Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/dQhDG0xX-qThErXogqMiaL2Bf9I.roa
File: dQhDG0xX-qThErXogqMiaL2Bf9I.roa (raw, json)
Hash identifier: 6VrItchjVA3XiBywKvD5gKgXOe1f0uI2hvo6vWF12Uc=
Subject key identifier: 75:08:43:1B:4C:57:FA:A4:E1:12:B5:E8:82:A3:22:68:BD:81:7F:D2
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 018E61ABFC82119EEB69C7056AD3E0A12D48
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/dQhDG0xX-qThErXogqMiaL2Bf9I.roa
Signing time: Thu 21 Mar 2024 15:40:45 +0000
ROA not before: Thu 21 Mar 2024 15:40:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 185.226.56.0/23 maxlen: 23
185.226.58.0/23 maxlen: 23
194.179.138.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:ab:fc:82:11:9e:eb:69:c7:05:6a:d3:e0:a1:2d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Mar 21 15:40:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7508431b4c57faa4e112b5e882a32268bd817fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:a1:f9:98:35:57:d8:9a:ed:65:68:fd:02:
51:a7:78:e8:ac:e7:64:75:bb:0b:4f:2d:fb:fa:75:
5e:e7:6b:f4:ca:5d:83:f7:bc:71:77:6d:93:9e:ba:
87:f4:18:c7:79:e8:08:a0:a7:5a:d2:a1:79:d7:fd:
9f:7e:4a:ec:8e:f5:7d:40:e8:f6:bf:07:e3:54:31:
f8:41:51:ac:03:cd:d2:4f:8f:39:da:ac:eb:dc:77:
19:02:c1:9c:07:2b:be:07:28:12:11:a9:ee:ef:ba:
12:20:a4:24:e4:49:3b:e1:89:31:0b:a7:ce:0b:c9:
7a:0c:db:d6:3c:40:21:0e:73:47:ea:5e:6f:e1:cb:
4c:10:61:9d:cc:68:e9:da:7b:72:fa:6c:44:5c:90:
aa:69:9a:a1:6a:30:57:63:c2:22:0a:f0:27:82:ec:
8a:4b:4f:dd:08:b9:4d:44:2e:82:5c:66:7e:a3:e4:
ef:59:80:81:27:10:1b:67:a6:9a:20:70:ae:4a:cb:
10:10:67:78:cf:68:72:d9:19:c4:5c:24:af:da:4e:
9b:26:3d:ac:2c:a6:85:71:e2:a0:44:b3:a3:f7:2f:
f9:75:ed:af:29:74:53:38:a8:a5:81:c8:9c:8c:e4:
fb:b3:35:d2:1a:4b:5c:c9:85:84:35:f6:97:f2:4a:
7a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:08:43:1B:4C:57:FA:A4:E1:12:B5:E8:82:A3:22:68:BD:81:7F:D2
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/dQhDG0xX-qThErXogqMiaL2Bf9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.56.0/22
194.179.138.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:6c:aa:db:07:77:28:fa:d4:c8:1f:8e:72:ee:bd:cb:84:a8:
64:78:32:69:b2:23:23:c1:7b:5e:9f:00:39:1a:6c:8f:52:43:
ea:de:c4:ad:8e:e2:bf:14:e8:c6:36:33:ce:c0:2d:05:3d:3e:
18:26:bd:54:cc:b7:2d:06:f6:97:f8:f5:43:23:37:aa:65:b6:
86:7d:bb:3d:eb:e4:e2:b2:bb:e5:e8:e8:7c:de:4b:31:9f:a8:
ed:65:42:28:e2:62:54:68:cc:37:2e:ea:04:e0:25:45:22:82:
84:e7:b6:f5:2a:76:e8:23:84:18:27:35:d1:37:42:35:68:88:
1c:37:da:89:7c:76:18:1c:a6:ab:83:0f:28:33:9d:ac:df:27:
a1:09:53:bb:7b:1c:e0:da:16:a8:14:5e:56:35:83:13:6a:63:
25:d9:ac:15:8b:06:11:ba:74:d7:e6:73:29:7a:93:65:a8:59:
07:8c:9d:ac:45:79:f6:fa:72:92:f4:9e:e3:be:bd:f3:b4:dd:
54:bc:b3:68:6d:37:0d:53:40:b4:fa:76:ca:dd:e7:05:68:65:
ad:0d:72:d3:fb:06:7e:9f:9e:73:6c:79:fc:b6:68:b6:b6:c1:
55:ac:ab:d0:a6:8f:ee:b2:10:e0:5f:0e:08:c1:4d:5d:20:9b:
68:2f:f6:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5hq/yCEZ7raccFatPgoS1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwMzIxMTU0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA4NDMxYjRjNTdmYWE0ZTExMmI1ZTg4MmEzMjI2OGJkODE3ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4yh+Zg1V9ia7WVo/QJRp3jorOdk
dbsLTy37+nVe52v0yl2D97xxd22TnrqH9BjHeegIoKda0qF51/2ffkrsjvV9QOj2
vwfjVDH4QVGsA83ST4852qzr3HcZAsGcByu+BygSEanu77oSIKQk5Ek74YkxC6fO
C8l6DNvWPEAhDnNH6l5v4ctMEGGdzGjp2nty+mxEXJCqaZqhajBXY8IiCvAnguyK
S0/dCLlNRC6CXGZ+o+TvWYCBJxAbZ6aaIHCuSssQEGd4z2hy2RnEXCSv2k6bJj2s
LKaFceKgRLOj9y/5de2vKXRTOKilgcicjOT7szXSGktcyYWENfaX8kp6lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUIQxtMV/qk4RK16IKjImi9gX/SMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvZFFoREcweFgtcVRoRXJYb2dxTWlhTDJCZjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCueI4AwQB
wrOKMA0GCSqGSIb3DQEBCwUAA4IBAQB/bKrbB3co+tTIH45y7r3LhKhkeDJpsiMj
wXtenwA5GmyPUkPq3sStjuK/FOjGNjPOwC0FPT4YJr1UzLctBvaX+PVDIzeqZbaG
fbs96+Tisrvl6Oh83ksxn6jtZUIo4mJUaMw3LuoE4CVFIoKE57b1KnboI4QYJzXR
N0I1aIgcN9qJfHYYHKargw8oM52s3yehCVO7exzg2haoFF5WNYMTamMl2awViwYR
unTX5nMpepNlqFkHjJ2sRXn2+nKS9J7jvr3ztN1UvLNobTcNU0C0+nbK3ecFaGWt
DXLT+wZ+n55zbHn8tmi2tsFVrKvQpo/ushDgXw4IwU1dIJtoL/Yz
-----END CERTIFICATE-----
Generated at Mon May 20 15:12:23 2024 by rpki-client on console-ams.rpki-client.org