Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOwfO8AuRq5REHhICnbRmVss2GY.roa
File: QOwfO8AuRq5REHhICnbRmVss2GY.roa (raw, json)
Hash identifier: 4qfA4+olE6KfMolasfdN9TjcceCJYPWMpivmRRW1iHo=
Subject key identifier: 40:EC:1F:3B:C0:2E:46:AE:51:10:78:48:0A:76:D1:99:5B:2C:D8:66
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018D6468A738717806B447CF3CFB34DDFAFF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOwfO8AuRq5REHhICnbRmVss2GY.roa
Signing time: Thu 01 Feb 2024 11:23:16 +0000
ROA not before: Thu 01 Feb 2024 11:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216444
IP address blocks: 84.32.22.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:68:a7:38:71:78:06:b4:47:cf:3c:fb:34:dd:fa:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 1 11:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ec1f3bc02e46ae511078480a76d1995b2cd866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:41:80:df:d6:58:78:bd:cc:2d:bb:19:72:
6a:5e:17:96:a3:ba:09:72:b3:6b:af:77:89:1e:b4:
84:35:89:0f:a5:ad:bb:af:ef:d5:76:58:d0:8e:3c:
7d:3c:a3:78:28:72:38:26:a6:e0:20:85:d1:a1:54:
8a:3b:b4:a1:2c:44:b4:32:15:7c:9e:63:d3:6f:b7:
a5:a4:90:8b:f9:3d:5c:78:da:bd:c9:28:3a:58:e5:
5a:d7:ef:4d:5c:ef:fe:0a:ab:a6:f3:ea:1b:c5:41:
94:60:f1:0b:a7:c2:5d:b8:31:b9:ba:79:7a:45:d4:
6d:a8:ab:f8:8f:2d:ba:c5:76:f9:9b:fa:31:70:69:
2f:80:56:21:c5:89:ce:99:81:12:1f:54:2f:ce:78:
00:0f:27:4e:f6:fb:cd:95:72:bb:de:76:e2:c3:8a:
9f:c1:54:29:be:5c:a0:87:72:44:b3:78:a3:c1:1a:
e2:bf:25:44:dc:63:db:ad:fd:ff:6f:7f:f4:0c:57:
77:e8:f9:dd:df:67:88:95:e2:4f:2d:0d:f8:75:fc:
69:7f:32:46:a0:54:e3:8c:41:5f:70:4d:06:c5:c8:
57:9b:d6:a2:92:95:ee:98:8b:9d:bc:2e:14:0a:6c:
06:da:fb:e5:5a:eb:6b:6b:c3:e0:3e:d2:bb:7d:10:
0a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EC:1F:3B:C0:2E:46:AE:51:10:78:48:0A:76:D1:99:5B:2C:D8:66
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOwfO8AuRq5REHhICnbRmVss2GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.22.0/23
84.32.249.0/24
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b6:06:ed:99:68:a0:18:79:a9:5d:ba:92:a0:8f:52:6a:8d:
81:75:1f:98:1b:eb:01:96:03:8f:84:2d:dc:99:74:ad:6c:82:
35:de:fe:c8:05:c8:ed:69:c2:fd:30:d6:bf:1e:c3:5a:69:5d:
f0:ce:6a:75:5d:81:59:7d:04:7c:5a:e6:66:e4:2e:e0:48:e9:
ae:26:65:94:32:db:87:12:e5:8f:2d:61:64:f7:4a:cf:10:f0:
df:73:4d:a9:44:ab:fe:c1:48:73:b6:56:ea:8a:e4:a6:dc:0c:
35:ce:6c:85:7d:14:38:98:4d:cc:7d:6a:53:b7:53:f0:73:66:
dd:23:63:d2:56:b3:8b:87:22:2c:1d:94:92:a7:9f:8a:bf:e3:
89:ec:60:5d:1a:ac:54:3d:d5:7b:43:1d:a2:de:f8:c4:01:fc:
ef:99:82:bf:b8:88:e0:f4:41:c3:14:3a:4e:c5:57:14:21:f3:
d2:47:cf:d7:72:52:3e:30:ea:e6:00:5a:d9:e2:fe:de:77:12:
e3:69:ed:f3:c2:c6:76:0b:33:4a:36:e6:be:45:98:cf:09:e8:
9d:98:bf:17:e0:ab:6f:8b:8d:4f:87:1b:32:b2:27:74:52:54:
d3:bf:bb:31:c9:8a:1c:60:a5:11:e7:c9:ab:97:9c:92:98:2c:
45:47:97:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1kaKc4cXgGtEfPPPs03fr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMjAxMTEyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVjMWYzYmMwMmU0NmFlNTExMDc4NDgwYTc2ZDE5OTViMmNkODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb1BgN/WWHi9zC27GXJqXheWo7oJ
crNrr3eJHrSENYkPpa27r+/VdljQjjx9PKN4KHI4JqbgIIXRoVSKO7ShLES0MhV8
nmPTb7elpJCL+T1ceNq9ySg6WOVa1+9NXO/+Cqum8+obxUGUYPELp8JduDG5unl6
RdRtqKv4jy26xXb5m/oxcGkvgFYhxYnOmYESH1QvzngADydO9vvNlXK73nbiw4qf
wVQpvlygh3JEs3ijwRrivyVE3GPbrf3/b3/0DFd36Pnd32eIleJPLQ34dfxpfzJG
oFTjjEFfcE0GxchXm9aikpXumIudvC4UCmwG2vvlWutra8PgPtK7fRAKnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDsHzvALkauURB4SAp20ZlbLNhmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUU93Zk84QXVScTVSRUhoSUNuYlJtVnNzMkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCAWAwQA
VCD5AwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQA7tgbtmWigGHmpXbqSoI9Sao2B
dR+YG+sBlgOPhC3cmXStbII13v7IBcjtacL9MNa/HsNaaV3wzmp1XYFZfQR8WuZm
5C7gSOmuJmWUMtuHEuWPLWFk90rPEPDfc02pRKv+wUhztlbqiuSm3Aw1zmyFfRQ4
mE3MfWpTt1Pwc2bdI2PSVrOLhyIsHZSSp5+Kv+OJ7GBdGqxUPdV7Qx2i3vjEAfzv
mYK/uIjg9EHDFDpOxVcUIfPSR8/XclI+MOrmAFrZ4v7edxLjae3zwsZ2CzNKNua+
RZjPCeidmL8X4Ktvi41Phxsysid0UlTTv7sxyYocYKUR58mrl5ySmCxFR5eF
-----END CERTIFICATE-----
Generated at Tue May 7 12:58:04 2024 by rpki-client on console-fra.rpki-client.org