Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/QnMV84HKL27f-lSUfSmYAvbxACE.roa
File: QnMV84HKL27f-lSUfSmYAvbxACE.roa (raw, json)
Hash identifier: AzNCXoR+p422F18+6dYF+oO4rVS5q1FE/ZRVN8vgsoI=
Subject key identifier: 42:73:15:F3:81:CA:2F:6E:DF:FA:54:94:7D:29:98:02:F6:F1:00:21
Certificate issuer: /CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Certificate serial: 018CC80173C82377E5878869F99732E9ED89
Authority key identifier: E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/QnMV84HKL27f-lSUfSmYAvbxACE.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 185.222.233.0/24 maxlen: 24
185.222.232.0/22 maxlen: 22
185.222.234.0/24 maxlen: 24
2a0d:800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:73:c8:23:77:e5:87:88:69:f9:97:32:e9:ed:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c137106c1a46aea07c24b11729fd7d216a24f5
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=427315f381ca2f6edffa54947d299802f6f10021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f8:f6:07:2e:c4:12:73:7a:3b:47:33:c5:d2:
0d:da:be:8c:18:1e:49:e3:84:89:38:62:fa:cc:05:
09:b1:2f:71:59:05:41:8f:2e:07:86:0e:c7:4d:94:
ce:18:65:b5:10:3c:d9:d0:6d:92:90:ab:1b:c8:88:
37:66:07:c1:30:48:65:45:86:91:85:a6:81:24:e2:
1c:4a:bd:c5:6f:c4:25:26:af:9e:d4:af:8d:17:6a:
34:7b:a5:a3:73:8f:ab:0e:57:4d:be:6e:e5:0f:68:
bd:c8:1b:8f:e4:62:a8:2c:64:0e:d6:5e:4d:03:b3:
f9:0c:61:60:3b:95:7a:b2:41:a2:53:73:f2:b8:75:
27:31:7d:a8:e2:55:fa:d6:49:b0:f3:38:02:67:1f:
99:49:0b:25:82:de:97:2b:d4:e6:90:ed:95:1a:a8:
c9:14:a8:ee:f9:48:e7:74:af:f0:53:ac:ed:f0:10:
f9:01:c7:d3:55:7e:f3:37:5b:01:28:9e:32:e8:57:
58:a5:85:2c:64:53:51:65:b1:e7:a9:34:d7:78:de:
93:c5:3e:7f:96:de:48:c5:d6:03:ea:24:2e:23:c9:
dd:58:e6:b4:1f:22:bd:4f:4d:9d:33:ba:e7:15:a1:
69:49:00:b4:e9:11:f8:a6:d5:a2:ec:9e:c1:0a:0e:
a6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:73:15:F3:81:CA:2F:6E:DF:FA:54:94:7D:29:98:02:F6:F1:00:21
X509v3 Authority Key Identifier:
keyid:E2:C1:37:10:6C:1A:46:AE:A0:7C:24:B1:17:29:FD:7D:21:6A:24:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sE3EGwaRq6gfCSxFyn9fSFqJPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/QnMV84HKL27f-lSUfSmYAvbxACE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2435cc-5533-4f70-bb82-9caf25a499d7/1/4sE3EGwaRq6gfCSxFyn9fSFqJPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.232.0/22
IPv6:
2a0d:800::/29
Signature Algorithm: sha256WithRSAEncryption
d9:eb:a5:5b:ca:ee:a2:53:45:67:bd:7e:87:f4:3b:2c:9f:47:
ee:a8:a8:5c:58:f5:7c:a2:fe:24:5c:cb:bb:f8:c8:a9:36:bc:
8a:0b:49:cd:88:02:07:fa:cb:fa:97:a3:de:66:5b:9b:3a:47:
81:cc:81:2e:fa:d8:c4:d4:9a:77:c9:fe:80:57:70:94:ee:4e:
99:6b:ad:70:22:4a:17:8a:41:c8:4e:19:b6:45:ff:2b:a4:7c:
c6:bf:4f:33:85:cc:46:2f:98:f3:be:b4:b7:98:aa:43:ab:57:
6c:91:0a:e7:52:46:c2:60:26:70:ea:50:b8:71:8c:83:63:fe:
60:f5:84:db:5b:c9:c4:4a:7c:53:39:02:c0:80:3f:e1:7f:96:
fc:e4:1c:d6:95:dd:7d:16:c6:e7:d7:5e:b8:1d:9a:fd:23:31:
eb:6f:bf:48:1e:ff:a3:2b:2a:02:50:6d:0a:32:bd:d1:76:1a:
34:ad:39:57:fa:e5:66:cd:be:a4:27:99:f9:c3:2b:a0:58:76:
27:ec:a9:67:b1:cc:33:36:9c:25:b4:58:6b:59:02:a7:b2:3a:
4d:98:02:10:10:ee:8f:b6:86:fc:29:46:84:83:e6:47:06:a9:
04:9b:26:9f:d7:36:62:9c:82:9e:d9:c5:c7:8e:f2:c4:03:1c:
02:11:61:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAXPII3flh4hp+Zcy6e2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzEzNzEwNmMxYTQ2YWVhMDdjMjRiMTE3MjlmZDdkMjE2
YTI0ZjUwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjczMTVmMzgxY2EyZjZlZGZmYTU0OTQ3ZDI5OTgwMmY2ZjEwMDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivj2By7EEnN6O0czxdIN2r6MGB5J
44SJOGL6zAUJsS9xWQVBjy4Hhg7HTZTOGGW1EDzZ0G2SkKsbyIg3ZgfBMEhlRYaR
haaBJOIcSr3Fb8QlJq+e1K+NF2o0e6Wjc4+rDldNvm7lD2i9yBuP5GKoLGQO1l5N
A7P5DGFgO5V6skGiU3PyuHUnMX2o4lX61kmw8zgCZx+ZSQslgt6XK9TmkO2VGqjJ
FKju+UjndK/wU6zt8BD5AcfTVX7zN1sBKJ4y6FdYpYUsZFNRZbHnqTTXeN6TxT5/
lt5IxdYD6iQuI8ndWOa0HyK9T02dM7rnFaFpSQC06RH4ptWi7J7BCg6mPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJzFfOByi9u3/pUlH0pmAL28QAhMB8GA1UdIwQY
MBaAFOLBNxBsGkauoHwksRcp/X0haiT1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODIt
OWNhZjI1YTQ5OWQ3LzEvUW5NVjg0SEtMMjdmLWxTVWZTbVlBdmJ4QUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yNDM1Y2MtNTUzMy00ZjcwLWJiODItOWNhZjI1YTQ5OWQ3
LzEvNHNFM0VHd2FScTZnZkNTeEZ5bjlmU0ZxSlBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud7oMA0E
AgACMAcDBQMqDQgAMA0GCSqGSIb3DQEBCwUAA4IBAQDZ66Vbyu6iU0VnvX6H9Dss
n0fuqKhcWPV8ov4kXMu7+MipNryKC0nNiAIH+sv6l6PeZlubOkeBzIEu+tjE1Jp3
yf6AV3CU7k6Za61wIkoXikHIThm2Rf8rpHzGv08zhcxGL5jzvrS3mKpDq1dskQrn
UkbCYCZw6lC4cYyDY/5g9YTbW8nESnxTOQLAgD/hf5b85BzWld19Fsbn1164HZr9
IzHrb79IHv+jKyoCUG0KMr3Rdho0rTlX+uVmzb6kJ5n5wyugWHYn7KlnscwzNpwl
tFhrWQKnsjpNmAIQEO6Ptob8KUaEg+ZHBqkEmyaf1zZinIKe2cXHjvLEAxwCEWGr
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:00:13 2024 by rpki-client on console-ams.rpki-client.org