Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/QOtycFFTxJ9J6MT-HIXYy4aWDbM.roa
File: QOtycFFTxJ9J6MT-HIXYy4aWDbM.roa (raw, json)
Hash identifier: BrxR4BymVJapTLgVr+7MTXQuI1LaHaOlC1VkZIr1KEU=
Subject key identifier: 40:EB:72:70:51:53:C4:9F:49:E8:C4:FE:1C:85:D8:CB:86:96:0D:B3
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 018CC56EFFC1F5B54785EE68FAA716272E37
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/QOtycFFTxJ9J6MT-HIXYy4aWDbM.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207821
IP address blocks: 185.89.38.0/24 maxlen: 24
185.89.37.0/24 maxlen: 24
185.89.36.0/24 maxlen: 24
185.89.39.0/24 maxlen: 24
2.59.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ff:c1:f5:b5:47:85:ee:68:fa:a7:16:27:2e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40eb72705153c49f49e8c4fe1c85d8cb86960db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b4:b3:90:8e:53:00:db:53:26:4a:b4:2a:08:
ad:30:bb:69:21:19:19:f5:48:fb:26:7c:2c:b3:9a:
ba:48:95:0b:89:85:8d:4e:55:32:ac:2a:6c:07:33:
00:e4:09:fa:3a:51:39:b8:9f:9a:fd:e5:b1:7c:ab:
c9:51:e2:ad:9d:83:4e:81:e5:b5:77:37:9e:96:70:
66:d3:dc:6d:30:d3:08:dd:59:4b:8c:f5:23:e2:b6:
d0:e1:76:3b:21:27:f8:91:78:60:22:57:dc:10:7e:
59:42:f0:8d:ac:b8:42:8e:89:9a:28:40:d5:7e:36:
dc:7c:24:28:58:bd:fc:64:8c:06:b7:ba:97:d1:9a:
96:51:72:ee:a8:58:6e:2c:90:e5:f8:de:97:f0:36:
db:9e:66:c9:2d:7e:08:f5:14:ce:a4:d8:a2:a7:fa:
0a:8c:a2:a4:d3:bd:8e:a1:1a:60:a7:51:2f:cf:c4:
b5:76:84:16:e5:a7:84:27:18:b3:ac:13:8e:26:c3:
3e:61:75:86:ad:16:68:0f:fe:0e:6d:5c:c5:00:8a:
ab:1d:83:46:61:dc:7d:e2:09:6e:fe:42:aa:fa:c6:
46:e2:ec:6a:01:73:87:85:d3:e5:5c:90:b1:68:cb:
b1:df:5f:a5:a2:6e:ae:bf:63:ff:43:53:9a:a2:d3:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EB:72:70:51:53:C4:9F:49:E8:C4:FE:1C:85:D8:CB:86:96:0D:B3
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/QOtycFFTxJ9J6MT-HIXYy4aWDbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.28.0/24
185.89.36.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:9c:72:ce:59:e8:4c:4f:ee:c5:6f:e9:af:33:03:bb:67:b5:
83:97:92:fe:80:b7:9c:ae:cc:e8:fa:8a:3c:50:c9:14:ff:56:
25:0b:40:b2:e2:98:40:f7:dd:a6:ce:7f:c7:1d:aa:10:51:77:
9c:9f:f6:2b:37:7f:bf:d6:b6:81:cb:88:83:ed:24:b1:f8:4d:
46:1b:71:ad:6f:56:1b:c1:e5:66:e5:65:fe:21:d2:44:6d:df:
02:e9:e9:e0:a5:78:71:cc:c8:b5:c7:7c:49:16:ce:a1:3b:b5:
68:da:e9:73:81:ee:0c:c7:3d:d2:b5:e9:12:fe:67:30:86:ba:
98:5e:e8:cb:58:f7:25:5a:96:4b:da:dc:f7:e2:82:ed:b2:7e:
65:ff:4d:00:f9:b4:8f:00:19:5a:6d:27:06:a3:7c:96:ad:de:
19:51:55:c6:0d:cb:e1:0a:10:27:69:a2:61:c6:21:48:56:b6:
c3:91:82:b0:fa:39:9f:63:2a:c8:f6:55:31:36:c9:00:e5:13:
ba:23:9a:12:41:41:b1:36:9a:99:2a:99:f3:f8:03:59:93:e0:
3f:89:7b:36:70:c2:ad:24:0d:f5:7e:cb:50:81:22:d7:7c:70:
f6:0e:28:a0:34:9a:dc:fb:93:b5:c1:6c:71:99:c2:b4:5b:2e:
86:7f:fa:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbv/B9bVHhe5o+qcWJy43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGViNzI3MDUxNTNjNDlmNDllOGM0ZmUxYzg1ZDhjYjg2OTYwZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbSzkI5TANtTJkq0KgitMLtpIRkZ
9Uj7Jnwss5q6SJULiYWNTlUyrCpsBzMA5An6OlE5uJ+a/eWxfKvJUeKtnYNOgeW1
dzeelnBm09xtMNMI3VlLjPUj4rbQ4XY7ISf4kXhgIlfcEH5ZQvCNrLhCjomaKEDV
fjbcfCQoWL38ZIwGt7qX0ZqWUXLuqFhuLJDl+N6X8DbbnmbJLX4I9RTOpNiip/oK
jKKk072OoRpgp1Evz8S1doQW5aeEJxizrBOOJsM+YXWGrRZoD/4ObVzFAIqrHYNG
Ydx94glu/kKq+sZG4uxqAXOHhdPlXJCxaMux31+lom6uv2P/Q1OaotO3vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDrcnBRU8SfSejE/hyF2MuGlg2zMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvUU90eWNGRlR4SjlKNk1ULUhJWFl5NGFXRGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjscAwQC
uVkkMA0GCSqGSIb3DQEBCwUAA4IBAQAKnHLOWehMT+7Fb+mvMwO7Z7WDl5L+gLec
rszo+oo8UMkU/1YlC0Cy4phA992mzn/HHaoQUXecn/YrN3+/1raBy4iD7SSx+E1G
G3Gtb1YbweVm5WX+IdJEbd8C6engpXhxzMi1x3xJFs6hO7Vo2ulzge4Mxz3StekS
/mcwhrqYXujLWPclWpZL2tz34oLtsn5l/00A+bSPABlabScGo3yWrd4ZUVXGDcvh
ChAnaaJhxiFIVrbDkYKw+jmfYyrI9lUxNskA5RO6I5oSQUGxNpqZKpnz+ANZk+A/
iXs2cMKtJA31fstQgSLXfHD2DiigNJrc+5O1wWxxmcK0Wy6Gf/qV
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:45:19 2024 by rpki-client on console-fra.rpki-client.org