOK4bBeh/1GsqCIzX8xsBoXyglymedtvfyTLd9NF
M/RR0ry0zEl1CQ1uRRardStPJ9f2zeoxKK4LqeA79CkHeDOTagvvj8kkZPmXgeCZ
psWK5eU1fs5wGP9DE56q31KiGMeAXbkonPbqIWED7lQ90l72oIlqRlLnV5qVHo/O
t70KORObNLkx7mRainrD5RKLl/QWGwfuHKd/DCcYYHQ1T76VMZ9pGkaFOQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEHNkkCNnvO1/zDth79jRhgwGrW7MB8GA1UdIwQY
MBaAFPRGDWVU1YHruA455FAVzX022T9mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVZTlpWVFZnZXU0RGpua1VCWE5mVGJaUDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80NTVmNTYtMWU2Zi00NjdkLWI3MTEt
ZWJkZjM4YjAwOTVjLzEvUWMyU1FJMmU4N1hfTU8ySHYyTkdHREFhdGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi80NTVmNTYtMWU2Zi00NjdkLWI3MTEtZWJkZjM4YjAwOTVj
LzEvOUVZTlpWVFZnZXU0RGpua1VCWE5mVGJaUDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQClbGAMAwD
BAKVsZQDBAKVsZgDBAKVsaQDBAOVsbADBAKVscAwDAMEApWx1AMEApWx2AMEA5Wx
4DANBgkqhkiG9w0BAQsFAAOCAQEAXyX3QMYbJ8OCwbZRmpB24tclWZmjYzWVE3SI
tuYXCk22AYy70BZiD4RSnBeTWCFzZtvBK8lSN1kLucDlC7jFy4oxRtk+rzqBur+K
YMFfrSMat+ucZGUvsn7YBhJTFGH5r+GaOV6yoxAPlZtGQmB5LBbAHzgAJdJVVA0l
bHIDG3MaHosi+uknUIgaqiwJrv8Eh1hdQNtmWiLflsYKFKzuZzW4ZYNByvwWZVCi
yJesoUuBiuyap7s9Ufu1R3PTdbpJeyTDvjQB+e1h81M4L0X/QhfLEXJ9lF/I9Pq1
ecRz1u/sfaEkiaUOwWdWjK9n5/EGtijd2toZYU6SX2drbY9Acg==
-----END CERTIFICATE-----
Generated at Fri Jun 21 03:19:31 2024 by rpki-client on console-ams.rpki-client.org