Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa
File: q63C4-F5cpElsxeScoQ7IMuoiLk.roa (raw, json)
Hash identifier: 4WSkozW5imcQdr8V2+qUWIK2jDaqCEwY8C/srLuRqdg=
Subject key identifier: AB:AD:C2:E3:E1:79:72:91:25:B3:17:92:72:84:3B:20:CB:A8:88:B9
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018CC56DE69F408121EA04E0155C8405B0A5
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.169.181.0/24 maxlen: 24
185.174.22.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e6:9f:40:81:21:ea:04:e0:15:5c:84:05:b0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abadc2e3e179729125b3179272843b20cba888b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:ae:29:2a:88:34:06:79:94:60:42:62:31:
8b:ae:a8:52:8b:cc:72:85:37:f4:c5:46:ab:32:25:
0e:2d:64:bb:20:a9:5e:2c:9d:45:4a:33:25:5b:c2:
51:6e:dc:99:57:28:b0:71:c4:2f:72:fc:d0:89:29:
29:2d:0a:4c:c4:00:6b:f3:17:fa:61:b4:74:96:0f:
72:ad:08:40:7e:c7:e6:9c:d2:6b:92:c8:21:96:dc:
ac:d0:fa:c0:65:68:68:24:7a:dc:16:71:81:06:37:
3c:7a:36:46:e3:a3:a9:0d:f1:6b:7d:55:81:43:8a:
fb:b5:22:09:60:14:15:98:af:40:ab:50:1b:78:a6:
29:4f:d4:d7:17:53:e2:34:5a:f2:98:b4:79:16:1e:
9b:ab:78:1e:96:93:5f:6f:6a:8d:d5:df:0c:5e:9e:
ce:f8:31:a4:7a:40:bc:e8:52:f1:c5:b4:eb:f8:75:
9c:9a:da:f7:5c:1d:3f:f6:e4:8c:15:64:4c:45:66:
c7:ed:23:d0:0b:6c:40:6f:e3:bd:85:93:23:04:e8:
29:54:fc:8b:6b:4c:93:c5:5c:5f:68:6e:94:d3:c7:
43:26:39:ff:69:e7:f2:a1:dc:bd:b6:67:8a:ae:a4:
6d:de:56:0b:0d:b6:e2:5d:e5:cf:ea:4b:72:ed:9b:
5b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AD:C2:E3:E1:79:72:91:25:B3:17:92:72:84:3B:20:CB:A8:88:B9
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/q63C4-F5cpElsxeScoQ7IMuoiLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.181.0/24
185.174.22.0/23
Signature Algorithm: sha256WithRSAEncryption
79:1b:f1:ec:41:50:b9:2e:7a:2b:bc:f8:aa:5d:ae:d2:82:2b:
4f:9d:de:81:4c:21:35:70:51:27:ff:42:93:e0:b1:40:1b:16:
87:1f:6e:12:9b:a6:ad:e0:c8:31:f7:c4:c4:73:3a:30:65:30:
2a:0b:6d:f8:82:e4:88:d4:4d:c7:59:b5:b4:3e:e3:f5:00:e6:
5d:e5:dc:b3:e5:ed:76:4f:b9:26:1f:f2:5f:11:d3:2c:24:d2:
69:26:40:67:05:6e:18:4a:5a:39:1e:ab:df:f6:2c:45:13:c2:
b3:95:8a:44:16:98:01:2f:02:78:a0:ef:ec:b7:b3:0c:38:c1:
f9:10:34:5d:e5:88:da:10:17:b0:f2:bb:df:23:c6:c9:8d:64:
73:fd:92:20:2c:4d:1b:99:3b:cf:23:90:fb:08:2c:55:15:b4:
c8:00:b2:45:57:30:ea:1c:a1:37:55:f3:e6:0a:6d:9d:ef:2e:
28:55:df:da:55:82:01:4f:35:86:91:19:4a:ba:18:3e:f6:c9:
7c:98:2d:cd:13:70:58:f7:fe:01:33:d7:ff:3f:51:e5:d0:a7:
62:9b:20:fd:48:f2:52:c9:12:76:0b:08:df:aa:7a:c3:a3:d9:
51:bb:1e:fc:c6:b0:7e:d2:46:d8:df:7e:a9:5d:90:03:79:12:
67:55:0f:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbeafQIEh6gTgFVyEBbClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFkYzJlM2UxNzk3MjkxMjViMzE3OTI3Mjg0M2IyMGNiYTg4OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiuuKSqINAZ5lGBCYjGLrqhSi8xy
hTf0xUarMiUOLWS7IKleLJ1FSjMlW8JRbtyZVyiwccQvcvzQiSkpLQpMxABr8xf6
YbR0lg9yrQhAfsfmnNJrksghltys0PrAZWhoJHrcFnGBBjc8ejZG46OpDfFrfVWB
Q4r7tSIJYBQVmK9Aq1AbeKYpT9TXF1PiNFrymLR5Fh6bq3gelpNfb2qN1d8MXp7O
+DGkekC86FLxxbTr+HWcmtr3XB0/9uSMFWRMRWbH7SPQC2xAb+O9hZMjBOgpVPyL
a0yTxVxfaG6U08dDJjn/aefyody9tmeKrqRt3lYLDbbiXeXP6kty7ZtbUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKutwuPheXKRJbMXknKEOyDLqIi5MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvcTYzQzQtRjVjcEVsc3hlU2NvUTdJTXVvaUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuam1AwQB
ua4WMA0GCSqGSIb3DQEBCwUAA4IBAQB5G/HsQVC5LnorvPiqXa7SgitPnd6BTCE1
cFEn/0KT4LFAGxaHH24Sm6at4Mgx98TEczowZTAqC234guSI1E3HWbW0PuP1AOZd
5dyz5e12T7kmH/JfEdMsJNJpJkBnBW4YSlo5Hqvf9ixFE8KzlYpEFpgBLwJ4oO/s
t7MMOMH5EDRd5YjaEBew8rvfI8bJjWRz/ZIgLE0bmTvPI5D7CCxVFbTIALJFVzDq
HKE3VfPmCm2d7y4oVd/aVYIBTzWGkRlKuhg+9sl8mC3NE3BY9/4BM9f/P1Hl0Kdi
myD9SPJSyRJ2CwjfqnrDo9lRux78xrB+0kbY336pXZADeRJnVQ8W
-----END CERTIFICATE-----
Generated at Sun May 19 20:58:38 2024 by rpki-client on console-ams.rpki-client.org