Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/QOvsNui5MHgvA5lxkksHaQ7a1_o.roa
File: QOvsNui5MHgvA5lxkksHaQ7a1_o.roa (raw, json)
Hash identifier: Qf7PpTeoo7zRBeBbcvkwzFb3poJfFnNwZAySPDQyKZg=
Subject key identifier: 40:EB:EC:36:E8:B9:30:78:2F:03:99:71:92:4B:07:69:0E:DA:D7:FA
Certificate issuer: /CN=8f3012474e6aa1b36b42064dd175b30ed822e735
Certificate serial: 018CC56E277C9A51E8926B7B57B8748E7BD8
Authority key identifier: 8F:30:12:47:4E:6A:A1:B3:6B:42:06:4D:D1:75:B3:0E:D8:22:E7:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzASR05qobNrQgZN0XWzDtgi5zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/QOvsNui5MHgvA5lxkksHaQ7a1_o.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205843
IP address blocks: 185.158.205.0/24 maxlen: 24
2a10:2140::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/jzASR05qobNrQgZN0XWzDtgi5zU.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/jzASR05qobNrQgZN0XWzDtgi5zU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jzASR05qobNrQgZN0XWzDtgi5zU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:27:7c:9a:51:e8:92:6b:7b:57:b8:74:8e:7b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3012474e6aa1b36b42064dd175b30ed822e735
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ebec36e8b930782f039971924b07690edad7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:89:84:e2:05:d4:4f:e5:70:b4:cd:17:37:c9:
65:f7:cf:2f:27:3e:54:20:62:63:98:ac:cd:fb:08:
83:9a:48:74:43:bc:fc:02:45:92:e7:b3:09:6a:6a:
48:d9:44:fd:6f:10:4b:05:8c:f8:c7:91:02:e4:9c:
de:2f:4f:67:10:12:2f:cf:72:ae:ca:6e:4e:81:85:
99:25:17:8d:11:ea:f4:66:fc:00:6e:f3:56:3b:69:
52:64:ec:af:58:12:8c:98:5d:f8:f0:89:6c:15:18:
bb:5d:27:39:54:00:a2:eb:0d:f6:eb:e5:bc:7f:54:
b2:9c:51:34:c1:e2:e1:fe:a7:00:24:05:87:37:e9:
6a:ec:55:0c:36:5e:32:c2:a3:da:18:fb:ec:af:02:
32:42:50:47:fe:f2:e3:68:d6:bb:37:23:d7:09:ea:
88:e8:4a:11:49:83:70:e4:b1:ae:ff:32:df:d4:37:
52:d2:7e:47:da:78:de:07:19:90:16:90:14:b3:22:
87:93:dd:62:ae:e3:d3:ee:9d:0f:ed:82:6b:4b:aa:
57:5e:36:e8:e7:1b:ad:0e:ba:f9:a0:79:94:98:d3:
e2:fe:fc:e2:3e:18:e4:c4:f1:9d:1c:7d:a9:04:dd:
1e:23:c2:2d:d0:88:2f:e2:88:c9:d5:82:28:77:55:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EB:EC:36:E8:B9:30:78:2F:03:99:71:92:4B:07:69:0E:DA:D7:FA
X509v3 Authority Key Identifier:
keyid:8F:30:12:47:4E:6A:A1:B3:6B:42:06:4D:D1:75:B3:0E:D8:22:E7:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzASR05qobNrQgZN0XWzDtgi5zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/QOvsNui5MHgvA5lxkksHaQ7a1_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/41ebbf-80ca-41e1-b1cc-ca378e52930c/1/jzASR05qobNrQgZN0XWzDtgi5zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.205.0/24
IPv6:
2a10:2140::/29
Signature Algorithm: sha256WithRSAEncryption
10:24:b4:ec:bc:de:44:e7:66:eb:e0:1c:88:16:1a:a2:ab:b7:
2d:5c:df:d4:e5:9e:ad:eb:60:96:6c:01:f8:44:4a:98:25:18:
8f:9e:cc:eb:94:d1:9f:dd:f1:3f:d1:09:0c:fd:12:db:fc:ab:
f3:d8:a1:4f:31:87:65:c3:64:85:d2:a2:3c:fb:a4:4d:b6:4e:
8f:ea:d5:fc:77:7b:63:b0:e4:e0:e4:94:5d:24:ab:1f:95:53:
55:d5:4c:3d:8d:09:f0:12:ba:c1:ee:49:6c:da:d8:c5:29:6d:
e0:24:3c:7a:00:39:eb:68:e7:c1:d6:e4:29:c3:3f:91:98:c5:
24:94:fa:b3:aa:19:48:4c:45:08:e0:21:d7:a8:06:aa:ff:61:
95:2d:67:5d:49:59:42:a5:ce:ca:24:67:ff:bc:48:b6:75:75:
4c:df:2f:78:44:7e:81:1b:f7:89:3f:c2:82:07:d1:a6:1b:81:
df:42:7f:0a:c1:bc:26:84:98:7b:15:d6:90:32:0e:ca:dd:2b:
69:3c:3f:db:5b:2a:91:e7:5d:27:84:af:d1:8f:74:47:ec:1f:
37:90:0b:72:42:07:bd:8d:49:86:01:3b:3c:7c:e4:21:e4:89:
32:f8:c6:84:11:2d:de:fb:23:29:ae:f7:79:6b:06:b9:d7:7d:
73:e6:98:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbid8mlHokmt7V7h0jnvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAxMjQ3NGU2YWExYjM2YjQyMDY0ZGQxNzViMzBlZDgy
MmU3MzUwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGViZWMzNmU4YjkzMDc4MmYwMzk5NzE5MjRiMDc2OTBlZGFkN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYmE4gXUT+VwtM0XN8ll988vJz5U
IGJjmKzN+wiDmkh0Q7z8AkWS57MJampI2UT9bxBLBYz4x5EC5JzeL09nEBIvz3Ku
ym5OgYWZJReNEer0ZvwAbvNWO2lSZOyvWBKMmF348IlsFRi7XSc5VACi6w326+W8
f1SynFE0weLh/qcAJAWHN+lq7FUMNl4ywqPaGPvsrwIyQlBH/vLjaNa7NyPXCeqI
6EoRSYNw5LGu/zLf1DdS0n5H2njeBxmQFpAUsyKHk91iruPT7p0P7YJrS6pXXjbo
5xutDrr5oHmUmNPi/vziPhjkxPGdHH2pBN0eI8It0Igv4ojJ1YIod1UuuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDr7DbouTB4LwOZcZJLB2kO2tf6MB8GA1UdIwQY
MBaAFI8wEkdOaqGza0IGTdF1sw7YIuc1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBU1IwNXFvYk5yUWdaTjBYV3pEdGdpNXpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MWViYmYtODBjYS00MWUxLWIxY2Mt
Y2EzNzhlNTI5MzBjLzEvUU92c051aTVNSGd2QTVseGtrc0hhUTdhMV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MWViYmYtODBjYS00MWUxLWIxY2MtY2EzNzhlNTI5MzBj
LzEvanpBU1IwNXFvYk5yUWdaTjBYV3pEdGdpNXpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ7NMA0E
AgACMAcDBQMqECFAMA0GCSqGSIb3DQEBCwUAA4IBAQAQJLTsvN5E52br4ByIFhqi
q7ctXN/U5Z6t62CWbAH4REqYJRiPnszrlNGf3fE/0QkM/RLb/Kvz2KFPMYdlw2SF
0qI8+6RNtk6P6tX8d3tjsOTg5JRdJKsflVNV1Uw9jQnwErrB7kls2tjFKW3gJDx6
ADnraOfB1uQpwz+RmMUklPqzqhlITEUI4CHXqAaq/2GVLWddSVlCpc7KJGf/vEi2
dXVM3y94RH6BG/eJP8KCB9GmG4HfQn8KwbwmhJh7FdaQMg7K3StpPD/bWyqR510n
hK/Rj3RH7B83kAtyQge9jUmGATs8fOQh5Iky+MaEES3e+yMprvd5awa5131z5phZ
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:45:51 2024 by rpki-client on console-fra.rpki-client.org