Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q5sTPlMRq-9ewVXKByXYY8-kL7U.roa
File: Q5sTPlMRq-9ewVXKByXYY8-kL7U.roa (raw, json)
Hash identifier: uMXG8wrZkzExMDCfZZiU2V/PfIKBpDNtDRBA9pajLyw=
Subject key identifier: 43:9B:13:3E:53:11:AB:EF:5E:C1:55:CA:07:25:D8:63:CF:A4:2F:B5
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012E5CC30C0F96A7ACCC4F1A642A3C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q5sTPlMRq-9ewVXKByXYY8-kL7U.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60066
IP address blocks: 159.148.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2e:5c:c3:0c:0f:96:a7:ac:cc:4f:1a:64:2a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=439b133e5311abef5ec155ca0725d863cfa42fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:fa:e0:32:85:84:5a:52:c7:cd:45:9a:83:
85:69:69:43:ff:38:07:c3:eb:5a:46:20:fc:29:34:
d2:82:0d:80:34:00:c5:6e:4b:17:50:15:90:36:79:
d6:95:d9:7c:33:bf:b5:09:be:97:c9:d9:a0:c8:d9:
59:92:8e:88:7f:64:d9:b6:3c:51:a6:fa:fd:63:03:
a0:24:b2:d5:d1:72:09:86:9a:94:58:fb:f3:31:37:
36:cc:12:12:b1:a7:a5:cc:27:c8:26:9d:7e:4d:ea:
0c:b7:cb:07:39:98:08:3f:ef:71:13:0a:7a:9f:4d:
ae:3b:5d:7f:50:f3:51:7e:d4:64:ed:2a:01:d7:02:
86:45:29:6c:58:58:b4:56:ad:68:fd:28:4b:8c:3e:
de:86:09:07:1d:df:42:41:d4:00:a8:2c:f7:e3:1e:
51:65:ef:91:c7:73:3e:03:b0:56:c2:25:82:97:dd:
a3:e4:34:f0:c0:f2:58:f0:b6:92:1b:c0:a3:67:d5:
8b:48:d3:c3:d5:ad:fd:03:d2:43:fe:02:be:a3:ee:
c9:77:9c:52:46:ac:26:d6:90:de:a7:1f:d3:05:99:
39:19:7e:7f:b5:a0:6a:d4:cc:ae:10:e1:4d:34:c2:
31:68:1c:48:52:1a:9c:cb:0f:30:02:f8:ba:08:f4:
19:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9B:13:3E:53:11:AB:EF:5E:C1:55:CA:07:25:D8:63:CF:A4:2F:B5
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q5sTPlMRq-9ewVXKByXYY8-kL7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.119.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6e:2b:65:8c:38:8b:20:e5:4b:dd:75:31:87:8e:a1:d5:69:
78:0c:ba:93:ed:19:d7:cc:44:dc:0e:e2:ce:09:b4:11:8f:cb:
0d:ca:0b:37:cc:44:63:c2:e9:9c:f1:8d:87:40:4d:8b:4f:24:
69:08:06:47:ee:63:f8:ba:76:fa:14:54:4d:b1:a5:e3:d8:f7:
72:ec:7d:b0:1c:28:18:35:76:0b:8e:ad:83:d4:f8:99:47:23:
4c:97:77:59:aa:8f:93:02:64:82:da:f2:85:3d:f4:d3:42:70:
f5:b4:31:7e:da:74:7c:f1:7a:f5:1b:01:3c:bc:3d:37:ba:4d:
88:50:04:cc:9b:d7:8e:5c:38:b5:d6:af:68:e1:39:72:9a:2f:
13:44:26:da:86:b7:b9:83:96:c7:38:64:f4:e7:a7:7f:90:38:
a3:6c:1d:4b:79:a5:ef:51:3d:db:85:31:f7:c1:0d:9b:61:f7:
a6:7a:2a:66:84:a1:d2:18:00:52:f8:08:45:66:91:a9:6e:3d:
86:6d:bc:3a:f3:8d:85:a6:12:ea:07:d6:79:be:0b:ec:09:ed:
84:ee:14:84:3d:86:1d:c3:f5:4f:5e:c4:1e:74:b0:2f:97:c5:
2a:07:2c:cd:a8:e5:92:56:35:fe:91:66:5b:93:16:f6:7e:86:
c1:18:e5:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAS5cwwwPlqeszE8aZCo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzliMTMzZTUzMTFhYmVmNWVjMTU1Y2EwNzI1ZDg2M2NmYTQyZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinz64DKFhFpSx81FmoOFaWlD/zgH
w+taRiD8KTTSgg2ANADFbksXUBWQNnnWldl8M7+1Cb6XydmgyNlZko6If2TZtjxR
pvr9YwOgJLLV0XIJhpqUWPvzMTc2zBISsaelzCfIJp1+TeoMt8sHOZgIP+9xEwp6
n02uO11/UPNRftRk7SoB1wKGRSlsWFi0Vq1o/ShLjD7ehgkHHd9CQdQAqCz34x5R
Ze+Rx3M+A7BWwiWCl92j5DTwwPJY8LaSG8CjZ9WLSNPD1a39A9JD/gK+o+7Jd5xS
Rqwm1pDepx/TBZk5GX5/taBq1MyuEOFNNMIxaBxIUhqcyw8wAvi6CPQZPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEObEz5TEavvXsFVygcl2GPPpC+1MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUTVzVFBsTVJxLTlld1ZYS0J5WFlZOC1rTDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5R3MA0G
CSqGSIb3DQEBCwUAA4IBAQCEbitljDiLIOVL3XUxh46h1Wl4DLqT7RnXzETcDuLO
CbQRj8sNygs3zERjwumc8Y2HQE2LTyRpCAZH7mP4unb6FFRNsaXj2Pdy7H2wHCgY
NXYLjq2D1PiZRyNMl3dZqo+TAmSC2vKFPfTTQnD1tDF+2nR88Xr1GwE8vD03uk2I
UATMm9eOXDi11q9o4Tlymi8TRCbahre5g5bHOGT056d/kDijbB1LeaXvUT3bhTH3
wQ2bYfemeipmhKHSGABS+AhFZpGpbj2Gbbw6842FphLqB9Z5vgvsCe2E7hSEPYYd
w/VPXsQedLAvl8UqByzNqOWSVjX+kWZbkxb2fobBGOW5
-----END CERTIFICATE-----
Generated at Wed May 1 19:35:53 2024 by rpki-client on console-fra.rpki-client.org