Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/qINQYeBMFsOFpR3YYMcRoqT-uME.roa
File: qINQYeBMFsOFpR3YYMcRoqT-uME.roa (raw, json)
Hash identifier: AOxp588fgfXjHFLs1eWa0nEOa4GsUO8ZgVkeEwNZr2g=
Subject key identifier: A8:83:50:61:E0:4C:16:C3:85:A5:1D:D8:60:C7:11:A2:A4:FE:B8:C1
Certificate issuer: /CN=53f39d2f20e2d9b4f96cbd1337ea32da518d8ec8
Certificate serial: 018CC5014484ED4DDB60E747FC9DD28B6926
Authority key identifier: 53:F3:9D:2F:20:E2:D9:B4:F9:6C:BD:13:37:EA:32:DA:51:8D:8E:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_OdLyDi2bT5bL0TN-oy2lGNjsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/qINQYeBMFsOFpR3YYMcRoqT-uME.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58291
IP address blocks: 185.79.152.0/22 maxlen: 22
185.140.184.0/22 maxlen: 22
5.39.184.0/21 maxlen: 21
2a02:f640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/U_OdLyDi2bT5bL0TN-oy2lGNjsg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/U_OdLyDi2bT5bL0TN-oy2lGNjsg.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_OdLyDi2bT5bL0TN-oy2lGNjsg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:44:84:ed:4d:db:60:e7:47:fc:9d:d2:8b:69:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f39d2f20e2d9b4f96cbd1337ea32da518d8ec8
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8835061e04c16c385a51dd860c711a2a4feb8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:90:fc:13:cd:cf:56:ed:45:02:9f:ba:1a:
21:dd:74:0c:0a:0a:e9:a5:72:66:9d:b8:b0:8e:1d:
51:7e:e7:6b:47:eb:0c:84:9e:0c:70:e9:0b:70:3f:
b1:da:3b:45:f3:41:e9:2d:a8:af:01:07:a0:2c:83:
50:97:64:d6:a9:82:c2:d5:4c:08:3f:c5:11:21:23:
d6:0e:3a:05:01:79:ac:15:fa:9c:c3:ff:52:1f:ec:
ac:88:d6:17:57:8e:da:9a:2d:1e:d8:2b:5e:ba:89:
89:a4:15:63:61:12:97:79:52:26:ff:95:2f:f9:81:
7b:6a:54:dc:1c:f8:cb:44:59:63:cc:73:5c:c4:5b:
64:b3:0f:89:ca:b8:80:ac:2e:8d:3c:65:a9:7c:77:
e1:cc:f8:7a:f9:9d:24:34:39:b2:dd:33:bc:60:bf:
1e:4f:0a:c0:53:fe:2a:d5:df:80:8c:71:e5:65:49:
7c:28:1e:74:8b:a1:c9:3f:2c:b8:09:50:82:7c:37:
a1:48:37:60:64:e7:c6:0d:46:4c:94:49:5e:8d:05:
b6:c1:b9:ab:de:38:d6:22:50:b9:a9:71:fb:a3:3f:
5d:25:3a:12:40:a1:7a:bd:3a:f8:85:8a:75:67:f6:
c8:74:6a:0f:93:49:59:b5:a0:45:93:b2:10:10:2f:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:83:50:61:E0:4C:16:C3:85:A5:1D:D8:60:C7:11:A2:A4:FE:B8:C1
X509v3 Authority Key Identifier:
keyid:53:F3:9D:2F:20:E2:D9:B4:F9:6C:BD:13:37:EA:32:DA:51:8D:8E:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_OdLyDi2bT5bL0TN-oy2lGNjsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/qINQYeBMFsOFpR3YYMcRoqT-uME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1d8fca-b462-4313-a523-e411b43dc68a/1/U_OdLyDi2bT5bL0TN-oy2lGNjsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.184.0/21
185.79.152.0/22
185.140.184.0/22
IPv6:
2a02:f640::/29
Signature Algorithm: sha256WithRSAEncryption
31:e1:62:2b:82:9f:30:91:e4:1d:d0:e5:ef:1d:22:ad:4e:51:
8c:ad:a8:d1:47:19:58:38:3f:53:27:cd:f7:e0:23:e7:29:58:
41:23:cf:78:75:ce:bc:b8:98:0d:57:19:49:61:31:a8:5b:7b:
4d:f3:0e:53:93:f7:72:da:b0:40:9d:57:34:30:13:19:3e:04:
88:3f:33:c4:b7:d6:49:a5:8f:bc:75:ec:43:d5:9e:a7:eb:97:
f5:95:69:2d:f1:07:4b:96:e6:ad:6b:5e:8c:64:b2:54:15:76:
f0:3b:ba:93:b5:6e:ec:99:35:bb:f1:0e:57:57:c6:1f:49:cd:
82:8b:83:de:5e:2e:9b:c9:98:25:83:2d:09:3d:f1:39:48:0f:
03:bc:74:60:8a:56:87:1e:e6:5a:02:47:5e:75:b5:9d:97:92:
90:44:2f:9f:9a:06:d1:c2:bd:0f:ae:96:c2:74:8b:fc:50:ea:
69:cb:56:dc:13:5b:c3:84:2f:da:26:a5:83:95:69:25:27:8d:
fd:57:32:04:b0:38:7f:98:17:20:98:fd:91:a0:ff:86:ff:0b:
ad:35:b7:11:fe:f5:d8:46:72:15:30:d2:f7:70:71:5f:fa:26:
2c:bf:cb:ff:0c:5a:ef:05:76:1e:70:35:1a:7b:95:b8:a2:df:
73:e5:8d:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAUSE7U3bYOdH/J3Si2kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM5ZDJmMjBlMmQ5YjRmOTZjYmQxMzM3ZWEzMmRhNTE4
ZDhlYzgwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgzNTA2MWUwNGMxNmMzODVhNTFkZDg2MGM3MTFhMmE0ZmViOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvaQ/BPNz1btRQKfuhoh3XQMCgrp
pXJmnbiwjh1RfudrR+sMhJ4McOkLcD+x2jtF80HpLaivAQegLINQl2TWqYLC1UwI
P8URISPWDjoFAXmsFfqcw/9SH+ysiNYXV47ami0e2CteuomJpBVjYRKXeVIm/5Uv
+YF7alTcHPjLRFljzHNcxFtksw+JyriArC6NPGWpfHfhzPh6+Z0kNDmy3TO8YL8e
TwrAU/4q1d+AjHHlZUl8KB50i6HJPyy4CVCCfDehSDdgZOfGDUZMlElejQW2wbmr
3jjWIlC5qXH7oz9dJToSQKF6vTr4hYp1Z/bIdGoPk0lZtaBFk7IQEC+ENQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKiDUGHgTBbDhaUd2GDHEaKk/rjBMB8GA1UdIwQY
MBaAFFPznS8g4tm0+Wy9EzfqMtpRjY7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9PZEx5RGkyYlQ1YkwwVE4tb3kybEdOanNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xZDhmY2EtYjQ2Mi00MzEzLWE1MjMt
ZTQxMWI0M2RjNjhhLzEvcUlOUVllQk1Gc09GcFIzWVlNY1JvcVQtdU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xZDhmY2EtYjQ2Mi00MzEzLWE1MjMtZTQxMWI0M2RjNjhh
LzEvVV9PZEx5RGkyYlQ1YkwwVE4tb3kybEdOanNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSe4AwQC
uU+YAwQCuYy4MA0EAgACMAcDBQMqAvZAMA0GCSqGSIb3DQEBCwUAA4IBAQAx4WIr
gp8wkeQd0OXvHSKtTlGMrajRRxlYOD9TJ8334CPnKVhBI894dc68uJgNVxlJYTGo
W3tN8w5Tk/dy2rBAnVc0MBMZPgSIPzPEt9ZJpY+8dexD1Z6n65f1lWkt8QdLluat
a16MZLJUFXbwO7qTtW7smTW78Q5XV8YfSc2Ci4PeXi6byZglgy0JPfE5SA8DvHRg
ilaHHuZaAkdedbWdl5KQRC+fmgbRwr0PrpbCdIv8UOppy1bcE1vDhC/aJqWDlWkl
J439VzIEsDh/mBcgmP2RoP+G/wutNbcR/vXYRnIVMNL3cHFf+iYsv8v/DFrvBXYe
cDUae5W4ot9z5Y3j
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:51:03 2024 by rpki-client on console-ams.rpki-client.org