Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/QaDaa1FP4ri-ilwzFzo3xJ49i7M.roa
File: QaDaa1FP4ri-ilwzFzo3xJ49i7M.roa (raw, json)
Hash identifier: xHgNMyJjCja3cwpzI80p/Wf0Yxct1m8byIggDqcT5QE=
Subject key identifier: 41:A0:DA:6B:51:4F:E2:B8:BE:8A:5C:33:17:3A:37:C4:9E:3D:8B:B3
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 018CC94DC68458C13856BD375D79A7175D25
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/QaDaa1FP4ri-ilwzFzo3xJ49i7M.roa
Signing time: Tue 02 Jan 2024 08:32:46 +0000
ROA not before: Tue 02 Jan 2024 08:32:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204650
IP address blocks: 185.110.253.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.mft
rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c6:84:58:c1:38:56:bd:37:5d:79:a7:17:5d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Jan 2 08:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a0da6b514fe2b8be8a5c33173a37c49e3d8bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5b:1a:2c:be:d5:a4:31:2e:a4:bc:b1:59:22:
73:87:27:b3:f3:a4:3c:14:1f:11:09:93:81:5d:0f:
04:92:25:eb:5e:87:aa:87:97:76:12:dc:be:0b:dd:
a5:8f:0e:9d:f2:d4:12:b6:16:26:d1:13:4a:99:af:
74:66:c1:97:87:19:32:91:c6:bf:0a:62:f3:f5:03:
1a:2e:88:ac:e4:eb:ce:3f:86:88:19:f0:51:a5:69:
a6:6f:21:d0:9f:69:21:9d:3c:8b:60:f0:5a:ec:2d:
ad:69:22:e8:4d:4b:c2:d3:b2:fb:ba:64:74:c8:da:
b9:28:8f:07:92:53:b0:fa:45:55:f3:e5:cb:dd:54:
63:7a:65:b8:22:aa:5c:5a:12:8c:60:86:72:c6:9f:
09:bb:25:db:eb:d0:9e:41:61:46:88:f0:45:7a:11:
23:a4:c5:76:ed:77:d4:e1:54:33:36:6b:6a:3b:a4:
8b:68:ba:58:e4:39:4d:5b:8d:be:e7:1a:13:f3:44:
3c:45:05:31:c4:e5:ab:ba:33:0f:1b:57:09:33:6a:
8e:07:bd:fd:19:64:9a:82:98:73:a4:44:04:27:c6:
b9:91:a4:2c:44:e7:c0:ac:b5:21:e1:43:2b:57:95:
7b:87:1f:dd:89:82:14:a7:93:53:8e:e5:14:d5:12:
8d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A0:DA:6B:51:4F:E2:B8:BE:8A:5C:33:17:3A:37:C4:9E:3D:8B:B3
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/QaDaa1FP4ri-ilwzFzo3xJ49i7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.253.0-185.110.254.255
185.118.154.0/24
185.119.164.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:02:51:4a:fe:69:f5:46:cd:1b:71:de:de:c4:36:9e:3e:c0:
42:3b:6b:a1:ed:a7:cb:f4:47:c4:41:d0:97:b9:3a:28:a1:a6:
be:13:67:7f:c9:0c:c5:20:07:df:05:d6:ba:37:0d:92:c7:28:
e3:94:f3:ab:b9:80:54:c2:af:a7:53:57:b4:15:34:be:22:80:
f5:29:1d:be:8f:6a:c8:82:b4:4b:b7:f2:2a:4b:13:de:7f:6e:
d2:6e:09:9f:26:bc:a3:7b:ab:5a:9d:27:b3:9a:e4:d0:36:c5:
dd:88:18:fb:13:a3:31:ed:ab:0a:1f:69:c3:f9:e8:64:88:38:
5a:38:d5:ad:1e:f5:2d:7a:55:68:95:c1:97:a8:a6:4f:4e:8d:
90:aa:00:7a:51:a8:a2:60:8f:ee:e7:7c:19:66:f0:90:2a:76:
1d:40:bd:80:1e:b7:87:89:81:e5:df:43:8b:fc:71:41:61:c9:
75:81:03:54:1c:1d:a4:25:1f:c1:a8:05:49:b7:4b:d8:cf:01:
99:20:59:c4:cf:a1:b3:ac:41:e6:15:49:c5:8b:59:e6:43:00:
a2:8f:60:ed:12:79:3c:95:fa:96:d1:0d:8f:ba:2c:72:90:81:
f5:10:96:1e:f2:55:6d:6b:1b:5b:4a:02:32:d4:77:01:27:b2:
9f:06:c7:74
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTcaEWME4Vr03XXmnF10lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjQwMTAyMDgzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWEwZGE2YjUxNGZlMmI4YmU4YTVjMzMxNzNhMzdjNDllM2Q4YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1saLL7VpDEupLyxWSJzhyez86Q8
FB8RCZOBXQ8EkiXrXoeqh5d2Ety+C92ljw6d8tQSthYm0RNKma90ZsGXhxkykca/
CmLz9QMaLois5OvOP4aIGfBRpWmmbyHQn2khnTyLYPBa7C2taSLoTUvC07L7umR0
yNq5KI8HklOw+kVV8+XL3VRjemW4IqpcWhKMYIZyxp8JuyXb69CeQWFGiPBFehEj
pMV27XfU4VQzNmtqO6SLaLpY5DlNW42+5xoT80Q8RQUxxOWrujMPG1cJM2qOB739
GWSagphzpEQEJ8a5kaQsROfArLUh4UMrV5V7hx/diYIUp5NTjuUU1RKNgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEGg2mtRT+K4vopcMxc6N8SePYuzMB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvUWFEYWExRlA0cmktaWx3ekZ6bzN4SjQ5aTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5bv0D
BAC5bv4DBAC5dpoDBAC5d6QwDQYJKoZIhvcNAQELBQADggEBAMECUUr+afVGzRtx
3t7ENp4+wEI7a6Htp8v0R8RB0Je5Oiihpr4TZ3/JDMUgB98F1ro3DZLHKOOU86u5
gFTCr6dTV7QVNL4igPUpHb6PasiCtEu38ipLE95/btJuCZ8mvKN7q1qdJ7Oa5NA2
xd2IGPsTozHtqwofacP56GSIOFo41a0e9S16VWiVwZeopk9OjZCqAHpRqKJgj+7n
fBlm8JAqdh1AvYAet4eJgeXfQ4v8cUFhyXWBA1QcHaQlH8GoBUm3S9jPAZkgWcTP
obOsQeYVScWLWeZDAKKPYO0SeTyV+pbRDY+6LHKQgfUQlh7yVW1rG1tKAjLUdwEn
sp8Gx3Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:04 2024 by rpki-client on console-ams.rpki-client.org