Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/QFmmF7BjBfnLNUYSXdIUlZu2_xk.roa
File: QFmmF7BjBfnLNUYSXdIUlZu2_xk.roa (raw, json)
Hash identifier: rMu0MGlsVb7+dts9UDl1CjNtj7LWrds+PhBkuYRsDO8=
Subject key identifier: 40:59:A6:17:B0:63:05:F9:CB:35:46:12:5D:D2:14:95:9B:B6:FF:19
Certificate issuer: /CN=a566d8337776c98746bd231e69e185db2a9a5be2
Certificate serial: 018CC34922A6E361FC3099B8FFDF548AEDAE
Authority key identifier: A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/QFmmF7BjBfnLNUYSXdIUlZu2_xk.roa
Signing time: Mon 01 Jan 2024 04:29:59 +0000
ROA not before: Mon 01 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208608
IP address blocks: 45.91.204.0/22 maxlen: 24
45.128.17.0/24 maxlen: 24
45.128.16.0/22 maxlen: 24
2a0e:1540::/29 maxlen: 48
2a0e:3bc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:22:a6:e3:61:fc:30:99:b8:ff:df:54:8a:ed:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a566d8337776c98746bd231e69e185db2a9a5be2
Validity
Not Before: Jan 1 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4059a617b06305f9cb3546125dd214959bb6ff19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7a:d9:b5:ed:11:ae:83:75:ea:e4:21:87:0f:
e4:da:8b:b8:82:4b:5e:07:c9:9b:86:2c:61:a3:78:
4a:be:1f:10:24:8f:a5:3d:14:3a:8e:c6:9a:75:38:
64:d1:d1:45:0b:98:0c:e0:3d:50:5c:07:3b:ae:5f:
52:f6:1d:8b:20:e8:e4:00:b1:e5:1d:3b:6c:a9:ad:
3b:c8:b5:91:ac:e5:9c:9c:e4:e8:a6:af:d3:b1:d7:
f2:24:7c:2a:8f:3d:ff:d9:c7:86:9c:85:58:3d:38:
7e:6d:3d:73:7a:19:28:96:5e:c2:1e:37:b1:74:11:
81:aa:90:cf:0a:6c:92:1d:ed:2b:ff:d4:a9:6e:e2:
5c:09:81:30:b6:37:20:b1:13:4f:3d:dc:9c:62:a7:
0b:e2:c7:8e:34:ab:ab:d5:14:cf:38:47:2c:e4:24:
22:ab:71:47:16:be:76:d3:50:a5:12:5a:bf:26:ea:
ec:2c:26:ff:b9:45:a8:95:79:48:fe:72:89:97:aa:
00:67:cd:f8:84:e4:fe:32:8a:ea:6d:60:ca:66:8f:
3b:99:38:50:07:c9:b8:08:c0:d2:d6:04:6e:7c:51:
02:e8:cb:39:cf:3d:bf:46:a0:3b:af:d0:57:24:84:
0e:e2:6d:7e:cd:83:67:4b:5e:1e:eb:d5:b9:7f:fe:
99:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:59:A6:17:B0:63:05:F9:CB:35:46:12:5D:D2:14:95:9B:B6:FF:19
X509v3 Authority Key Identifier:
keyid:A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/QFmmF7BjBfnLNUYSXdIUlZu2_xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.204.0/22
45.128.16.0/22
IPv6:
2a0e:1540::/29
2a0e:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:e0:a6:b3:53:ab:00:3c:e1:4e:65:3d:b0:3d:d2:33:b5:f9:
5c:9a:02:c9:c5:9c:c9:b8:4e:9b:02:8b:b8:26:50:cc:6a:2b:
15:02:8f:0e:50:17:a8:87:e1:99:04:1e:f2:35:af:99:9d:1c:
76:01:cc:53:33:07:f8:ff:89:3f:87:b2:db:7a:a4:e8:1f:1d:
3f:fb:e5:8a:dc:77:8f:21:80:6f:cf:c9:95:bb:49:23:36:ba:
a5:6f:fe:37:b5:7e:ab:83:6f:96:a7:eb:30:a6:2a:f4:60:56:
4f:77:84:34:5d:9e:2f:df:16:e4:8f:2b:07:71:ea:91:d8:6b:
55:7f:58:30:fa:ab:bf:8b:44:5b:84:f5:bc:ce:09:16:3d:11:
25:cb:93:a6:1c:c2:f7:c9:0d:93:39:39:93:fb:29:25:ba:01:
a6:a4:11:cb:55:11:5a:2a:36:fd:63:26:99:7d:8e:d6:55:a8:
f4:10:60:c9:f1:71:73:5d:eb:03:cd:20:b4:06:ad:0c:ff:f9:
21:ec:ac:81:1e:47:64:72:8a:64:04:f2:5f:76:a3:50:22:82:
26:62:e0:77:46:8b:a6:d9:59:2e:8e:31:51:ed:95:4d:32:46:
36:b5:6a:dd:e9:90:c2:bf:c1:f1:5e:98:27:f0:85:a8:18:1c:
b5:61:f3:7b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDSSKm42H8MJm4/99Uiu2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjZkODMzNzc3NmM5ODc0NmJkMjMxZTY5ZTE4NWRiMmE5
YTViZTIwHhcNMjQwMTAxMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU5YTYxN2IwNjMwNWY5Y2IzNTQ2MTI1ZGQyMTQ5NTliYjZmZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHrZte0RroN16uQhhw/k2ou4gkte
B8mbhixho3hKvh8QJI+lPRQ6jsaadThk0dFFC5gM4D1QXAc7rl9S9h2LIOjkALHl
HTtsqa07yLWRrOWcnOTopq/TsdfyJHwqjz3/2ceGnIVYPTh+bT1zehkoll7CHjex
dBGBqpDPCmySHe0r/9SpbuJcCYEwtjcgsRNPPdycYqcL4seONKur1RTPOEcs5CQi
q3FHFr5201ClElq/JursLCb/uUWolXlI/nKJl6oAZ834hOT+MorqbWDKZo87mThQ
B8m4CMDS1gRufFEC6Ms5zz2/RqA7r9BXJIQO4m1+zYNnS14e69W5f/6ZQwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEBZphewYwX5yzVGEl3SFJWbtv8ZMB8GA1UdIwQY
MBaAFKVm2DN3dsmHRr0jHmnhhdsqmlviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgt
MWI3NTg2N2U4ZGZmLzEvUUZtbUY3QmpCZm5MTlVZU1hkSVVsWnUyX3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgtMWI3NTg2N2U4ZGZm
LzEvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVvMAwQC
LYAQMBQEAgACMA4DBQMqDhVAAwUDKg47wDANBgkqhkiG9w0BAQsFAAOCAQEAHeCm
s1OrADzhTmU9sD3SM7X5XJoCycWcybhOmwKLuCZQzGorFQKPDlAXqIfhmQQe8jWv
mZ0cdgHMUzMH+P+JP4ey23qk6B8dP/vlitx3jyGAb8/JlbtJIza6pW/+N7V+q4Nv
lqfrMKYq9GBWT3eENF2eL98W5I8rB3HqkdhrVX9YMPqrv4tEW4T1vM4JFj0RJcuT
phzC98kNkzk5k/spJboBpqQRy1URWio2/WMmmX2O1lWo9BBgyfFxc13rA80gtAat
DP/5IeysgR5HZHKKZATyX3ajUCKCJmLgd0aLptlZLo4xUe2VTTJGNrVq3emQwr/B
8V6YJ/CFqBgctWHzew==
-----END CERTIFICATE-----
Generated at Thu Jul 4 15:51:44 2024 by rpki-client on console-ams.rpki-client.org