Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/QLKfK0P8R7LqM9CK4kJ_SY5x1yY.roa
File: QLKfK0P8R7LqM9CK4kJ_SY5x1yY.roa (raw, json)
Hash identifier: WXa6ltHcBIyuvSom5sMG0IGe+/4CLpOE/7HiZqVYobQ=
Subject key identifier: 40:B2:9F:2B:43:FC:47:B2:EA:33:D0:8A:E2:42:7F:49:8E:71:D7:26
Certificate issuer: /CN=66927b2b26b5214b9665d8dc85f414709714996c
Certificate serial: 018CC94D97A4F48E90A5E5095EF079FF786B
Authority key identifier: 66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/QLKfK0P8R7LqM9CK4kJ_SY5x1yY.roa
Signing time: Tue 02 Jan 2024 08:32:34 +0000
ROA not before: Tue 02 Jan 2024 08:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212098
IP address blocks: 185.223.163.0/24 maxlen: 24
2a10:8c80::/32 maxlen: 32
2a10:8c81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:97:a4:f4:8e:90:a5:e5:09:5e:f0:79:ff:78:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66927b2b26b5214b9665d8dc85f414709714996c
Validity
Not Before: Jan 2 08:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b29f2b43fc47b2ea33d08ae2427f498e71d726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:2a:20:7e:46:50:7c:f8:3a:f3:00:5a:74:
d7:66:da:66:9b:8c:aa:7b:db:3d:b2:aa:ab:05:02:
f1:95:40:94:03:fb:37:96:09:70:aa:95:94:44:47:
2e:11:d4:30:33:ab:c6:91:34:84:a4:5b:6e:41:33:
97:92:22:85:f8:c3:bb:3f:dd:6e:dc:e1:d1:09:84:
5c:c3:8a:4b:00:db:e5:91:de:c9:2e:bc:5c:c7:3e:
a2:a9:30:27:ba:15:63:ec:12:5f:63:d6:a8:c8:87:
75:98:be:1e:93:59:c9:96:67:75:e5:03:0e:a9:bb:
4e:bf:f2:e1:14:de:cf:f0:d7:07:f7:45:1f:07:cd:
65:43:90:e9:3a:57:be:7e:cf:d6:55:21:6e:bb:14:
bd:92:96:b2:fb:08:35:4c:ef:a8:5f:45:38:d8:9f:
e1:b2:96:a7:99:59:34:fd:85:d7:cc:ed:8e:ac:bc:
60:06:2b:36:a7:36:f3:bc:4d:b4:ef:bb:7d:cb:1d:
e3:fe:8c:2e:5b:ab:44:01:9e:53:a5:b1:99:0a:5b:
a9:f2:3b:b7:cd:0c:8a:39:0d:f4:1a:13:15:53:d2:
03:1a:83:0e:f3:8e:54:02:a8:75:91:f3:4a:d6:e2:
0d:5a:c9:98:11:eb:63:6e:65:8c:c5:08:1e:80:ae:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B2:9F:2B:43:FC:47:B2:EA:33:D0:8A:E2:42:7F:49:8E:71:D7:26
X509v3 Authority Key Identifier:
keyid:66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/QLKfK0P8R7LqM9CK4kJ_SY5x1yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.163.0/24
IPv6:
2a10:8c80::/31
Signature Algorithm: sha256WithRSAEncryption
16:49:68:68:2a:46:25:ff:22:ab:86:8c:c9:c7:ef:65:5d:b4:
13:1e:0f:43:95:26:2c:95:b4:7f:09:53:66:b4:9e:b0:d3:31:
9a:c3:38:fc:d5:c8:02:1d:76:0e:66:f7:77:01:69:81:cc:9b:
49:ab:c7:6e:ff:bd:28:b6:36:16:b3:5f:46:36:22:e1:0f:d4:
ca:68:77:eb:4e:0c:0b:32:83:e1:1e:8b:00:8c:13:39:12:5a:
f4:90:8d:1a:a6:1a:f9:8e:b6:40:39:d6:f8:8e:41:b6:30:46:
89:bd:53:56:26:4a:e2:62:84:f8:88:df:68:7f:f9:ce:62:36:
2b:87:2a:9a:4b:26:ef:f0:91:75:96:50:5c:35:a0:90:80:ae:
17:2d:ce:4e:f2:21:d9:dc:ff:b8:39:ae:8d:2c:f3:b4:5f:ed:
95:80:a7:33:01:c7:6e:dd:bb:c7:24:e6:71:07:8a:e3:a0:ef:
78:76:91:e0:c6:74:dd:65:65:06:f2:d5:a6:5f:56:75:02:6b:
3d:4b:74:fb:29:32:46:af:f4:93:3c:ab:78:0c:12:9a:a8:61:
7d:d2:21:c3:92:08:28:2b:a4:1b:ed:93:8d:7c:c0:da:5d:f0:
36:30:5f:34:84:62:2f:79:6e:cd:df:1f:85:9b:72:25:62:46:
f4:83:76:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTZek9I6QpeUJXvB5/3hrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTI3YjJiMjZiNTIxNGI5NjY1ZDhkYzg1ZjQxNDcwOTcx
NDk5NmMwHhcNMjQwMTAyMDgzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIyOWYyYjQzZmM0N2IyZWEzM2QwOGFlMjQyN2Y0OThlNzFkNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0MqIH5GUHz4OvMAWnTXZtpmm4yq
e9s9sqqrBQLxlUCUA/s3lglwqpWUREcuEdQwM6vGkTSEpFtuQTOXkiKF+MO7P91u
3OHRCYRcw4pLANvlkd7JLrxcxz6iqTAnuhVj7BJfY9aoyId1mL4ek1nJlmd15QMO
qbtOv/LhFN7P8NcH90UfB81lQ5DpOle+fs/WVSFuuxS9kpay+wg1TO+oX0U42J/h
spanmVk0/YXXzO2OrLxgBis2pzbzvE2077t9yx3j/owuW6tEAZ5TpbGZClup8ju3
zQyKOQ30GhMVU9IDGoMO845UAqh1kfNK1uINWsmYEetjbmWMxQgegK4LMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFECynytD/Eey6jPQiuJCf0mOcdcmMB8GA1UdIwQY
MBaAFGaSeysmtSFLlmXY3IX0FHCXFJlsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEt
ODAzNTJkMTQxM2Q5LzEvUUxLZkswUDhSN0xxTTlDSzRrSl9TWTV4MXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEtODAzNTJkMTQxM2Q5
LzEvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAud+jMA0E
AgACMAcDBQEqEIyAMA0GCSqGSIb3DQEBCwUAA4IBAQAWSWhoKkYl/yKrhozJx+9l
XbQTHg9DlSYslbR/CVNmtJ6w0zGawzj81cgCHXYOZvd3AWmBzJtJq8du/70otjYW
s19GNiLhD9TKaHfrTgwLMoPhHosAjBM5Elr0kI0aphr5jrZAOdb4jkG2MEaJvVNW
JkriYoT4iN9of/nOYjYrhyqaSybv8JF1llBcNaCQgK4XLc5O8iHZ3P+4Oa6NLPO0
X+2VgKczAcdu3bvHJOZxB4rjoO94dpHgxnTdZWUG8tWmX1Z1Ams9S3T7KTJGr/ST
PKt4DBKaqGF90iHDkggoK6Qb7ZONfMDaXfA2MF80hGIveW7N3x+Fm3IlYkb0g3Yw
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:04 2024 by rpki-client on console-ams.rpki-client.org