Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/QYJWvs5hmnzOyA5Cvcp-mJ90ODc.roa
File: QYJWvs5hmnzOyA5Cvcp-mJ90ODc.roa (raw, json)
Hash identifier: aJ16KdYUKT7Z327OUheXYDWNMibFzv+n+SAasooSeOg=
Subject key identifier: 41:82:56:BE:CE:61:9A:7C:CE:C8:0E:42:BD:CA:7E:98:9F:74:38:37
Certificate issuer: /CN=c8d335041718b18830b1f58c15d3518510fe6118
Certificate serial: 018CC4938A96E764715D4655B5A0A8EC54CD
Authority key identifier: C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/QYJWvs5hmnzOyA5Cvcp-mJ90ODc.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 37.1.168.0/21 maxlen: 24
185.15.32.0/22 maxlen: 24
37.252.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8a:96:e7:64:71:5d:46:55:b5:a0:a8:ec:54:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d335041718b18830b1f58c15d3518510fe6118
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=418256bece619a7ccec80e42bdca7e989f743837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:18:f5:d7:3e:af:0a:1c:12:bf:78:c8:c4:2a:
94:80:b9:a5:14:8f:37:25:a4:c9:91:84:37:ea:08:
d3:49:20:69:87:0d:55:ff:63:93:65:75:aa:d1:4a:
45:f7:bb:68:21:90:39:ee:c9:2e:13:62:72:3b:94:
00:3d:80:52:aa:6b:83:ac:a2:99:f2:ac:0a:57:1b:
3b:7d:7e:cb:96:6d:93:85:af:57:30:5d:53:d0:87:
ec:e0:e9:45:7f:5c:eb:38:e0:03:5d:4a:de:97:1d:
9b:9a:e9:f8:b3:2c:e0:ed:21:85:87:a8:d1:a7:45:
04:e8:af:24:d7:58:13:d4:b7:48:48:8f:04:eb:d0:
dc:4b:1e:08:81:42:d7:fa:cb:10:da:20:c0:05:3d:
cb:83:2b:00:b8:a6:b0:8d:d2:b9:49:2f:e0:8e:a4:
0b:2d:aa:3d:d0:67:48:f1:f0:67:1b:95:a1:e5:37:
24:b3:7d:82:20:81:b0:3e:4e:73:c6:9e:cd:61:80:
5d:ff:ac:5a:bb:5a:8d:49:0a:8b:fa:a8:14:da:2c:
da:ac:f6:61:0c:fc:f4:f8:bd:64:a8:98:e8:fb:37:
af:a7:73:f1:0c:39:14:df:b5:cd:64:af:a9:8c:11:
00:e4:ce:3b:60:a4:e7:72:59:e5:04:9b:66:71:e5:
54:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:82:56:BE:CE:61:9A:7C:CE:C8:0E:42:BD:CA:7E:98:9F:74:38:37
X509v3 Authority Key Identifier:
keyid:C8:D3:35:04:17:18:B1:88:30:B1:F5:8C:15:D3:51:85:10:FE:61:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNM1BBcYsYgwsfWMFdNRhRD-YRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/QYJWvs5hmnzOyA5Cvcp-mJ90ODc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8a344e-0ed8-42b2-a744-a9e8468710a3/1/yNM1BBcYsYgwsfWMFdNRhRD-YRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.168.0/21
37.252.200.0/21
185.15.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d3:44:e3:ea:53:5c:3b:1e:7e:79:32:dc:c7:74:6d:2e:0f:
a4:98:8b:0f:a6:25:e7:c0:5c:c5:5a:18:bc:d6:7f:00:96:84:
bc:6f:a6:9c:ec:0b:3c:47:55:72:8f:e4:49:84:44:9b:2b:5c:
73:c6:a1:bf:dd:04:49:c0:7f:5e:55:6a:97:20:a3:3d:78:07:
12:0d:02:c5:ad:2e:f2:f7:10:26:73:5a:de:15:2c:d4:88:ea:
83:16:b7:5f:2a:84:ec:3a:93:c0:85:d1:bb:9c:b2:3b:e3:3f:
d9:e5:11:69:7f:51:fd:eb:e5:6d:99:fa:40:fc:dd:fa:9c:7a:
62:33:ac:25:48:3c:8d:62:70:16:32:d8:27:cb:ca:a4:43:a1:
be:dc:34:20:b7:64:33:46:54:98:a8:37:c6:3e:d1:19:20:e9:
ef:2d:43:f1:d9:00:60:20:ff:23:65:9f:79:b9:4c:ad:6f:4c:
a9:db:c4:ff:1f:d5:af:d2:de:64:be:9d:ba:a3:7d:2f:9f:24:
75:bc:3e:3e:91:56:2b:d3:63:91:0c:2c:33:c6:96:32:bf:bc:
d1:99:ab:1f:c6:52:51:d2:ea:cf:7f:b1:61:db:de:45:e6:50:
e3:68:ab:be:b6:75:a3:bf:01:fd:c8:99:3c:e4:fd:a1:38:9d:
ed:39:2c:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk4qW52RxXUZVtaCo7FTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDMzNTA0MTcxOGIxODgzMGIxZjU4YzE1ZDM1MTg1MTBm
ZTYxMTgwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgyNTZiZWNlNjE5YTdjY2VjODBlNDJiZGNhN2U5ODlmNzQzODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBj11z6vChwSv3jIxCqUgLmlFI83
JaTJkYQ36gjTSSBphw1V/2OTZXWq0UpF97toIZA57skuE2JyO5QAPYBSqmuDrKKZ
8qwKVxs7fX7Llm2Tha9XMF1T0Ifs4OlFf1zrOOADXUrelx2bmun4syzg7SGFh6jR
p0UE6K8k11gT1LdISI8E69DcSx4IgULX+ssQ2iDABT3LgysAuKawjdK5SS/gjqQL
Lao90GdI8fBnG5Wh5Tcks32CIIGwPk5zxp7NYYBd/6xau1qNSQqL+qgU2izarPZh
DPz0+L1kqJjo+zevp3PxDDkU37XNZK+pjBEA5M47YKTnclnlBJtmceVUWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGCVr7OYZp8zsgOQr3KfpifdDg3MB8GA1UdIwQY
MBaAFMjTNQQXGLGIMLH1jBXTUYUQ/mEYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQt
YTllODQ2ODcxMGEzLzEvUVlKV3ZzNWhtbnpPeUE1Q3ZjcC1tSjkwT0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YTM0NGUtMGVkOC00MmIyLWE3NDQtYTllODQ2ODcxMGEz
LzEveU5NMUJCY1lzWWd3c2ZXTUZkTlJoUkQtWVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJQGoAwQD
JfzIAwQCuQ8gMA0GCSqGSIb3DQEBCwUAA4IBAQAe00Tj6lNcOx5+eTLcx3RtLg+k
mIsPpiXnwFzFWhi81n8AloS8b6ac7As8R1Vyj+RJhESbK1xzxqG/3QRJwH9eVWqX
IKM9eAcSDQLFrS7y9xAmc1reFSzUiOqDFrdfKoTsOpPAhdG7nLI74z/Z5RFpf1H9
6+VtmfpA/N36nHpiM6wlSDyNYnAWMtgny8qkQ6G+3DQgt2QzRlSYqDfGPtEZIOnv
LUPx2QBgIP8jZZ95uUytb0yp28T/H9Wv0t5kvp26o30vnyR1vD4+kVYr02ORDCwz
xpYyv7zRmasfxlJR0urPf7Fh295F5lDjaKu+tnWjvwH9yJk85P2hOJ3tOSyr
-----END CERTIFICATE-----
Generated at Mon May 13 14:55:34 2024 by rpki-client on console-ams.rpki-client.org