Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/QvQSfh8pcGgDjwC0vC43E21Vagc.roa
File: QvQSfh8pcGgDjwC0vC43E21Vagc.roa (raw, json)
Hash identifier: E/AnTqXMYgxH2TzbglOQ0tRlcvZaLWIoJgrnMO2DZ3s=
Subject key identifier: 42:F4:12:7E:1F:29:70:68:03:8F:00:B4:BC:2E:37:13:6D:55:6A:07
Certificate issuer: /CN=d74ce9d9e18a2a8a06cb4d9b08b59cd76b221184
Certificate serial: 018CC492B28DDCAD62418F7573917ED9F1AD
Authority key identifier: D7:4C:E9:D9:E1:8A:2A:8A:06:CB:4D:9B:08:B5:9C:D7:6B:22:11:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10zp2eGKKooGy02bCLWc12siEYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/QvQSfh8pcGgDjwC0vC43E21Vagc.roa
Signing time: Mon 01 Jan 2024 10:29:57 +0000
ROA not before: Mon 01 Jan 2024 10:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25376
IP address blocks: 185.108.44.0/22 maxlen: 24
2a01:8560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/10zp2eGKKooGy02bCLWc12siEYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/10zp2eGKKooGy02bCLWc12siEYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/10zp2eGKKooGy02bCLWc12siEYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:b2:8d:dc:ad:62:41:8f:75:73:91:7e:d9:f1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d74ce9d9e18a2a8a06cb4d9b08b59cd76b221184
Validity
Not Before: Jan 1 10:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42f4127e1f297068038f00b4bc2e37136d556a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ad:dc:b7:fa:5e:75:bc:1b:6f:88:d2:cd:c3:
30:5f:9a:78:d4:03:6b:a3:81:11:38:b4:68:44:4d:
26:38:1e:ba:b6:57:73:84:c9:1d:6d:cc:4e:ef:a2:
1e:9e:1c:af:19:34:db:15:7a:cf:80:f3:41:e5:71:
a3:53:cf:b9:e3:86:54:dc:23:b7:f2:4e:74:f9:61:
cc:8c:ab:06:9c:5b:53:95:ba:f1:3c:38:9e:fe:ea:
4e:c4:fd:eb:a0:a9:b6:3b:64:c3:45:fc:ec:7d:b6:
33:c8:5b:cf:41:b9:75:50:14:85:a8:01:54:d5:89:
3f:a2:86:14:22:5c:b1:18:c1:80:ad:51:de:7f:be:
e6:a7:03:99:0d:73:b2:09:ea:e0:be:6b:92:78:9e:
bf:dd:d9:9c:2a:9c:68:e0:9a:78:5b:e2:9b:f5:e1:
96:04:b3:ab:16:52:07:3b:40:90:53:41:92:b5:4b:
67:86:8c:47:ee:8e:0e:4a:9c:1a:9b:ca:71:5e:11:
99:e8:00:a2:df:cb:ae:49:87:a9:22:4b:e9:aa:ee:
e7:91:b9:0b:e7:91:78:30:e6:aa:4c:1b:48:5f:fc:
5f:b9:79:d7:12:b2:79:ea:58:df:1b:cb:86:ef:8a:
b6:4f:9f:43:67:11:fd:ae:67:4c:d8:c6:a5:b0:67:
ca:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F4:12:7E:1F:29:70:68:03:8F:00:B4:BC:2E:37:13:6D:55:6A:07
X509v3 Authority Key Identifier:
keyid:D7:4C:E9:D9:E1:8A:2A:8A:06:CB:4D:9B:08:B5:9C:D7:6B:22:11:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10zp2eGKKooGy02bCLWc12siEYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/QvQSfh8pcGgDjwC0vC43E21Vagc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/ed5c1e-2d5f-4222-bdc7-63b95240d745/1/10zp2eGKKooGy02bCLWc12siEYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.44.0/22
IPv6:
2a01:8560::/32
Signature Algorithm: sha256WithRSAEncryption
51:93:74:97:01:6a:38:a1:e1:73:3e:61:f0:42:53:f7:72:04:
ed:db:ed:12:bd:c9:69:07:5f:46:2e:c8:8e:47:24:63:8c:7c:
5a:65:7a:ac:d8:da:60:63:d5:b0:8a:1c:fd:08:c6:6a:0f:cb:
f6:18:eb:fd:c2:5c:89:6e:e8:65:45:fc:d5:ad:cb:6f:51:bb:
84:f3:e9:c5:84:97:4e:c2:a7:8d:4f:10:5d:0c:07:27:4d:4b:
dc:b8:18:70:9a:b9:b3:47:2e:7d:47:40:71:b6:a3:a1:f6:17:
3f:25:51:4c:88:e5:2b:c2:c2:2a:07:51:cf:8d:b7:1a:7d:b9:
5c:90:33:f1:4a:c7:b3:ba:e7:1a:c5:ba:d9:6d:be:7e:a9:0a:
60:44:e9:91:bf:a9:47:96:12:cd:4b:88:44:37:c8:ea:a6:bc:
cf:38:88:5e:06:d5:20:7b:61:d8:0a:c1:a2:aa:34:20:80:fa:
6a:e8:fb:e5:52:d2:9d:c8:34:5c:1e:f0:7e:7f:35:51:e2:e6:
7d:96:0c:aa:c6:95:5b:83:2d:4e:ea:ee:9d:1b:06:96:a8:67:
63:c8:8a:a1:53:65:b0:3a:81:ae:e6:a6:39:9a:47:bf:6b:24:
ba:4e:fd:f3:2b:e6:07:17:ed:7d:59:f1:e5:84:b5:81:5a:71:
59:f1:54:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkrKN3K1iQY91c5F+2fGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NGNlOWQ5ZTE4YTJhOGEwNmNiNGQ5YjA4YjU5Y2Q3NmIy
MjExODQwHhcNMjQwMTAxMTAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY0MTI3ZTFmMjk3MDY4MDM4ZjAwYjRiYzJlMzcxMzZkNTU2YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q3ct/pedbwbb4jSzcMwX5p41ANr
o4EROLRoRE0mOB66tldzhMkdbcxO76IenhyvGTTbFXrPgPNB5XGjU8+544ZU3CO3
8k50+WHMjKsGnFtTlbrxPDie/upOxP3roKm2O2TDRfzsfbYzyFvPQbl1UBSFqAFU
1Yk/ooYUIlyxGMGArVHef77mpwOZDXOyCergvmuSeJ6/3dmcKpxo4Jp4W+Kb9eGW
BLOrFlIHO0CQU0GStUtnhoxH7o4OSpwam8pxXhGZ6ACi38uuSYepIkvpqu7nkbkL
55F4MOaqTBtIX/xfuXnXErJ56ljfG8uG74q2T59DZxH9rmdM2MalsGfKXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEL0En4fKXBoA48AtLwuNxNtVWoHMB8GA1UdIwQY
MBaAFNdM6dnhiiqKBstNmwi1nNdrIhGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTB6cDJlR0tLb29HeTAyYkNMV2MxMnNpRVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lZDVjMWUtMmQ1Zi00MjIyLWJkYzct
NjNiOTUyNDBkNzQ1LzEvUXZRU2ZoOHBjR2dEandDMHZDNDNFMjFWYWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lZDVjMWUtMmQ1Zi00MjIyLWJkYzctNjNiOTUyNDBkNzQ1
LzEvMTB6cDJlR0tLb29HeTAyYkNMV2MxMnNpRVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWwsMA0E
AgACMAcDBQAqAYVgMA0GCSqGSIb3DQEBCwUAA4IBAQBRk3SXAWo4oeFzPmHwQlP3
cgTt2+0SvclpB19GLsiORyRjjHxaZXqs2NpgY9Wwihz9CMZqD8v2GOv9wlyJbuhl
RfzVrctvUbuE8+nFhJdOwqeNTxBdDAcnTUvcuBhwmrmzRy59R0BxtqOh9hc/JVFM
iOUrwsIqB1HPjbcafblckDPxSsezuucaxbrZbb5+qQpgROmRv6lHlhLNS4hEN8jq
przPOIheBtUge2HYCsGiqjQggPpq6PvlUtKdyDRcHvB+fzVR4uZ9lgyqxpVbgy1O
6u6dGwaWqGdjyIqhU2WwOoGu5qY5mke/ayS6Tv3zK+YHF+19WfHlhLWBWnFZ8VRr
-----END CERTIFICATE-----
Generated at Tue May 21 21:00:15 2024 by rpki-client on console-fra.rpki-client.org