Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/QSCagCKR6E-iwPatTgiBzu5EJFE.roa
File: QSCagCKR6E-iwPatTgiBzu5EJFE.roa (raw, json)
Hash identifier: l2nH81wdsY/P5BV+bhy/lxv+QGFXe/gZFUO/AvDXpNc=
Subject key identifier: 41:20:9A:80:22:91:E8:4F:A2:C0:F6:AD:4E:08:81:CE:EE:44:24:51
Certificate issuer: /CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Certificate serial: 018CC86EF3FEE50C39C86BD9606D5A36490C
Authority key identifier: 5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/QSCagCKR6E-iwPatTgiBzu5EJFE.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50474
IP address blocks: 185.154.136.0/22 maxlen: 22
109.234.164.0/22 maxlen: 22
109.234.161.0/24 maxlen: 24
109.234.162.0/24 maxlen: 24
109.234.163.0/24 maxlen: 24
109.234.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f3:fe:e5:0c:39:c8:6b:d9:60:6d:5a:36:49:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cae7aa1594d89929b111a371f0ff26f202f58e2
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41209a802291e84fa2c0f6ad4e0881ceee442451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:ce:c6:67:90:ce:a5:51:05:6b:08:7b:58:
06:0b:64:e8:c9:17:3d:4f:81:f7:1c:78:b5:0f:a2:
17:a1:96:94:15:58:4d:98:34:20:2b:1e:3f:d7:94:
62:34:55:75:03:6a:ba:77:3f:df:51:22:50:7f:be:
a9:15:47:08:87:df:28:38:c3:15:85:72:a9:73:fe:
f2:6d:19:81:98:3b:77:03:62:d4:31:48:5d:b6:f6:
d4:bf:eb:65:c2:c8:35:78:2d:6f:8a:11:98:f1:59:
fe:c5:ca:fb:0f:3d:bf:c9:fa:63:4c:f4:cc:ba:45:
b1:2a:a6:86:1a:11:fe:5b:cd:98:b6:30:2d:b5:ea:
7b:a7:11:9a:e8:ea:e8:04:e1:0e:e5:db:2f:bf:70:
bd:96:95:dc:79:45:49:68:4a:1a:29:3f:78:88:7e:
0f:47:3c:ef:e7:12:7f:e4:b7:70:44:93:d0:63:31:
1a:a3:b2:79:a4:74:57:82:b8:b9:7b:38:13:90:f0:
30:2a:dd:66:7f:67:49:0d:29:4a:39:0e:ff:32:90:
0a:68:17:a5:4c:2a:8f:3e:ee:e8:aa:93:83:ba:3b:
15:5f:84:13:4d:f6:1d:4e:9c:36:8d:64:02:99:ed:
f9:4a:eb:1f:47:6f:b9:01:5a:81:37:b8:80:5e:21:
85:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:20:9A:80:22:91:E8:4F:A2:C0:F6:AD:4E:08:81:CE:EE:44:24:51
X509v3 Authority Key Identifier:
keyid:5C:AE:7A:A1:59:4D:89:92:9B:11:1A:37:1F:0F:F2:6F:20:2F:58:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XK56oVlNiZKbERo3Hw_ybyAvWOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/QSCagCKR6E-iwPatTgiBzu5EJFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5e6bae-962f-4057-8ec5-279f594b3a2f/1/XK56oVlNiZKbERo3Hw_ybyAvWOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.160.0/21
185.154.136.0/22
Signature Algorithm: sha256WithRSAEncryption
60:7f:7f:44:20:b8:27:44:53:16:f3:3c:0f:07:12:6f:2d:48:
ba:c2:6a:e6:dd:9c:0f:63:60:1a:6a:ad:59:66:66:97:3b:ad:
7f:13:c7:df:f2:b0:78:bc:ed:49:e0:b5:71:71:4d:3a:53:82:
3b:00:06:d0:49:4f:8d:91:bb:fd:9d:a1:fd:29:ba:28:8c:68:
ca:4d:11:34:fe:ea:8b:b1:ce:91:bc:70:14:dd:f9:d3:92:b0:
52:83:ca:b8:fc:c8:9e:d9:80:6b:8b:e5:6a:3f:63:03:4c:0a:
8a:a4:15:f7:4c:76:f8:42:df:9f:7d:af:82:df:63:19:25:42:
be:91:fc:3e:8c:1a:f1:c3:73:a3:ec:4c:ab:b0:08:16:8e:af:
ab:f6:3c:d4:cf:c7:9e:7f:d1:a8:19:0f:d5:9d:fc:4d:c7:0d:
0b:a7:69:c4:f0:df:be:0b:06:31:a5:48:91:ef:21:4c:a5:00:
42:5a:92:21:76:ab:d7:04:3d:c3:3a:24:32:e1:a8:16:40:e5:
ca:d5:82:76:a2:0c:15:b3:c9:38:51:59:b1:91:3a:a2:f9:a2:
28:38:7c:cd:99:3c:c9:2f:d7:f7:e7:f6:41:8f:34:c0:56:e2:
92:da:12:fd:f7:e6:03:a7:05:bd:95:00:da:13:09:20:c3:92:
c9:60:c2:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbvP+5Qw5yGvZYG1aNkkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYWU3YWExNTk0ZDg5OTI5YjExMWEzNzFmMGZmMjZmMjAy
ZjU4ZTIwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTIwOWE4MDIyOTFlODRmYTJjMGY2YWQ0ZTA4ODFjZWVlNDQyNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq43OxmeQzqVRBWsIe1gGC2ToyRc9
T4H3HHi1D6IXoZaUFVhNmDQgKx4/15RiNFV1A2q6dz/fUSJQf76pFUcIh98oOMMV
hXKpc/7ybRmBmDt3A2LUMUhdtvbUv+tlwsg1eC1vihGY8Vn+xcr7Dz2/yfpjTPTM
ukWxKqaGGhH+W82YtjAttep7pxGa6OroBOEO5dsvv3C9lpXceUVJaEoaKT94iH4P
Rzzv5xJ/5LdwRJPQYzEao7J5pHRXgri5ezgTkPAwKt1mf2dJDSlKOQ7/MpAKaBel
TCqPPu7oqpODujsVX4QTTfYdTpw2jWQCme35SusfR2+5AVqBN7iAXiGFfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEEgmoAikehPosD2rU4Igc7uRCRRMB8GA1UdIwQY
MBaAFFyueqFZTYmSmxEaNx8P8m8gL1jiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEs1Nm9WbE5pWktiRVJvM0h3X3lieUF2V09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81ZTZiYWUtOTYyZi00MDU3LThlYzUt
Mjc5ZjU5NGIzYTJmLzEvUVNDYWdDS1I2RS1pd1BhdFRnaUJ6dTVFSkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81ZTZiYWUtOTYyZi00MDU3LThlYzUtMjc5ZjU5NGIzYTJm
LzEvWEs1Nm9WbE5pWktiRVJvM0h3X3lieUF2V09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbeqgAwQC
uZqIMA0GCSqGSIb3DQEBCwUAA4IBAQBgf39EILgnRFMW8zwPBxJvLUi6wmrm3ZwP
Y2Aaaq1ZZmaXO61/E8ff8rB4vO1J4LVxcU06U4I7AAbQSU+Nkbv9naH9KboojGjK
TRE0/uqLsc6RvHAU3fnTkrBSg8q4/Mie2YBri+VqP2MDTAqKpBX3THb4Qt+ffa+C
32MZJUK+kfw+jBrxw3Oj7EyrsAgWjq+r9jzUz8eef9GoGQ/VnfxNxw0Lp2nE8N++
CwYxpUiR7yFMpQBCWpIhdqvXBD3DOiQy4agWQOXK1YJ2ogwVs8k4UVmxkTqi+aIo
OHzNmTzJL9f35/ZBjzTAVuKS2hL99+YDpwW9lQDaEwkgw5LJYMJB
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:23:48 2024 by rpki-client on console-ams.rpki-client.org