Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QCjQHnJlP1zRh7OoIVA5knSW_E8.roa
File: QCjQHnJlP1zRh7OoIVA5knSW_E8.roa (raw, json)
Hash identifier: ybf/dVHJg32po5QEL+1MVo8Ayn19tDEBqQ3xA6g3ri4=
Subject key identifier: 40:28:D0:1E:72:65:3F:5C:D1:87:B3:A8:21:50:39:92:74:96:FC:4F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D64EAA739AFF93CB35A0E5FB1D419C102
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QCjQHnJlP1zRh7OoIVA5knSW_E8.roa
Signing time: Thu 01 Feb 2024 13:45:16 +0000
ROA not before: Thu 01 Feb 2024 13:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49055
IP address blocks: 147.45.208.0/22 maxlen: 24
147.45.212.0/22 maxlen: 24
147.45.216.0/22 maxlen: 22
147.45.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:ea:a7:39:af:f9:3c:b3:5a:0e:5f:b1:d4:19:c1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 1 13:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4028d01e72653f5cd187b3a8215039927496fc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:77:d3:ff:08:a3:53:be:d1:f6:0d:ed:88:4e:
08:48:61:e9:27:23:d4:86:00:db:28:9d:07:1e:69:
48:c8:26:47:bf:47:20:91:19:30:fc:32:6e:15:62:
22:2a:b9:a8:31:63:8f:18:82:43:47:19:50:11:ed:
ec:9b:69:c0:40:8c:cc:4b:c6:87:ae:f9:c5:4e:00:
3a:37:01:e5:73:f1:b7:c0:a4:7f:f9:00:3c:4b:28:
c5:25:31:41:4d:8d:ec:78:a2:6e:2a:37:7a:72:93:
1a:19:d8:97:40:1f:49:62:d3:0e:dc:5a:ea:8a:22:
99:9a:46:5f:a8:6d:98:97:91:3d:fb:37:07:a4:8d:
66:1a:ff:91:53:13:d9:76:44:cd:f4:4f:b8:7e:9b:
0a:51:0f:35:76:fc:be:a3:95:af:0b:38:67:8e:43:
b6:85:7c:11:20:ab:8d:5f:56:13:2f:4c:ef:af:eb:
eb:ae:d5:74:21:7c:e8:e6:04:74:c4:da:46:e5:34:
2e:41:e0:d0:b8:78:62:4f:29:d5:4d:7d:50:d2:4b:
03:eb:1b:76:8c:20:75:59:67:27:e1:f6:b6:46:4a:
ba:33:e0:9a:b6:f3:af:7c:7f:dc:d9:78:be:33:c0:
c3:08:7c:30:d0:f8:f2:0d:56:da:92:69:38:1b:2a:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:28:D0:1E:72:65:3F:5C:D1:87:B3:A8:21:50:39:92:74:96:FC:4F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/QCjQHnJlP1zRh7OoIVA5knSW_E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.208.0/20
Signature Algorithm: sha256WithRSAEncryption
60:fb:1d:1b:16:39:07:1f:07:f4:76:66:fd:91:8d:2e:86:cb:
de:a6:29:e0:c9:14:38:e5:e9:d2:75:81:13:f9:60:8d:3f:ab:
75:ea:2e:5b:47:0e:ff:5b:b4:f4:79:bf:fc:92:ae:40:ba:16:
89:0f:2f:ea:a6:44:d6:0e:16:04:8b:4f:09:6d:72:5d:ed:f2:
2e:d5:a1:32:dd:7c:1b:2a:6f:a5:0f:2d:a1:07:9c:76:cd:e6:
02:4c:17:60:ab:c7:bc:c6:c9:b0:86:a8:2c:aa:ba:36:44:50:
eb:43:71:e0:ea:cb:11:f8:67:dc:86:f1:82:9a:13:b1:40:01:
2a:82:05:70:62:cd:6c:30:3e:b3:9d:0b:e3:7e:1b:0e:f9:a4:
60:7c:87:53:9c:9a:e3:e2:0c:8e:5e:f5:1a:58:22:82:53:b1:
b3:c9:ac:a9:4c:92:e7:ab:d4:ee:d3:08:60:5e:be:df:6c:ee:
f1:f1:f9:ce:82:8a:b0:53:c0:66:36:02:41:bf:b2:52:27:53:
44:4b:fb:9c:dd:8c:d5:bc:b8:1d:1e:5f:88:c4:c2:cb:88:4a:
da:43:c3:13:86:cd:fc:1e:1d:47:d0:af:de:3a:2a:41:bc:2d:
e5:fb:e2:42:9a:ff:47:d6:c8:73:c5:43:0c:53:95:9b:51:6b:
b0:1a:5a:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1k6qc5r/k8s1oOX7HUGcECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjAxMTM0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI4ZDAxZTcyNjUzZjVjZDE4N2IzYTgyMTUwMzk5Mjc0OTZmYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nfT/wijU77R9g3tiE4ISGHpJyPU
hgDbKJ0HHmlIyCZHv0cgkRkw/DJuFWIiKrmoMWOPGIJDRxlQEe3sm2nAQIzMS8aH
rvnFTgA6NwHlc/G3wKR/+QA8SyjFJTFBTY3seKJuKjd6cpMaGdiXQB9JYtMO3Frq
iiKZmkZfqG2Yl5E9+zcHpI1mGv+RUxPZdkTN9E+4fpsKUQ81dvy+o5WvCzhnjkO2
hXwRIKuNX1YTL0zvr+vrrtV0IXzo5gR0xNpG5TQuQeDQuHhiTynVTX1Q0ksD6xt2
jCB1WWcn4fa2Rkq6M+CatvOvfH/c2Xi+M8DDCHww0PjyDVbakmk4GyoS9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAo0B5yZT9c0YezqCFQOZJ0lvxPMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUUNqUUhuSmxQMXpSaDdPb0lWQTVrblNXX0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEky3QMA0G
CSqGSIb3DQEBCwUAA4IBAQBg+x0bFjkHHwf0dmb9kY0uhsvepingyRQ45enSdYET
+WCNP6t16i5bRw7/W7T0eb/8kq5AuhaJDy/qpkTWDhYEi08JbXJd7fIu1aEy3Xwb
Km+lDy2hB5x2zeYCTBdgq8e8xsmwhqgsqro2RFDrQ3Hg6ssR+GfchvGCmhOxQAEq
ggVwYs1sMD6znQvjfhsO+aRgfIdTnJrj4gyOXvUaWCKCU7GzyaypTJLnq9Tu0whg
Xr7fbO7x8fnOgoqwU8BmNgJBv7JSJ1NES/uc3YzVvLgdHl+IxMLLiEraQ8MThs38
Hh1H0K/eOipBvC3l++JCmv9H1shzxUMMU5WbUWuwGlpF
-----END CERTIFICATE-----
Generated at Sun May 5 00:15:45 2024 by rpki-client on console-fra.rpki-client.org