Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/QqOcztrtgf0x_ZRyuu2elSiPXJ4.roa
File: QqOcztrtgf0x_ZRyuu2elSiPXJ4.roa (raw, json)
Hash identifier: dEapw2ZJjWhH0oMqYF3Iv4FOtWYwXO5zN7LkEBsSaKM=
Subject key identifier: 42:A3:9C:CE:DA:ED:81:FD:31:FD:94:72:BA:ED:9E:95:28:8F:5C:9E
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 018CC72771B045C26368288440785EE9F4A5
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/QqOcztrtgf0x_ZRyuu2elSiPXJ4.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51407
IP address blocks: 37.122.159.0/24 maxlen: 24
37.122.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:71:b0:45:c2:63:68:28:84:40:78:5e:e9:f4:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42a39ccedaed81fd31fd9472baed9e95288f5c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:75:c8:5c:0d:72:f5:58:50:91:7b:30:4e:
96:47:c1:97:04:d8:0a:0e:e2:53:b4:65:41:2e:ff:
5a:3a:b5:83:48:d5:2e:dd:2f:25:15:1b:6d:f0:c4:
01:9b:ca:8a:79:ee:10:d4:d7:53:ed:24:33:31:39:
92:24:5a:c9:11:ed:30:f3:62:0c:d9:fa:23:6e:5e:
54:b7:43:e9:07:88:91:b0:02:68:9a:97:73:6c:18:
2c:5c:a4:6a:ae:4c:20:6f:32:77:01:3e:3e:fa:01:
c0:a8:30:02:21:70:ec:93:3f:2a:d5:14:85:7f:5e:
f4:4a:2a:53:87:82:d3:57:d1:6a:07:31:de:e0:08:
87:5d:84:05:12:2e:f0:55:c2:cc:a0:87:63:16:80:
54:4b:2e:5c:3d:c1:ea:6f:f1:43:16:c7:85:2f:1f:
76:4a:6e:72:68:63:29:7e:fe:e2:e4:c8:e9:5d:9b:
47:9f:53:1c:d0:fe:b9:fd:69:9e:b6:1f:44:76:d8:
3f:51:0e:68:13:7d:85:ec:47:c4:36:81:f7:70:00:
2c:08:16:a7:ce:c9:93:7e:37:80:30:34:2e:28:e8:
c8:9e:1f:48:cc:0e:2b:b4:61:1b:c6:8c:e2:2c:bd:
ce:4b:39:41:f0:39:22:fd:f7:ce:ae:b7:e5:d3:f4:
ca:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A3:9C:CE:DA:ED:81:FD:31:FD:94:72:BA:ED:9E:95:28:8F:5C:9E
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/QqOcztrtgf0x_ZRyuu2elSiPXJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.158.0/23
Signature Algorithm: sha256WithRSAEncryption
07:6a:fa:15:87:84:77:92:4b:ad:b4:53:93:b8:8b:5d:b6:a0:
d8:31:19:11:e2:7b:02:b8:85:7b:6f:c8:ee:0d:59:ea:8c:de:
a2:4a:71:14:81:8d:12:0e:7f:c4:a5:d8:67:27:4a:91:9d:35:
17:2c:ba:fd:ba:18:61:9f:61:fa:a0:bf:52:a0:eb:ec:26:ed:
66:0c:14:ce:99:32:f6:7c:1a:df:af:1d:b7:b4:de:ed:70:43:
06:23:e8:c3:56:4b:9d:96:c9:fc:9e:86:0d:be:a9:1d:ec:c1:
ee:e7:48:32:8f:9b:ff:93:f7:4c:17:a5:b9:0f:ba:85:ad:f6:
78:0a:87:71:ad:54:22:2a:7b:1c:ad:a3:68:bf:fc:3f:a3:c8:
5d:9d:73:e6:33:f0:06:09:90:dc:09:3f:17:ea:68:e2:26:87:
23:1e:f1:38:ef:6d:ef:18:8a:b5:c5:bb:65:ec:5e:9f:50:df:
c5:df:ec:7e:f4:04:31:e5:4c:78:d1:d2:24:20:ff:ff:62:7b:
ef:e5:62:91:d5:d2:6d:f8:20:7b:41:3a:4e:f5:4f:a2:90:4d:
de:45:84:ec:87:d0:a1:1b:93:05:8d:bc:5f:96:40:1c:0d:42:
77:20:6e:47:28:2d:56:8c:19:35:e8:8a:f4:7d:8b:09:a8:82:
f1:48:6a:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3GwRcJjaCiEQHhe6fSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTc3MjViMGE2MDVkNGRkY2M0NjRiNzBkY2IzYTE2MmE1
ZjA1NWIwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmEzOWNjZWRhZWQ4MWZkMzFmZDk0NzJiYWVkOWU5NTI4OGY1YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIR1yFwNcvVYUJF7ME6WR8GXBNgK
DuJTtGVBLv9aOrWDSNUu3S8lFRtt8MQBm8qKee4Q1NdT7SQzMTmSJFrJEe0w82IM
2fojbl5Ut0PpB4iRsAJompdzbBgsXKRqrkwgbzJ3AT4++gHAqDACIXDskz8q1RSF
f170SipTh4LTV9FqBzHe4AiHXYQFEi7wVcLMoIdjFoBUSy5cPcHqb/FDFseFLx92
Sm5yaGMpfv7i5MjpXZtHn1Mc0P65/Wmeth9Edtg/UQ5oE32F7EfENoH3cAAsCBan
zsmTfjeAMDQuKOjInh9IzA4rtGEbxoziLL3OSzlB8Dki/ffOrrfl0/TKKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKjnM7a7YH9Mf2UcrrtnpUoj1yeMB8GA1UdIwQY
MBaAFEtXclsKYF1N3MRktw3LOhYqXwVbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFkeVd3cGdYVTNjeEdTM0RjczZGaXBmQlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lMDA1YzItYWZmYS00NThmLWFhZjgt
OGFmNTZlNzMzNjAwLzEvUXFPY3p0cnRnZjB4X1pSeXV1MmVsU2lQWEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lMDA1YzItYWZmYS00NThmLWFhZjgtOGFmNTZlNzMzNjAw
LzEvUzFkeVd3cGdYVTNjeEdTM0RjczZGaXBmQlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJXqeMA0G
CSqGSIb3DQEBCwUAA4IBAQAHavoVh4R3kkuttFOTuItdtqDYMRkR4nsCuIV7b8ju
DVnqjN6iSnEUgY0SDn/EpdhnJ0qRnTUXLLr9uhhhn2H6oL9SoOvsJu1mDBTOmTL2
fBrfrx23tN7tcEMGI+jDVkudlsn8noYNvqkd7MHu50gyj5v/k/dMF6W5D7qFrfZ4
CodxrVQiKnscraNov/w/o8hdnXPmM/AGCZDcCT8X6mjiJocjHvE4723vGIq1xbtl
7F6fUN/F3+x+9AQx5Ux40dIkIP//Ynvv5WKR1dJt+CB7QTpO9U+ikE3eRYTsh9Ch
G5MFjbxflkAcDUJ3IG5HKC1WjBk16Ir0fYsJqILxSGrc
-----END CERTIFICATE-----
Generated at Sat Jun 22 20:56:26 2024 by rpki-client on console-ams.rpki-client.org