Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/qiU5dCfEDFhI0F0Irely1BzdGVY.roa
File: qiU5dCfEDFhI0F0Irely1BzdGVY.roa (raw, json)
Hash identifier: l2PgX5ugCo7fdCHckPat4cbaYjv6Kt78W9HHtB4jXa8=
Subject key identifier: AA:25:39:74:27:C4:0C:58:48:D0:5D:08:AD:E9:72:D4:1C:DD:19:56
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 018CC9BC98BB660D39282EF7C59C271693CB
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/qiU5dCfEDFhI0F0Irely1BzdGVY.roa
Signing time: Tue 02 Jan 2024 10:33:49 +0000
ROA not before: Tue 02 Jan 2024 10:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9053
IP address blocks: 185.115.0.0/24 maxlen: 24
2a02:5420:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:98:bb:66:0d:39:28:2e:f7:c5:9c:27:16:93:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jan 2 10:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa25397427c40c5848d05d08ade972d41cdd1956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:07:b8:79:a0:c3:82:20:21:c5:e8:15:4c:cc:
50:0b:a6:51:7e:d9:89:d7:64:88:d9:18:85:9d:98:
22:a6:3a:1b:1c:13:b1:8b:57:0a:5f:00:ca:7b:ed:
78:6b:2a:5b:a8:b2:54:10:3f:7a:a7:ff:38:76:c0:
3f:86:db:58:4c:0e:6b:8e:55:93:b2:9b:0e:80:d5:
29:71:c3:2b:3d:08:07:76:06:65:80:77:76:dc:c0:
4c:4a:4b:0f:82:77:b8:96:cb:e6:19:13:b0:5c:b3:
c2:cc:d3:88:2b:66:6d:7d:9d:00:0a:d9:2b:03:c0:
6b:10:b8:6b:23:b8:1e:2c:d2:7b:82:72:8c:f7:b0:
7a:73:4b:e6:5d:63:90:df:9e:5c:e4:79:83:2e:8f:
c1:f7:a7:53:cd:07:2b:4e:cb:81:2b:5f:80:0a:2d:
ad:68:af:5d:8b:58:62:27:48:f8:dd:3f:4d:3d:37:
e1:cc:97:a3:43:ee:77:c3:c4:14:e1:6e:4b:e8:f9:
f3:39:b3:34:3c:4d:9b:26:73:e1:0d:ee:2d:b5:ee:
d0:0b:a6:8d:c1:fd:ee:54:5b:32:e5:80:08:f7:f4:
f6:96:01:03:2a:1d:75:88:69:f3:67:79:a0:ed:27:
14:9c:19:03:1f:0d:e5:bb:28:6a:9b:ac:ef:9d:61:
d8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:25:39:74:27:C4:0C:58:48:D0:5D:08:AD:E9:72:D4:1C:DD:19:56
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/qiU5dCfEDFhI0F0Irely1BzdGVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.0.0/24
IPv6:
2a02:5420:1::/48
Signature Algorithm: sha256WithRSAEncryption
96:d0:85:b0:96:df:c4:75:aa:18:e3:90:88:4d:e4:b9:51:45:
cc:d6:79:af:f9:e1:5a:5b:0c:59:36:86:2b:97:c7:e4:9c:87:
d7:9d:d2:e5:70:1d:99:e5:9d:90:4a:a0:83:fe:4d:3f:5c:c0:
72:a9:44:be:c2:52:59:5a:e1:c6:2e:c1:6e:f6:18:16:4c:8a:
3f:b2:af:2d:0a:b1:0a:f6:32:af:21:79:48:0e:c4:53:b8:93:
3d:2a:9b:1d:f4:81:f2:ca:d6:f3:f7:83:75:7e:06:f8:1a:6f:
3e:aa:a8:e4:fe:1d:1e:a7:33:eb:0e:12:b1:02:6e:31:9a:6a:
c4:cb:12:73:9f:af:9b:27:9b:be:2d:b1:54:ec:ab:8d:9b:f4:
ae:9b:58:f8:8c:25:76:37:18:83:2e:39:d8:ac:9c:b6:26:73:
da:8e:e6:3b:c0:89:4c:fe:f8:c4:22:80:fb:d6:84:59:da:4e:
0b:cd:41:7b:84:a2:be:c4:b0:72:0e:bf:54:12:b8:4a:fa:fc:
73:ee:fc:61:db:1b:50:15:ff:52:42:6e:2f:8a:0e:a0:83:7e:
47:21:19:0e:3b:ca:2a:70:04:82:01:4e:e3:8b:14:6c:44:d1:
1f:27:d9:b7:97:c2:60:b9:90:3c:c3:5a:af:e0:91:51:dc:9a:
f5:f6:c3:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvJi7Zg05KC73xZwnFpPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjQwMTAyMTAzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI1Mzk3NDI3YzQwYzU4NDhkMDVkMDhhZGU5NzJkNDFjZGQxOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQe4eaDDgiAhxegVTMxQC6ZRftmJ
12SI2RiFnZgipjobHBOxi1cKXwDKe+14aypbqLJUED96p/84dsA/httYTA5rjlWT
spsOgNUpccMrPQgHdgZlgHd23MBMSksPgne4lsvmGROwXLPCzNOIK2ZtfZ0ACtkr
A8BrELhrI7geLNJ7gnKM97B6c0vmXWOQ355c5HmDLo/B96dTzQcrTsuBK1+ACi2t
aK9di1hiJ0j43T9NPTfhzJejQ+53w8QU4W5L6PnzObM0PE2bJnPhDe4tte7QC6aN
wf3uVFsy5YAI9/T2lgEDKh11iGnzZ3mg7ScUnBkDHw3luyhqm6zvnWHY6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKolOXQnxAxYSNBdCK3pctQc3RlWMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvcWlVNWRDZkVERmhJMEYwSXJlbHkxQnpkR1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXMAMA8E
AgACMAkDBwAqAlQgAAEwDQYJKoZIhvcNAQELBQADggEBAJbQhbCW38R1qhjjkIhN
5LlRRczWea/54VpbDFk2hiuXx+Sch9ed0uVwHZnlnZBKoIP+TT9cwHKpRL7CUlla
4cYuwW72GBZMij+yry0KsQr2Mq8heUgOxFO4kz0qmx30gfLK1vP3g3V+Bvgabz6q
qOT+HR6nM+sOErECbjGaasTLEnOfr5snm74tsVTsq42b9K6bWPiMJXY3GIMuOdis
nLYmc9qO5jvAiUz++MQigPvWhFnaTgvNQXuEor7EsHIOv1QSuEr6/HPu/GHbG1AV
/1JCbi+KDqCDfkchGQ47yipwBIIBTuOLFGxE0R8n2beXwmC5kDzDWq/gkVHcmvX2
w7E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:24 2024 by rpki-client on console-fra.rpki-client.org