Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/cO0yo8thw8U2HvqjKBFm2MS8E2w.roa
File: cO0yo8thw8U2HvqjKBFm2MS8E2w.roa (raw, json)
Hash identifier: ncRC9PP8N+zMX/UK5eAO3sQ6deTLyGSDRSc0y7qqhNU=
Subject key identifier: 70:ED:32:A3:CB:61:C3:C5:36:1E:FA:A3:28:11:66:D8:C4:BC:13:6C
Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Certificate serial: 018CC56E24705D940BA436A728918660E4ED
Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/cO0yo8thw8U2HvqjKBFm2MS8E2w.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15739
IP address blocks: 185.91.96.0/23 maxlen: 24
185.91.97.0/24 maxlen: 24
185.91.98.0/23 maxlen: 24
185.91.98.0/24 maxlen: 24
2a05:e380::/29 maxlen: 29
2a05:e380:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:24:70:5d:94:0b:a4:36:a7:28:91:86:60:e4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70ed32a3cb61c3c5361efaa3281166d8c4bc136c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dd:c0:ab:73:83:71:35:e3:e8:a6:c2:b0:39:
10:5a:81:68:58:39:96:1f:18:34:b6:62:43:39:ae:
88:c8:77:dc:dc:fc:25:e0:3b:02:2d:3d:78:2e:1b:
3d:1e:fc:c0:bd:da:11:70:dc:7a:53:e4:ae:e1:83:
79:73:d7:23:5c:98:f3:59:39:20:64:99:c2:a4:b5:
a5:0a:a8:8d:69:2b:f6:9e:38:5d:bb:3f:7d:0e:47:
09:70:52:ff:c3:a1:75:33:82:0d:1c:ad:95:ce:de:
95:9b:67:dc:dd:2f:c2:31:c3:aa:f9:fc:a8:9f:98:
79:61:c5:94:b6:3a:b2:20:57:4e:97:40:cf:e5:7a:
c2:7d:2a:5d:23:e3:84:01:26:8c:dc:f4:e9:3f:a9:
a4:38:b6:5b:68:37:b8:07:25:b4:38:b8:01:59:c8:
ad:d9:31:69:83:ca:c3:81:7e:b2:fb:6d:41:ab:9e:
51:63:30:ab:e3:be:e1:ab:11:04:8b:9c:5b:0a:e2:
0f:ce:1f:3d:c0:e3:a6:71:4d:93:85:42:89:db:93:
99:75:2c:ba:0c:f8:54:a9:20:1d:6a:1c:e4:00:78:
68:cd:bb:92:db:39:53:03:07:c3:55:28:27:6d:3e:
a7:4e:16:2e:8d:58:88:42:7a:f1:36:6d:6e:fb:93:
6a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:ED:32:A3:CB:61:C3:C5:36:1E:FA:A3:28:11:66:D8:C4:BC:13:6C
X509v3 Authority Key Identifier:
keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/cO0yo8thw8U2HvqjKBFm2MS8E2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.96.0/22
IPv6:
2a05:e380::/29
Signature Algorithm: sha256WithRSAEncryption
ae:27:e1:11:a5:0d:b6:7b:2e:2b:10:1d:38:83:62:b1:ba:b8:
5c:37:5c:a0:49:3c:48:32:b7:0f:f2:9a:3a:47:fb:1c:57:50:
0f:f4:56:65:b6:25:f6:0f:d3:f2:2c:d2:11:fd:b6:88:51:fd:
a2:b8:99:40:d7:e4:59:19:37:5a:bf:b9:09:fa:25:33:43:ca:
2e:91:8d:79:49:f3:bb:98:ef:69:c3:98:f7:3c:d2:38:dc:22:
24:6e:d3:71:91:03:83:f0:8f:c1:3c:74:f0:5d:8a:6d:9a:2d:
53:79:44:c5:f0:08:f9:9c:5d:f6:9b:27:b0:01:6f:c3:d6:75:
3a:c6:fd:04:31:77:d8:e0:47:6c:e1:96:72:45:c4:b3:19:a4:
01:3d:3c:49:b4:88:44:f6:6b:19:60:3b:12:30:df:27:ed:d3:
67:b0:69:83:4a:24:1a:9d:aa:3a:f8:5d:0f:62:b1:47:b6:14:
9f:92:c9:d4:03:7b:af:4f:76:2f:7c:44:63:56:d7:75:a7:c1:
06:9a:cb:2f:85:12:9d:69:86:f2:85:66:f7:4b:c5:99:1d:cf:
5b:0f:c6:df:02:14:13:30:60:64:a8:f1:d0:fc:f7:4b:7f:94:
34:40:f2:55:90:b8:8a:3f:2a:a5:79:3e:07:4d:55:6f:c3:af:
a1:58:d9:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbiRwXZQLpDanKJGGYOTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRi
YTMyMTQwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVkMzJhM2NiNjFjM2M1MzYxZWZhYTMyODExNjZkOGM0YmMxMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt3Aq3ODcTXj6KbCsDkQWoFoWDmW
Hxg0tmJDOa6IyHfc3Pwl4DsCLT14Lhs9HvzAvdoRcNx6U+Su4YN5c9cjXJjzWTkg
ZJnCpLWlCqiNaSv2njhduz99DkcJcFL/w6F1M4INHK2Vzt6Vm2fc3S/CMcOq+fyo
n5h5YcWUtjqyIFdOl0DP5XrCfSpdI+OEASaM3PTpP6mkOLZbaDe4ByW0OLgBWcit
2TFpg8rDgX6y+21Bq55RYzCr477hqxEEi5xbCuIPzh89wOOmcU2ThUKJ25OZdSy6
DPhUqSAdahzkAHhozbuS2zlTAwfDVSgnbT6nThYujViIQnrxNm1u+5NqKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHDtMqPLYcPFNh76oygRZtjEvBNsMB8GA1UdIwQY
MBaAFED4cuTNsH1oORR+Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTkt
ZGExMzhhZGUyMjJiLzEvY08weW84dGh3OFUySHZxaktCRm0yTVM4RTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJi
LzEvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtgMA0E
AgACMAcDBQMqBeOAMA0GCSqGSIb3DQEBCwUAA4IBAQCuJ+ERpQ22ey4rEB04g2Kx
urhcN1ygSTxIMrcP8po6R/scV1AP9FZltiX2D9PyLNIR/baIUf2iuJlA1+RZGTda
v7kJ+iUzQ8oukY15SfO7mO9pw5j3PNI43CIkbtNxkQOD8I/BPHTwXYptmi1TeUTF
8Aj5nF32myewAW/D1nU6xv0EMXfY4Eds4ZZyRcSzGaQBPTxJtIhE9msZYDsSMN8n
7dNnsGmDSiQanao6+F0PYrFHthSfksnUA3uvT3YvfERjVtd1p8EGmssvhRKdaYby
hWb3S8WZHc9bD8bfAhQTMGBkqPHQ/PdLf5Q0QPJVkLiKPyqleT4HTVVvw6+hWNmQ
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:34 2024 by rpki-client on console-fra.rpki-client.org