Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/QOEZZD4JI-4CLpe74W4ZcpwmgH4.roa
File: QOEZZD4JI-4CLpe74W4ZcpwmgH4.roa (raw, json)
Hash identifier: EsAflJMUWBTSMNKA5HNcZ90yWQF/cofZEDfeNoz5XBk=
Subject key identifier: 40:E1:19:64:3E:09:23:EE:02:2E:97:BB:E1:6E:19:72:9C:26:80:7E
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF30808CD5B59DB54A9639E518C277
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/QOEZZD4JI-4CLpe74W4ZcpwmgH4.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202356
IP address blocks: 147.234.87.0/24 maxlen: 24
147.234.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:30:80:8c:d5:b5:9d:b5:4a:96:39:e5:18:c2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e119643e0923ee022e97bbe16e19729c26807e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:73:42:7b:7e:ac:91:b5:3d:16:c4:24:4c:
4d:16:1c:71:38:f0:f3:94:38:c4:19:dd:2d:26:59:
a5:14:97:38:dc:9c:98:bf:2e:53:f5:13:92:ee:26:
ad:ff:88:5e:1d:d4:67:fc:a8:9c:8d:46:e2:5b:59:
76:07:b9:72:71:f6:fb:58:f5:12:83:bb:0d:17:59:
d5:cb:62:9d:10:98:1a:7a:e9:59:d5:a1:be:50:e7:
a2:ea:62:57:cf:5f:8c:dc:43:29:8d:b9:5a:00:1b:
da:62:80:2c:e0:ae:b4:97:eb:96:3c:c4:bf:46:57:
35:fb:bf:9a:80:8b:d1:c9:15:ae:19:eb:05:23:73:
71:f8:72:04:7d:27:9d:d9:03:cb:49:b4:1e:af:07:
11:d7:ec:9c:36:76:4e:01:2e:70:5f:c9:3d:ab:aa:
f0:59:e5:04:11:65:06:3e:8d:20:b2:83:49:4b:07:
5e:ca:88:64:59:54:83:e2:c1:c3:32:0d:d3:d5:7e:
31:a6:a5:0c:a7:8d:da:09:f7:1e:eb:d5:e6:95:eb:
43:97:64:69:82:21:ba:98:f9:04:45:21:e5:d9:df:
3c:b5:87:8b:da:fc:9c:60:48:63:1f:bb:81:b1:d6:
32:bd:dd:9f:09:7b:98:60:cb:07:a2:a6:ba:ea:8d:
14:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E1:19:64:3E:09:23:EE:02:2E:97:BB:E1:6E:19:72:9C:26:80:7E
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/QOEZZD4JI-4CLpe74W4ZcpwmgH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.32.0/24
147.234.87.0/24
Signature Algorithm: sha256WithRSAEncryption
49:4d:6f:36:93:28:5e:2e:92:ad:2f:44:74:46:a7:1c:46:b4:
62:2c:c2:11:83:bc:8b:69:57:63:00:f6:c3:82:af:95:be:00:
03:ce:19:e4:6d:5c:17:97:07:b4:13:0a:bc:08:de:8d:a6:85:
17:ce:05:77:21:e5:a4:0e:4b:8d:91:b3:ab:e5:86:b9:8a:3a:
e5:04:53:59:8d:9e:99:50:5b:da:ad:c2:1b:85:b9:45:09:0c:
98:76:a2:66:ce:9a:26:c4:17:4c:db:2b:f5:27:38:be:78:15:
2a:29:f8:22:c6:81:01:06:81:42:cb:fb:de:0a:3d:a8:da:a0:
92:31:75:f3:9d:cb:8b:13:71:62:32:ac:37:0a:de:41:99:7e:
f1:91:5f:65:92:64:29:28:43:2d:27:f5:47:5d:7b:7a:0b:c3:
d6:9b:00:b0:b5:cf:59:e2:91:47:84:91:c4:58:ba:a5:73:5f:
d9:27:2e:71:33:72:95:6e:2f:cc:a3:d5:af:83:c2:1c:6c:02:
c4:56:8c:77:3e:c9:f8:95:1f:22:fd:0b:70:bf:cc:20:6f:aa:
0a:55:a8:08:13:87:49:36:54:bc:eb:2f:cb:78:26:2a:d5:e0:
c6:ab:c0:b2:44:ad:75:68:46:fe:d8:8c:e6:9e:da:3c:8f:78:
17:9d:32:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3zCAjNW1nbVKljnlGMJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUxMTk2NDNlMDkyM2VlMDIyZTk3YmJlMTZlMTk3MjljMjY4MDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLhzQnt+rJG1PRbEJExNFhxxOPDz
lDjEGd0tJlmlFJc43JyYvy5T9ROS7iat/4heHdRn/KicjUbiW1l2B7lycfb7WPUS
g7sNF1nVy2KdEJgaeulZ1aG+UOei6mJXz1+M3EMpjblaABvaYoAs4K60l+uWPMS/
Rlc1+7+agIvRyRWuGesFI3Nx+HIEfSed2QPLSbQerwcR1+ycNnZOAS5wX8k9q6rw
WeUEEWUGPo0gsoNJSwdeyohkWVSD4sHDMg3T1X4xpqUMp43aCfce69XmletDl2Rp
giG6mPkERSHl2d88tYeL2vycYEhjH7uBsdYyvd2fCXuYYMsHoqa66o0U9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDhGWQ+CSPuAi6Xu+FuGXKcJoB+MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvUU9FWlpENEpJLTRDTHBlNzRXNFpjcHdtZ0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk+ogAwQA
k+pXMA0GCSqGSIb3DQEBCwUAA4IBAQBJTW82kyheLpKtL0R0RqccRrRiLMIRg7yL
aVdjAPbDgq+VvgADzhnkbVwXlwe0Ewq8CN6NpoUXzgV3IeWkDkuNkbOr5Ya5ijrl
BFNZjZ6ZUFvarcIbhblFCQyYdqJmzpomxBdM2yv1Jzi+eBUqKfgixoEBBoFCy/ve
Cj2o2qCSMXXzncuLE3FiMqw3Ct5BmX7xkV9lkmQpKEMtJ/VHXXt6C8PWmwCwtc9Z
4pFHhJHEWLqlc1/ZJy5xM3KVbi/Mo9Wvg8IcbALEVox3Psn4lR8i/Qtwv8wgb6oK
VagIE4dJNlS86y/LeCYq1eDGq8CyRK11aEb+2Izmnto8j3gXnTKu
-----END CERTIFICATE-----
Generated at Tue May 28 20:12:35 2024 by rpki-client on console-fra.rpki-client.org