Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/QAkhNLz7xm6REE-Jy0cObIMU4r8.roa
File: QAkhNLz7xm6REE-Jy0cObIMU4r8.roa (raw, json)
Hash identifier: GvXLn7SvDQzpC8hucjbJzmib5RjLx/+KpVBvV1FPqCg=
Subject key identifier: 40:09:21:34:BC:FB:C6:6E:91:10:4F:89:CB:47:0E:6C:83:14:E2:BF
Certificate issuer: /CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Certificate serial: 018CEDAB4F527C9C8451CA05428F6ACB42C4
Authority key identifier: FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/QAkhNLz7xm6REE-Jy0cObIMU4r8.roa
Signing time: Tue 09 Jan 2024 10:01:16 +0000
ROA not before: Tue 09 Jan 2024 10:01:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.76.0/22 maxlen: 24
2a01:6ca0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/1-uSR_yiWEnzojsukTOx0xj--GrU.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/1-uSR_yiWEnzojsukTOx0xj--GrU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:ab:4f:52:7c:9c:84:51:ca:05:42:8f:6a:cb:42:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Validity
Not Before: Jan 9 10:01:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40092134bcfbc66e91104f89cb470e6c8314e2bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:a2:d2:14:71:39:7d:5c:e0:f8:f6:89:da:
7b:dc:8c:9b:da:a0:06:5f:db:69:b3:d7:7b:78:36:
51:38:52:86:14:be:04:e6:52:1c:68:27:9c:9d:d8:
dd:2d:c5:2d:3c:f2:d5:93:82:00:fd:d3:44:a3:7d:
53:00:22:ea:4c:5f:04:30:e2:e2:7c:ca:f2:8d:cf:
20:3f:84:bd:77:34:96:c0:42:c5:35:60:70:da:a4:
de:6c:15:a9:d4:2d:f7:c4:cb:3f:e8:99:d1:98:f1:
36:48:ca:d1:25:17:8e:91:66:59:8a:8c:91:7a:6d:
92:8a:be:7a:28:43:2e:9b:37:d0:03:8a:a1:e8:45:
15:6a:a1:47:7b:47:35:81:a9:f1:6f:d7:58:af:6f:
b7:3e:fc:41:a7:1b:45:4f:04:3f:8b:6f:07:35:1e:
fc:c2:3b:04:6a:ab:3c:49:b0:19:58:3a:13:fd:7a:
35:d4:c2:4c:79:c0:db:ff:6a:73:c6:90:c5:9c:b3:
0d:0e:a6:fb:23:58:24:eb:a2:2b:50:e5:41:4a:e2:
f7:27:c3:20:24:21:ee:d9:4a:dd:4c:98:cd:26:4d:
83:fa:26:76:93:0b:1a:15:df:26:3a:af:52:3e:4b:
b4:73:0f:dc:d6:c3:5e:46:53:42:42:f6:dd:4a:17:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:09:21:34:BC:FB:C6:6E:91:10:4F:89:CB:47:0E:6C:83:14:E2:BF
X509v3 Authority Key Identifier:
keyid:FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/QAkhNLz7xm6REE-Jy0cObIMU4r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/1-uSR_yiWEnzojsukTOx0xj--GrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.76.0/22
IPv6:
2a01:6ca0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:d3:3e:c4:73:00:72:ad:76:13:f5:ad:7b:6f:b0:ef:10:24:
a2:15:e3:09:d3:2e:41:78:fe:e2:62:77:1a:e7:1f:c8:46:9d:
52:83:83:53:b9:24:62:08:62:fa:a2:76:78:fd:73:e5:2e:19:
54:5f:99:b0:11:6c:85:17:5a:e4:08:4f:69:67:e3:48:0a:21:
ab:4a:79:8d:c7:87:68:de:d8:09:56:c5:39:11:fa:67:fa:9f:
b8:44:d9:0a:e8:6b:f9:53:26:91:b2:c2:5d:ca:db:6b:2f:24:
c9:0f:6c:e8:df:dd:9d:cc:e8:b1:2f:30:af:11:4f:d3:6c:5d:
f4:6c:eb:1b:9a:1c:85:e0:79:af:7f:fa:c4:41:7b:0d:cc:26:
fc:71:62:94:d2:3c:2b:c0:d0:4c:0d:66:5d:46:51:a6:58:80:
e2:b9:0a:db:47:3f:5c:af:2f:b6:b8:1d:dc:52:27:67:3a:45:
cc:20:91:fe:17:7d:77:7d:cd:a8:b5:67:87:2c:d3:3d:6d:de:
00:0c:59:17:64:6b:cd:68:f3:a9:b7:4a:92:ad:61:51:0f:a9:
52:9c:90:35:ad:86:ef:a5:64:1c:e5:02:91:e9:a6:fe:df:a6:
52:dc:17:1d:49:d4:fa:e9:d0:f7:1b:13:b2:50:ce:eb:a8:90:
43:f6:5d:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYztq09SfJyEUcoFQo9qy0LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTQ5MWZmMjg5NjEyN2NlODhlY2JhNDRjZWM3NGM2M2Zi
ZTFhYjUwHhcNMjQwMTA5MTAwMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA5MjEzNGJjZmJjNjZlOTExMDRmODljYjQ3MGU2YzgzMTRlMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhWi0hRxOX1c4Pj2idp73Iyb2qAG
X9tps9d7eDZROFKGFL4E5lIcaCecndjdLcUtPPLVk4IA/dNEo31TACLqTF8EMOLi
fMryjc8gP4S9dzSWwELFNWBw2qTebBWp1C33xMs/6JnRmPE2SMrRJReOkWZZioyR
em2Sir56KEMumzfQA4qh6EUVaqFHe0c1ganxb9dYr2+3PvxBpxtFTwQ/i28HNR78
wjsEaqs8SbAZWDoT/Xo11MJMecDb/2pzxpDFnLMNDqb7I1gk66IrUOVBSuL3J8Mg
JCHu2UrdTJjNJk2D+iZ2kwsaFd8mOq9SPku0cw/c1sNeRlNCQvbdShcLdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEAJITS8+8ZukRBPictHDmyDFOK/MB8GA1UdIwQY
MBaAFPrkkf8olhJ86I7LpEzsdMY/vhq1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11U1JfeWlXRW56b2pzdWtUT3gweGotLUdyVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4
LWNlYzE2MzMzZDdmMi8xL1FBa2hOTHo3eG02UkVFLUp5MGNPYklNVTRyOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4LWNlYzE2MzMzZDdm
Mi8xLzEtdVNSX3lpV0Vuem9qc3VrVE94MHhqLS1HclUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5K0ww
DQQCAAIwBwMFACoBbKAwDQYJKoZIhvcNAQELBQADggEBAI/TPsRzAHKtdhP1rXtv
sO8QJKIV4wnTLkF4/uJidxrnH8hGnVKDg1O5JGIIYvqidnj9c+UuGVRfmbARbIUX
WuQIT2ln40gKIatKeY3Hh2je2AlWxTkR+mf6n7hE2Qroa/lTJpGywl3K22svJMkP
bOjf3Z3M6LEvMK8RT9NsXfRs6xuaHIXgea9/+sRBew3MJvxxYpTSPCvA0EwNZl1G
UaZYgOK5CttHP1yvL7a4HdxSJ2c6Rcwgkf4XfXd9zai1Z4cs0z1t3gAMWRdka81o
86m3SpKtYVEPqVKckDWthu+lZBzlApHppv7fplLcFx1J1Prp0PcbE7JQzuuokEP2
XXs=
-----END CERTIFICATE-----
Generated at Wed Jun 26 17:25:08 2024 by rpki-client on console-fra.rpki-client.org