Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/QLfJn-FiXZ5EKMAJOaZHJ2yNKD0.roa
File: QLfJn-FiXZ5EKMAJOaZHJ2yNKD0.roa (raw, json)
Hash identifier: 75m8mYC5yUkgrNQhLaAJwF1W4PmotcogNRZG/kShYBM=
Subject key identifier: 40:B7:C9:9F:E1:62:5D:9E:44:28:C0:09:39:A6:47:27:6C:8D:28:3D
Certificate issuer: /CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Certificate serial: 018CC2DB2EC1473560B4A7B8F0CD14E5C86B
Authority key identifier: A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/QLfJn-FiXZ5EKMAJOaZHJ2yNKD0.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 46.16.166.0/24 maxlen: 24
46.16.161.0/24 maxlen: 24
46.16.160.0/24 maxlen: 24
46.16.160.0/23 maxlen: 23
46.16.164.0/24 maxlen: 24
91.197.140.0/24 maxlen: 24
91.197.140.0/22 maxlen: 22
91.197.141.0/24 maxlen: 24
91.197.143.0/24 maxlen: 24
91.197.142.0/23 maxlen: 23
91.197.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2e:c1:47:35:60:b4:a7:b8:f0:cd:14:e5:c8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b7c99fe1625d9e4428c00939a647276c8d283d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f5:f7:4b:3a:46:d4:11:df:3a:5d:aa:2b:56:
12:af:1c:f4:49:69:48:64:b6:03:ce:ec:d8:75:b9:
e4:bd:c2:db:8f:b5:ac:8f:7d:a1:0b:b7:2e:5c:d6:
d4:62:66:c7:67:ea:c2:29:10:ea:f2:08:81:65:3b:
09:55:9d:52:69:50:f7:4b:14:ac:ca:69:2c:5d:9d:
d3:0f:bf:fd:71:ad:df:75:a7:8e:42:32:19:fc:7a:
8f:27:c6:15:b8:51:e2:bf:66:c8:72:f0:fc:15:eb:
e2:4c:2c:57:d0:8b:7a:94:df:ce:79:89:68:ae:1e:
9d:f4:e1:90:b6:0b:f9:8a:a0:b0:bc:8f:c8:61:0f:
d7:60:23:93:3e:b8:c1:47:f5:87:5e:c4:c5:2a:68:
da:e8:c3:1b:86:fe:48:15:3e:e9:b4:bb:ae:87:90:
65:f1:5a:a6:91:67:01:ec:66:bd:b0:d2:85:32:ef:
41:a8:ed:13:87:78:8a:df:9e:bf:bd:ed:91:66:14:
0e:bc:74:ba:c2:2a:c5:0b:a9:c8:87:58:f8:67:33:
c2:4b:dd:a3:2c:80:d5:9f:af:b8:a0:c1:a9:15:e8:
c4:e9:5e:ed:ec:a1:ca:27:00:71:34:26:7f:ec:3e:
5a:f7:3b:10:51:ad:b7:96:2c:49:ae:62:4c:85:7d:
fd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B7:C9:9F:E1:62:5D:9E:44:28:C0:09:39:A6:47:27:6C:8D:28:3D
X509v3 Authority Key Identifier:
keyid:A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/QLfJn-FiXZ5EKMAJOaZHJ2yNKD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.160.0/23
46.16.164.0/24
46.16.166.0/24
91.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
21:64:58:56:2b:c3:de:73:d1:df:3f:aa:57:ce:af:09:6e:ee:
02:ea:e5:10:61:76:25:e3:5f:ce:b5:d7:0e:1b:70:47:03:e7:
ca:be:d2:e4:bd:03:2c:1f:e1:4e:73:e2:37:da:da:cb:d5:98:
a3:5a:cb:f3:7b:26:a7:ed:19:d8:ac:50:0e:6d:75:2e:9b:ad:
fc:db:c8:b3:e7:7a:d2:f9:bd:88:a3:ce:c3:46:e3:8b:60:72:
6c:6f:c7:d6:01:94:bb:0f:76:09:8f:e1:f6:89:99:c0:0d:4b:
8d:ba:b1:39:71:aa:e4:f1:b1:70:44:dc:e6:78:a8:93:e6:18:
e4:e3:97:e3:d2:71:3c:a8:cd:fa:49:72:83:95:08:e7:5d:62:
f2:dc:30:1f:63:0f:71:53:56:ca:fc:ca:76:82:3f:10:76:31:
79:b4:2a:a5:b8:6d:99:ec:54:94:7d:6e:7e:bc:65:7b:3b:56:
43:6d:ac:e9:50:39:44:ce:09:de:16:02:94:75:be:ac:8f:10:
fd:2a:28:df:b7:78:80:86:b5:9b:70:80:6b:11:b6:8d:f2:f4:
f6:90:ae:d7:97:d1:d1:c2:49:8d:7f:62:16:7f:a9:e8:bc:0c:
e8:e1:15:e5:4a:cb:fc:08:09:8d:f7:3b:57:c1:8d:9e:b3:6e:
c1:9a:53:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2y7BRzVgtKe48M0U5chrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OGZmOTIyOWVmZDhkMTJiNDI3M2YzNDZmOGM2NDU0ZWE1
ODdlY2MwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI3Yzk5ZmUxNjI1ZDllNDQyOGMwMDkzOWE2NDcyNzZjOGQyODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvX3SzpG1BHfOl2qK1YSrxz0SWlI
ZLYDzuzYdbnkvcLbj7Wsj32hC7cuXNbUYmbHZ+rCKRDq8giBZTsJVZ1SaVD3SxSs
ymksXZ3TD7/9ca3fdaeOQjIZ/HqPJ8YVuFHiv2bIcvD8FeviTCxX0It6lN/OeYlo
rh6d9OGQtgv5iqCwvI/IYQ/XYCOTPrjBR/WHXsTFKmja6MMbhv5IFT7ptLuuh5Bl
8VqmkWcB7Ga9sNKFMu9BqO0Th3iK356/ve2RZhQOvHS6wirFC6nIh1j4ZzPCS92j
LIDVn6+4oMGpFejE6V7t7KHKJwBxNCZ/7D5a9zsQUa23lixJrmJMhX39vQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEC3yZ/hYl2eRCjACTmmRydsjSg9MB8GA1UdIwQY
MBaAFKaP+SKe/Y0StCc/NG+MZFTqWH7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEt
MjI3ZTIxZTY5MWU3LzEvUUxmSm4tRmlYWjVFS01BSk9hWkhKMnlOS0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEtMjI3ZTIxZTY5MWU3
LzEvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhCgAwQA
LhCkAwQALhCmAwQCW8WMMA0GCSqGSIb3DQEBCwUAA4IBAQAhZFhWK8Pec9HfP6pX
zq8Jbu4C6uUQYXYl41/OtdcOG3BHA+fKvtLkvQMsH+FOc+I32trL1ZijWsvzeyan
7RnYrFAObXUum63828iz53rS+b2Io87DRuOLYHJsb8fWAZS7D3YJj+H2iZnADUuN
urE5cark8bFwRNzmeKiT5hjk45fj0nE8qM36SXKDlQjnXWLy3DAfYw9xU1bK/Mp2
gj8QdjF5tCqluG2Z7FSUfW5+vGV7O1ZDbazpUDlEzgneFgKUdb6sjxD9Kijft3iA
hrWbcIBrEbaN8vT2kK7Xl9HRwkmNf2IWf6novAzo4RXlSsv8CAmN9ztXwY2es27B
mlP0
-----END CERTIFICATE-----
Generated at Sun May 5 20:11:00 2024 by rpki-client on console-ams.rpki-client.org