Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/QOKUfuy-k0crcPI61alVmEC68fw.roa
File: QOKUfuy-k0crcPI61alVmEC68fw.roa (raw, json)
Hash identifier: El3x0+IklPe1pf3DEgj28EoKgr9uRmXp3i8musC3ajg=
Subject key identifier: 40:E2:94:7E:EC:BE:93:47:2B:70:F2:3A:D5:A9:55:98:40:BA:F1:FC
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018CC64ABA01B2AC05DF524764308BA900CE
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/QOKUfuy-k0crcPI61alVmEC68fw.roa
Signing time: Mon 01 Jan 2024 18:30:35 +0000
ROA not before: Mon 01 Jan 2024 18:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202817
IP address blocks: 185.154.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ba:01:b2:ac:05:df:52:47:64:30:8b:a9:00:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Jan 1 18:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e2947eecbe93472b70f23ad5a9559840baf1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:33:3e:67:99:4c:29:dd:1a:60:2c:1c:56:fc:
69:46:4f:f1:de:a8:77:f9:f9:43:dc:29:97:51:48:
9d:27:75:17:eb:52:17:56:58:4b:46:f0:2f:dc:72:
ce:87:b5:4f:c8:b1:46:78:56:c3:14:b2:de:5a:e1:
47:31:3e:bd:b2:72:fa:87:e4:ed:47:18:45:73:1a:
44:ec:08:5e:32:7d:81:62:4a:21:ac:d2:35:7f:fb:
a9:c2:83:43:3e:2d:8c:94:8c:03:25:e1:04:aa:d0:
3d:2d:d1:ba:90:da:4f:26:96:ee:11:3e:8a:c7:ed:
14:0e:8f:44:3e:d9:11:cb:0a:10:5d:42:b7:cb:8a:
a7:84:41:5f:82:4a:05:a5:8c:3b:d7:21:2c:11:78:
98:3d:8a:1f:85:0b:ec:07:68:b4:f5:06:a3:aa:67:
65:ef:37:1d:ee:9c:85:d5:e5:23:45:fd:5d:66:b0:
4e:57:08:d6:98:eb:c3:0a:9b:b3:ca:b3:ed:07:77:
54:ab:39:4a:05:b9:3e:0a:a7:6a:ac:1c:a9:e1:72:
c0:f0:df:6e:2b:a4:07:ac:5b:46:2f:53:37:f9:20:
49:ad:d0:6a:ba:a2:74:ad:58:c6:5d:62:62:b7:58:
dd:6d:17:86:0a:a2:8b:ef:85:50:fa:a1:7c:3d:33:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E2:94:7E:EC:BE:93:47:2B:70:F2:3A:D5:A9:55:98:40:BA:F1:FC
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/QOKUfuy-k0crcPI61alVmEC68fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.8.0/22
Signature Algorithm: sha256WithRSAEncryption
15:5c:67:10:60:ab:e8:58:6f:19:63:84:bc:91:23:35:bc:b9:
73:c4:aa:fd:f9:1f:89:9c:64:5e:51:05:7c:7c:dc:83:ab:18:
cb:11:52:da:55:06:31:7c:86:d7:42:e2:09:13:1c:88:bc:73:
92:5b:ce:13:c0:c0:25:48:a3:35:0a:c0:18:cb:fd:af:1f:b4:
f1:e8:52:74:c5:f8:85:87:a0:ab:b5:d0:0e:26:86:0c:26:32:
66:2a:08:73:58:c3:6b:7a:79:65:f0:ce:c1:8d:f3:8b:3a:53:
99:0c:c6:7e:08:5d:d6:34:0f:8b:4d:56:f2:3c:d7:c0:98:d1:
5c:68:40:c5:ef:27:1c:fa:25:27:09:b9:5b:c6:8d:fc:e7:9f:
bc:a6:e9:3a:6b:22:1f:85:e1:88:c5:f5:5d:e4:c4:23:96:5c:
89:46:21:7a:a0:39:85:72:ab:b9:66:b5:63:49:29:8f:55:dd:
bd:af:b9:f1:c6:55:14:0e:51:57:ad:e9:dc:fd:1e:22:31:c0:
19:6a:13:4f:7b:f8:5c:cc:5e:80:10:71:8e:6b:49:5d:bf:5c:
df:59:42:b5:0c:79:e1:9f:d7:ae:23:85:79:12:1e:bf:53:76:
5e:f4:b1:84:ea:29:e2:29:ab:05:06:25:2d:61:53:fb:b3:19:
04:16:58:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSroBsqwF31JHZDCLqQDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjQwMTAxMTgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUyOTQ3ZWVjYmU5MzQ3MmI3MGYyM2FkNWE5NTU5ODQwYmFmMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDM+Z5lMKd0aYCwcVvxpRk/x3qh3
+flD3CmXUUidJ3UX61IXVlhLRvAv3HLOh7VPyLFGeFbDFLLeWuFHMT69snL6h+Tt
RxhFcxpE7AheMn2BYkohrNI1f/upwoNDPi2MlIwDJeEEqtA9LdG6kNpPJpbuET6K
x+0UDo9EPtkRywoQXUK3y4qnhEFfgkoFpYw71yEsEXiYPYofhQvsB2i09Qajqmdl
7zcd7pyF1eUjRf1dZrBOVwjWmOvDCpuzyrPtB3dUqzlKBbk+CqdqrByp4XLA8N9u
K6QHrFtGL1M3+SBJrdBquqJ0rVjGXWJit1jdbReGCqKL74VQ+qF8PTMwowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDilH7svpNHK3DyOtWpVZhAuvH8MB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvUU9LVWZ1eS1rMGNyY1BJNjFhbFZtRUM2OGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZoIMA0G
CSqGSIb3DQEBCwUAA4IBAQAVXGcQYKvoWG8ZY4S8kSM1vLlzxKr9+R+JnGReUQV8
fNyDqxjLEVLaVQYxfIbXQuIJExyIvHOSW84TwMAlSKM1CsAYy/2vH7Tx6FJ0xfiF
h6CrtdAOJoYMJjJmKghzWMNrenll8M7BjfOLOlOZDMZ+CF3WNA+LTVbyPNfAmNFc
aEDF7ycc+iUnCblbxo3855+8puk6ayIfheGIxfVd5MQjllyJRiF6oDmFcqu5ZrVj
SSmPVd29r7nxxlUUDlFXrenc/R4iMcAZahNPe/hczF6AEHGOa0ldv1zfWUK1DHnh
n9euI4V5Eh6/U3Ze9LGE6iniKasFBiUtYVP7sxkEFlhP
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:05 2024 by rpki-client on console-ams.rpki-client.org