Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/Qnwb5mw0-nrLQMh_c63Wky8Azjg.roa
File: Qnwb5mw0-nrLQMh_c63Wky8Azjg.roa (raw, json)
Hash identifier: V2ndA2kPW7S8oiSITctwyRya9XE5ZImxP/Zndh/odgs=
Subject key identifier: 42:7C:1B:E6:6C:34:FA:7A:CB:40:C8:7F:73:AD:D6:93:2F:00:CE:38
Certificate issuer: /CN=f9ff7b68633cec51a181067b831826637df98d6e
Certificate serial: 018CC86FDB01B76AC5CEB6CDAFD381D6783F
Authority key identifier: F9:FF:7B:68:63:3C:EC:51:A1:81:06:7B:83:18:26:63:7D:F9:8D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-f97aGM87FGhgQZ7gxgmY335jW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/Qnwb5mw0-nrLQMh_c63Wky8Azjg.roa
Signing time: Tue 02 Jan 2024 04:30:22 +0000
ROA not before: Tue 02 Jan 2024 04:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 185.251.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/1-f97aGM87FGhgQZ7gxgmY335jW4.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/1-f97aGM87FGhgQZ7gxgmY335jW4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-f97aGM87FGhgQZ7gxgmY335jW4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 10:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:db:01:b7:6a:c5:ce:b6:cd:af:d3:81:d6:78:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9ff7b68633cec51a181067b831826637df98d6e
Validity
Not Before: Jan 2 04:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=427c1be66c34fa7acb40c87f73add6932f00ce38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d0:fb:9d:f9:34:1a:16:90:1d:59:fd:89:cc:
03:c3:d6:17:98:cd:9e:8e:3c:ac:f7:56:5e:fe:6f:
71:63:04:08:a0:93:ca:6e:3f:a0:23:51:a8:a2:66:
81:90:45:b6:be:d7:88:89:b4:b4:91:23:1a:3f:d9:
62:7f:e5:d6:00:8d:b5:1a:4b:9a:d5:be:04:98:9a:
53:b1:e5:3b:b6:3e:b1:32:f4:cd:2e:d1:bb:55:b9:
bc:9f:93:a6:8c:c5:74:96:f4:42:96:79:ea:40:df:
59:bd:4e:3e:76:48:17:f2:48:60:be:1b:cb:7a:be:
82:3f:17:be:76:8d:1f:6a:09:7c:6d:51:03:e6:ca:
46:a8:2b:5c:0d:60:8c:71:44:89:a0:bc:23:70:84:
6e:b2:c5:7f:8c:1d:91:99:6b:89:77:64:c7:a0:dc:
6e:65:9e:95:38:59:71:ff:b5:b1:7d:ef:e0:a0:1c:
4e:15:03:4f:ab:a2:36:44:94:37:db:6d:6d:73:90:
73:d0:02:b8:aa:de:9a:b2:48:1c:4b:c2:c7:c6:5a:
69:e2:f1:83:9c:ef:a0:19:d3:af:9d:0e:1d:a4:69:
68:93:3f:af:bd:0f:6c:aa:fc:19:37:c6:4d:7f:bd:
12:4a:48:df:79:8b:2a:a9:98:f1:83:a1:4e:82:55:
e7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7C:1B:E6:6C:34:FA:7A:CB:40:C8:7F:73:AD:D6:93:2F:00:CE:38
X509v3 Authority Key Identifier:
keyid:F9:FF:7B:68:63:3C:EC:51:A1:81:06:7B:83:18:26:63:7D:F9:8D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-f97aGM87FGhgQZ7gxgmY335jW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/Qnwb5mw0-nrLQMh_c63Wky8Azjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/f6a0c1-480a-4232-9fb7-8fd384b42c9e/1/1-f97aGM87FGhgQZ7gxgmY335jW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.160.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:53:fe:64:ee:f1:d8:8b:71:fb:f5:8f:a4:cd:51:25:0e:0a:
dd:1a:3d:c5:0b:eb:fe:60:c8:60:2f:8a:aa:0c:a7:d6:00:af:
e1:4b:95:0a:7d:71:66:2f:80:cf:66:c5:e9:b4:6e:0d:ca:50:
da:20:95:bc:7e:49:6b:9d:fd:b9:15:b5:85:34:0d:5f:56:55:
2a:c0:69:21:68:f4:7c:e4:da:4b:bd:2b:2c:cb:f8:f6:b2:84:
05:fd:55:f8:92:c5:dc:41:19:48:12:41:8f:ad:e2:57:21:76:
d2:11:dd:39:9b:81:91:71:76:35:d2:a7:7b:6b:47:83:2a:b0:
4b:10:36:47:19:a9:f6:8a:e4:37:aa:ce:bb:27:f4:d1:a4:25:
87:b9:ef:95:77:e8:a9:ba:03:ff:5b:27:a1:d2:47:68:15:69:
21:0d:f1:2f:9e:5b:45:72:0c:3c:79:02:a3:fa:fa:6f:6c:07:
59:36:4d:18:b0:ba:36:e1:e3:a8:ac:d3:6b:0d:b3:d7:14:22:
52:47:24:53:88:99:09:50:0a:c1:66:67:98:02:cd:b3:5f:9c:
91:7f:06:9b:53:73:86:f3:ad:09:41:bc:0f:29:48:ff:e9:c8:
5b:c0:e6:82:ba:da:64:f4:ca:d0:2e:80:3c:e9:58:f5:bc:87:
3f:46:21:f3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIb9sBt2rFzrbNr9OB1ng/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZmY3YjY4NjMzY2VjNTFhMTgxMDY3YjgzMTgyNjYzN2Rm
OThkNmUwHhcNMjQwMTAyMDQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjdjMWJlNjZjMzRmYTdhY2I0MGM4N2Y3M2FkZDY5MzJmMDBjZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9D7nfk0GhaQHVn9icwDw9YXmM2e
jjys91Ze/m9xYwQIoJPKbj+gI1GoomaBkEW2vteIibS0kSMaP9lif+XWAI21Gkua
1b4EmJpTseU7tj6xMvTNLtG7Vbm8n5OmjMV0lvRClnnqQN9ZvU4+dkgX8khgvhvL
er6CPxe+do0fagl8bVED5spGqCtcDWCMcUSJoLwjcIRussV/jB2RmWuJd2THoNxu
ZZ6VOFlx/7Wxfe/goBxOFQNPq6I2RJQ3221tc5Bz0AK4qt6askgcS8LHxlpp4vGD
nO+gGdOvnQ4dpGlokz+vvQ9sqvwZN8ZNf70SSkjfeYsqqZjxg6FOglXnuQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEJ8G+ZsNPp6y0DIf3Ot1pMvAM44MB8GA1UdIwQY
MBaAFPn/e2hjPOxRoYEGe4MYJmN9+Y1uMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1mOTdhR004N0ZHaGdRWjdneGdtWTMzNWpXNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvZjZhMGMxLTQ4MGEtNDIzMi05ZmI3
LThmZDM4NGI0MmM5ZS8xL1Fud2I1bXcwLW5yTFFNaF9jNjNXa3k4QXpqZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzcvZjZhMGMxLTQ4MGEtNDIzMi05ZmI3LThmZDM4NGI0MmM5
ZS8xLzEtZjk3YUdNODdGR2hnUVo3Z3hnbVkzMzVqVzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5+6Aw
DQYJKoZIhvcNAQELBQADggEBAM1T/mTu8diLcfv1j6TNUSUOCt0aPcUL6/5gyGAv
iqoMp9YAr+FLlQp9cWYvgM9mxem0bg3KUNoglbx+SWud/bkVtYU0DV9WVSrAaSFo
9Hzk2ku9KyzL+PayhAX9VfiSxdxBGUgSQY+t4lchdtIR3TmbgZFxdjXSp3trR4Mq
sEsQNkcZqfaK5Deqzrsn9NGkJYe575V36Km6A/9bJ6HSR2gVaSEN8S+eW0VyDDx5
AqP6+m9sB1k2TRiwujbh46is02sNs9cUIlJHJFOImQlQCsFmZ5gCzbNfnJF/BptT
c4bzrQlBvA8pSP/pyFvA5oK62mT0ytAugDzpWPW8hz9GIfM=
-----END CERTIFICATE-----
Generated at Sat May 18 13:43:57 2024 by rpki-client on console-fra.rpki-client.org