Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/QcEwRcK-rtwNC1Hmw4werN881iw.roa
File: QcEwRcK-rtwNC1Hmw4werN881iw.roa (raw, json)
Hash identifier: 0GYJtJZLenV9cyHdSmP3xRRbd0z5xsudxjEUk8tmK5I=
Subject key identifier: 41:C1:30:45:C2:BE:AE:DC:0D:0B:51:E6:C3:8C:1E:AC:DF:3C:D6:2C
Certificate issuer: /CN=5ad9c45020072b3369c2b810fef4527244c5b741
Certificate serial: 018CC348C06C7582F45987D687FD60841A8B
Authority key identifier: 5A:D9:C4:50:20:07:2B:33:69:C2:B8:10:FE:F4:52:72:44:C5:B7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtnEUCAHKzNpwrgQ_vRSckTFt0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/QcEwRcK-rtwNC1Hmw4werN881iw.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203986
IP address blocks: 185.78.176.0/22 maxlen: 22
2a00:67e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/WtnEUCAHKzNpwrgQ_vRSckTFt0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/WtnEUCAHKzNpwrgQ_vRSckTFt0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/WtnEUCAHKzNpwrgQ_vRSckTFt0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c0:6c:75:82:f4:59:87:d6:87:fd:60:84:1a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad9c45020072b3369c2b810fef4527244c5b741
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c13045c2beaedc0d0b51e6c38c1eacdf3cd62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:b4:17:1a:f1:1d:72:b4:8b:43:87:21:39:
5f:89:d7:72:ca:5a:53:96:5f:4e:75:c9:79:01:1a:
a3:4c:9a:23:8d:39:e3:ce:09:70:a9:01:bd:89:18:
da:26:6f:4f:4f:37:a7:09:c6:e9:2c:aa:cf:f8:8c:
e6:1d:77:e6:47:e9:08:b2:77:bd:7f:49:44:c7:dc:
02:bc:b1:54:3a:c1:ea:fc:b8:31:71:10:2e:c0:0f:
dd:b0:17:2b:e1:e8:68:c4:65:cb:48:ec:9b:74:0f:
49:cd:3a:81:0d:d8:ee:96:db:d3:9d:fe:e0:e0:05:
b0:49:b1:59:b4:f7:a7:a8:0e:b0:2d:f2:ef:76:9d:
d8:2e:f9:16:fa:ff:eb:fb:80:51:85:31:18:c2:f5:
06:5e:d3:a3:2d:c9:fd:53:26:06:09:41:a7:30:af:
25:ed:3e:85:00:a5:8a:15:57:74:0e:ae:e4:9f:f6:
20:72:18:19:0a:57:ca:e3:af:cb:b2:fd:6f:ff:6f:
ba:d5:f1:fc:cc:11:50:bb:c4:29:8b:f6:49:ad:e6:
62:17:c3:a6:1a:b4:27:d7:c8:f2:df:95:e5:76:db:
bc:cf:8c:c8:9d:bd:24:24:cc:63:b7:e7:b7:bb:2a:
23:9d:6e:0e:6f:97:74:2a:86:20:00:e0:49:2d:fc:
63:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:30:45:C2:BE:AE:DC:0D:0B:51:E6:C3:8C:1E:AC:DF:3C:D6:2C
X509v3 Authority Key Identifier:
keyid:5A:D9:C4:50:20:07:2B:33:69:C2:B8:10:FE:F4:52:72:44:C5:B7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtnEUCAHKzNpwrgQ_vRSckTFt0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/QcEwRcK-rtwNC1Hmw4werN881iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cf3641-5c30-4dea-b004-c8e7fd809f90/1/WtnEUCAHKzNpwrgQ_vRSckTFt0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.176.0/22
IPv6:
2a00:67e0::/32
Signature Algorithm: sha256WithRSAEncryption
e7:89:96:41:62:4a:55:ed:56:21:1a:de:69:d4:b0:5f:f7:0d:
f9:e7:da:4c:01:bf:cf:73:97:5d:6f:5f:5e:14:c8:71:c9:e5:
c5:4e:4a:c8:53:6f:cc:f8:6f:ab:68:0b:aa:c7:bd:d7:84:6e:
ae:35:2d:d5:26:11:b4:7e:9b:70:c6:56:78:d7:30:1b:90:dd:
3f:83:cf:22:de:6c:62:95:52:7e:8d:42:ee:67:ab:1d:1b:03:
be:f7:d4:55:96:14:b7:7c:8d:01:59:a9:51:ef:5d:a1:50:f1:
07:1e:61:52:00:04:85:6c:b8:3b:20:3a:c4:1b:1e:91:5c:c8:
36:41:5f:41:97:4c:3d:a2:30:52:74:c9:17:65:0a:88:c3:68:
2d:a8:c7:bd:71:95:b3:d4:b2:81:80:28:f6:12:f0:b7:f3:c1:
6c:31:63:bf:a0:f1:d8:d2:60:30:a3:ee:7b:ab:6c:57:e9:3a:
a1:7a:1f:77:64:ce:6d:8b:b7:20:d0:98:5a:32:ad:d4:62:b9:
fd:f8:0b:64:02:1e:2b:be:70:12:63:c9:73:bd:4e:00:d9:e8:
7c:71:4c:22:9f:c2:9f:c7:ce:e8:41:00:c8:58:2e:2c:08:2d:
3d:98:5b:1c:ee:f6:8b:e1:29:a5:92:a4:9d:f5:2b:14:ab:cf:
d1:53:58:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSMBsdYL0WYfWh/1ghBqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDljNDUwMjAwNzJiMzM2OWMyYjgxMGZlZjQ1MjcyNDRj
NWI3NDEwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWMxMzA0NWMyYmVhZWRjMGQwYjUxZTZjMzhjMWVhY2RmM2NkNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquO0FxrxHXK0i0OHITlfiddyylpT
ll9Odcl5ARqjTJojjTnjzglwqQG9iRjaJm9PTzenCcbpLKrP+IzmHXfmR+kIsne9
f0lEx9wCvLFUOsHq/LgxcRAuwA/dsBcr4ehoxGXLSOybdA9JzTqBDdjultvTnf7g
4AWwSbFZtPenqA6wLfLvdp3YLvkW+v/r+4BRhTEYwvUGXtOjLcn9UyYGCUGnMK8l
7T6FAKWKFVd0Dq7kn/YgchgZClfK46/Lsv1v/2+61fH8zBFQu8Qpi/ZJreZiF8Om
GrQn18jy35Xldtu8z4zInb0kJMxjt+e3uyojnW4Ob5d0KoYgAOBJLfxjfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEHBMEXCvq7cDQtR5sOMHqzfPNYsMB8GA1UdIwQY
MBaAFFrZxFAgByszacK4EP70UnJExbdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RuRVVDQUhLek5wd3JnUV92UlNja1RGdDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jZjM2NDEtNWMzMC00ZGVhLWIwMDQt
YzhlN2ZkODA5ZjkwLzEvUWNFd1JjSy1ydHdOQzFIbXc0d2VyTjg4MWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jZjM2NDEtNWMzMC00ZGVhLWIwMDQtYzhlN2ZkODA5Zjkw
LzEvV3RuRVVDQUhLek5wd3JnUV92UlNja1RGdDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU6wMA0E
AgACMAcDBQAqAGfgMA0GCSqGSIb3DQEBCwUAA4IBAQDniZZBYkpV7VYhGt5p1LBf
9w3559pMAb/Pc5ddb19eFMhxyeXFTkrIU2/M+G+raAuqx73XhG6uNS3VJhG0fptw
xlZ41zAbkN0/g88i3mxilVJ+jULuZ6sdGwO+99RVlhS3fI0BWalR712hUPEHHmFS
AASFbLg7IDrEGx6RXMg2QV9Bl0w9ojBSdMkXZQqIw2gtqMe9cZWz1LKBgCj2EvC3
88FsMWO/oPHY0mAwo+57q2xX6Tqheh93ZM5ti7cg0JhaMq3UYrn9+AtkAh4rvnAS
Y8lzvU4A2eh8cUwin8Kfx87oQQDIWC4sCC09mFsc7vaL4SmlkqSd9SsUq8/RU1jT
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:36:49 2024 by rpki-client on console-ams.rpki-client.org