Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QtOqvCh0JDBBovvKx6SNp2pH5co.roa
File: QtOqvCh0JDBBovvKx6SNp2pH5co.roa (raw, json)
Hash identifier: ftEYpTT0z58NNgBwmUY8IBiVari+rCSJofn9gVyAmAg=
Subject key identifier: 42:D3:AA:BC:28:74:24:30:41:A2:FB:CA:C7:A4:8D:A7:6A:47:E5:CA
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94E02105A8AD423F36B1A1612F5305C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QtOqvCh0JDBBovvKx6SNp2pH5co.roa
Signing time: Tue 02 Jan 2024 08:33:01 +0000
ROA not before: Tue 02 Jan 2024 08:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41028
IP address blocks: 89.44.225.0/24 maxlen: 24
89.44.226.0/24 maxlen: 24
89.44.227.0/24 maxlen: 24
2a05:b680:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:02:10:5a:8a:d4:23:f3:6b:1a:16:12:f5:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42d3aabc2874243041a2fbcac7a48da76a47e5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:b3:7a:f6:ae:8d:78:25:e7:05:50:ab:78:
a6:65:fd:e4:dd:3f:76:8e:f8:0b:11:13:7b:4c:a1:
ef:b1:28:3f:0a:78:ee:18:e6:1c:c5:77:32:1b:44:
82:e9:e0:8d:2f:a2:f1:d8:4f:ae:e8:a8:cc:b8:aa:
63:c8:e9:22:33:fe:0c:99:21:d1:d0:65:c3:3f:49:
5d:b5:12:78:57:85:2b:d1:ca:5b:00:6b:3a:62:4a:
a0:51:bc:2a:16:2e:c8:84:18:6e:fa:bc:37:94:bc:
89:05:a1:4e:62:75:51:81:dd:0b:cd:74:b0:f7:85:
1a:04:95:c5:09:0e:40:dc:29:8d:cd:76:30:51:50:
3f:84:79:e0:be:8b:f9:35:29:4e:7c:b1:28:41:a7:
1b:0c:0c:15:6b:61:48:f8:42:74:b7:ae:a4:89:bd:
76:22:0a:46:5f:11:b9:b1:f1:eb:ec:73:4f:eb:f5:
a9:fd:34:91:dd:ed:7f:71:87:0f:4d:c1:ae:98:a2:
71:15:a0:c7:1a:84:2c:0d:f1:11:44:82:06:c4:60:
60:a8:29:ea:60:ea:7a:56:de:66:47:f9:17:58:1d:
56:5c:21:74:d0:5f:74:7b:21:55:45:48:b4:a0:76:
ca:06:d1:ab:00:82:95:d9:f9:7e:c7:aa:d2:3e:c9:
52:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D3:AA:BC:28:74:24:30:41:A2:FB:CA:C7:A4:8D:A7:6A:47:E5:CA
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QtOqvCh0JDBBovvKx6SNp2pH5co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.225.0-89.44.227.255
IPv6:
2a05:b680:7::/48
Signature Algorithm: sha256WithRSAEncryption
00:6d:08:e3:9a:51:88:d5:b9:77:66:ae:7a:1f:80:ea:34:d3:
75:4e:7a:ec:51:bb:99:ba:42:d1:7c:df:dc:74:4f:2e:ab:e6:
ce:9a:6f:17:c4:b9:1d:48:49:cb:61:1b:ac:29:0a:41:c6:69:
55:cf:d1:a6:55:a2:24:38:b7:0c:76:e3:82:b3:c4:79:ef:f6:
b6:67:0c:55:a6:24:86:f1:8d:b3:54:c3:13:98:89:9f:5b:55:
6d:e2:e8:e9:1a:b7:4a:57:5d:61:21:82:a6:63:6f:60:df:46:
ff:24:d2:99:72:e2:69:b8:11:0f:0f:8d:24:b9:e3:58:6f:f1:
df:30:99:8f:00:68:5b:f0:61:c3:e3:99:43:e9:2e:09:0b:04:
55:74:e7:f2:65:f0:85:63:98:5c:4a:3b:41:65:80:d9:10:df:
4c:91:94:a6:61:bf:c4:89:da:7e:e0:62:a5:96:b3:2e:b2:c7:
37:f1:a6:18:d7:9b:8b:9b:dd:fb:bd:25:fd:68:6f:76:9f:e6:
6b:8b:ba:b2:9c:c0:66:c9:b4:64:a5:c6:b1:a0:f7:57:2c:ee:
97:ab:43:31:ea:a2:da:7b:b0:3b:e2:98:05:44:ba:aa:9f:d2:
5c:60:ac:7d:44:d7:fa:dc:08:0c:4f:0e:84:39:48:5d:d0:ed:
7d:e0:f9:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzJTgIQWorUI/NrGhYS9TBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQzYWFiYzI4NzQyNDMwNDFhMmZiY2FjN2E0OGRhNzZhNDdlNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFizevaujXgl5wVQq3imZf3k3T92
jvgLERN7TKHvsSg/CnjuGOYcxXcyG0SC6eCNL6Lx2E+u6KjMuKpjyOkiM/4MmSHR
0GXDP0ldtRJ4V4Ur0cpbAGs6YkqgUbwqFi7IhBhu+rw3lLyJBaFOYnVRgd0LzXSw
94UaBJXFCQ5A3CmNzXYwUVA/hHngvov5NSlOfLEoQacbDAwVa2FI+EJ0t66kib12
IgpGXxG5sfHr7HNP6/Wp/TSR3e1/cYcPTcGumKJxFaDHGoQsDfERRIIGxGBgqCnq
YOp6Vt5mR/kXWB1WXCF00F90eyFVRUi0oHbKBtGrAIKV2fl+x6rSPslS6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELTqrwodCQwQaL7ysekjadqR+XKMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUXRPcXZDaDBKREJCb3Z2S3g2U05wMnBINWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBABZLOED
BAJZLOAwDwQCAAIwCQMHACoFtoAABzANBgkqhkiG9w0BAQsFAAOCAQEAAG0I45pR
iNW5d2aueh+A6jTTdU567FG7mbpC0Xzf3HRPLqvmzppvF8S5HUhJy2EbrCkKQcZp
Vc/RplWiJDi3DHbjgrPEee/2tmcMVaYkhvGNs1TDE5iJn1tVbeLo6Rq3SlddYSGC
pmNvYN9G/yTSmXLiabgRDw+NJLnjWG/x3zCZjwBoW/Bhw+OZQ+kuCQsEVXTn8mXw
hWOYXEo7QWWA2RDfTJGUpmG/xInafuBipZazLrLHN/GmGNebi5vd+70l/Whvdp/m
a4u6spzAZsm0ZKXGsaD3Vyzul6tDMeqi2nuwO+KYBUS6qp/SXGCsfUTX+twIDE8O
hDlIXdDtfeD5Sw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:33:06 2024 by rpki-client on console-ams.rpki-client.org