Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QEPpqX1NDwwdGBtPKfQxZJlKs1Q.roa
File: QEPpqX1NDwwdGBtPKfQxZJlKs1Q.roa (raw, json)
Hash identifier: 2GQL2gyX8iCmHoS/R25RHJ2m1lr9ko3dBj34Xd6Ekw0=
Subject key identifier: 40:43:E9:A9:7D:4D:0F:0C:1D:18:1B:4F:29:F4:31:64:99:4A:B3:54
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B813659E41E7D09B8CB94F77D29B06
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QEPpqX1NDwwdGBtPKfQxZJlKs1Q.roa
Signing time: Mon 01 Jan 2024 20:30:01 +0000
ROA not before: Mon 01 Jan 2024 20:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29497
IP address blocks: 178.155.4.0/24 maxlen: 24
178.155.7.0/24 maxlen: 24
178.155.5.0/24 maxlen: 24
2a00:1fa1:e00::/40 maxlen: 40
2a00:1fa1:4e00::/40 maxlen: 40
2a00:1fa1::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:13:65:9e:41:e7:d0:9b:8c:b9:4f:77:d2:9b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4043e9a97d4d0f0c1d181b4f29f43164994ab354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3e:8a:1d:dd:45:44:dc:bb:4c:31:47:e3:31:
dc:ed:05:a2:5a:85:6b:e0:cd:f2:d5:24:92:46:e1:
e4:06:8a:4a:c4:08:58:a4:63:bb:1b:97:ef:cb:88:
e8:bf:4e:7b:0f:fb:d8:1b:20:ee:79:11:df:f2:58:
6d:5e:5b:4d:ce:d9:da:58:37:2a:06:ac:de:a9:03:
bd:5a:20:b7:14:7a:01:34:c9:3e:6a:ae:6a:6c:9f:
b2:98:89:b9:fd:34:1c:67:31:eb:fd:39:2b:55:6d:
8f:01:e1:64:60:01:5c:83:a8:b7:f6:0e:a0:84:f2:
4b:c6:a6:f0:6a:ea:4c:69:74:32:fb:17:d5:05:86:
24:3f:79:59:0c:0e:d0:48:f4:44:db:45:db:bb:8f:
5d:dd:ed:06:08:72:b0:ef:ac:28:65:de:1b:79:7a:
57:2f:df:c0:82:cc:ce:33:97:ce:ff:01:43:8a:9e:
ca:7c:b7:0f:96:7c:43:ed:d2:10:bf:8d:d9:49:23:
08:32:6b:85:ff:0e:fa:20:fb:8e:61:85:f4:1a:45:
fd:71:fc:4f:bb:8d:1c:d2:47:84:29:93:00:2d:11:
d5:36:c1:01:4b:5d:0c:26:01:56:28:9f:95:ff:d4:
3e:19:0c:67:35:4d:19:15:d1:88:46:af:d3:32:92:
d2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:43:E9:A9:7D:4D:0F:0C:1D:18:1B:4F:29:F4:31:64:99:4A:B3:54
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QEPpqX1NDwwdGBtPKfQxZJlKs1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.155.4.0/23
178.155.7.0/24
IPv6:
2a00:1fa1::/33
Signature Algorithm: sha256WithRSAEncryption
6f:87:b7:b0:9c:9d:91:db:3a:d8:a4:0d:41:28:a9:bd:c4:88:
6f:82:7d:c4:22:c5:18:61:6e:3a:d6:ef:70:89:e1:fb:e5:9d:
6e:f4:ae:4e:e3:b9:6a:45:8a:a6:ab:18:6c:ed:b1:e5:35:a5:
ba:ee:29:46:43:2b:b9:ef:be:02:6a:09:75:2c:f4:ff:ec:30:
33:f4:74:9b:a4:55:6d:94:8d:e0:a6:83:36:4f:5b:df:f7:86:
39:89:17:0a:7b:8e:73:8d:ff:c1:5a:c7:34:59:de:2a:00:09:
ac:9c:b9:ae:cd:55:71:47:aa:01:a7:9c:e6:b6:68:f9:8a:98:
72:36:c1:c1:9f:bd:eb:5e:18:cd:02:f1:60:94:9a:ce:45:82:
6d:47:cd:54:1d:12:37:65:31:95:db:a4:80:7b:0b:2b:2d:05:
3a:11:ee:f2:ab:41:18:35:5e:a5:a2:34:20:7b:58:2a:4d:9b:
24:6a:03:bb:cd:5f:a4:38:a2:b4:29:47:2f:ab:c4:d3:df:fc:
c5:ac:77:e5:40:f6:a8:e8:1a:bd:ee:c7:06:4c:0e:7f:a7:37:
57:47:7b:b8:1e:92:6b:37:9f:5a:a2:a2:66:cf:b6:0e:8d:37:
b0:b2:5a:c6:77:50:ce:26:9e:c3:08:67:68:2a:13:71:d5:1d:
9a:6a:a7:ab
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGuBNlnkHn0JuMuU930psGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQzZTlhOTdkNGQwZjBjMWQxODFiNGYyOWY0MzE2NDk5NGFiMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4z6KHd1FRNy7TDFH4zHc7QWiWoVr
4M3y1SSSRuHkBopKxAhYpGO7G5fvy4jov057D/vYGyDueRHf8lhtXltNztnaWDcq
BqzeqQO9WiC3FHoBNMk+aq5qbJ+ymIm5/TQcZzHr/TkrVW2PAeFkYAFcg6i39g6g
hPJLxqbwaupMaXQy+xfVBYYkP3lZDA7QSPRE20Xbu49d3e0GCHKw76woZd4beXpX
L9/AgszOM5fO/wFDip7KfLcPlnxD7dIQv43ZSSMIMmuF/w76IPuOYYX0GkX9cfxP
u40c0keEKZMALRHVNsEBS10MJgFWKJ+V/9Q+GQxnNU0ZFdGIRq/TMpLS4wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEBD6al9TQ8MHRgbTyn0MWSZSrNUMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvUUVQcHFYMU5Ed3dkR0J0UEtmUXhaSmxLczFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBspsEAwQA
spsHMA4EAgACMAgDBgcqAB+hADANBgkqhkiG9w0BAQsFAAOCAQEAb4e3sJydkds6
2KQNQSipvcSIb4J9xCLFGGFuOtbvcInh++WdbvSuTuO5akWKpqsYbO2x5TWluu4p
RkMrue++AmoJdSz0/+wwM/R0m6RVbZSN4KaDNk9b3/eGOYkXCnuOc43/wVrHNFne
KgAJrJy5rs1VcUeqAaec5rZo+YqYcjbBwZ+9614YzQLxYJSazkWCbUfNVB0SN2Ux
ldukgHsLKy0FOhHu8qtBGDVepaI0IHtYKk2bJGoDu81fpDiitClHL6vE09/8xax3
5UD2qOgave7HBkwOf6c3V0d7uB6SazefWqKiZs+2Do03sLJaxndQziaewwhnaCoT
cdUdmmqnqw==
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:48:17 2024 by rpki-client on console-fra.rpki-client.org