Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/QFVjGcBmqDgkmCxcPC-ydqjIa-w.roa
File: QFVjGcBmqDgkmCxcPC-ydqjIa-w.roa (raw, json)
Hash identifier: Nt4AjtSOLcVnjtcNU/k+vz+3/otZC8mkXBF5v2kV9no=
Subject key identifier: 40:55:63:19:C0:66:A8:38:24:98:2C:5C:3C:2F:B2:76:A8:C8:6B:EC
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 018CC26CF9D344B64BE9C6A4DEB8ECC76116
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/QFVjGcBmqDgkmCxcPC-ydqjIa-w.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.66.203.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
82.115.214.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.mft
rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f9:d3:44:b6:4b:e9:c6:a4:de:b8:ec:c7:61:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40556319c066a83824982c5c3c2fb276a8c86bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:16:39:f1:d4:db:62:9c:49:ac:47:a4:b0:d2:
b7:b7:61:bf:9b:79:4a:d4:45:00:81:e7:ff:93:ff:
ab:14:0c:ee:6d:ff:58:a5:f1:4c:4e:94:1c:f6:cc:
07:28:50:bf:5b:06:d4:03:d9:e4:e3:c4:53:48:70:
47:72:20:cc:94:7b:7a:4c:57:51:0f:77:74:6c:a4:
5d:bc:41:62:46:cb:b3:76:52:c0:ca:30:15:fe:7d:
d7:17:22:51:1f:bb:21:9c:53:ad:8f:1e:a8:5f:e0:
12:ff:2d:49:de:a0:a2:3a:6c:0f:e0:20:5f:e0:d1:
a4:ff:a2:ff:c9:48:bb:14:30:6d:ad:18:0f:d5:ca:
f8:5c:e5:5d:0d:a1:37:30:e3:20:2c:cb:65:28:a1:
7c:4c:77:13:c6:b6:9a:54:1f:3b:75:6b:4c:cf:a1:
ab:20:6e:17:56:f8:48:d3:22:19:ab:5e:7d:4c:29:
19:f1:88:d8:06:43:ab:a1:35:f8:c0:dc:fe:b3:a3:
5c:11:1d:4f:35:5c:0c:fa:6f:b8:f1:ed:71:96:d8:
02:d1:41:ab:4f:4a:d1:90:dd:fb:68:62:05:fd:3a:
31:12:80:62:d9:f3:79:d4:a4:a1:c7:1a:cf:45:85:
0c:44:c6:8d:b7:ac:21:aa:6d:8d:23:15:71:de:5f:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:55:63:19:C0:66:A8:38:24:98:2C:5C:3C:2F:B2:76:A8:C8:6B:EC
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/QFVjGcBmqDgkmCxcPC-ydqjIa-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:d4:8b:5f:4e:ab:48:aa:40:c6:c5:cc:e8:c6:11:b8:43:af:
a2:28:63:3c:a7:9e:f2:ad:f3:3a:75:32:6d:48:b3:a0:ee:95:
df:93:ea:49:29:8f:ea:1e:a4:1d:97:ee:a5:95:50:6a:e9:4e:
2d:72:ea:8d:6a:dc:95:27:dd:f7:c4:cf:73:2d:ee:24:4e:59:
ce:03:51:56:9d:81:42:47:f9:af:02:1a:3c:9b:85:9c:29:b4:
4b:14:3f:72:f5:c9:22:0d:bc:b5:ee:2a:8d:f4:f9:db:d7:97:
a5:2a:ac:57:c3:3c:e9:52:6e:a7:39:5f:1d:12:68:3c:d8:77:
a1:a4:dd:de:13:84:8e:5a:a4:92:9c:34:32:cd:c1:ae:d1:62:
be:ba:08:bd:2f:7f:81:5e:3d:d2:84:7f:2e:28:f0:a8:ae:b2:
41:e5:05:da:61:5e:9b:52:fe:a6:fd:27:d0:b7:00:cb:cb:a0:
57:4e:46:8c:04:aa:9e:bb:6f:15:7e:21:a3:a2:03:64:7c:ac:
47:e6:fa:76:ca:ae:7c:b4:3f:0b:94:4f:c6:60:29:8f:01:50:
82:1c:93:07:77:44:20:bd:e9:d2:ea:c6:ca:53:97:00:34:7e:
b9:10:bc:f9:65:72:e8:8b:63:29:fa:8c:b7:71:4a:18:e4:cd:
a8:24:74:95
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzCbPnTRLZL6cak3rjsx2EWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODAxYmUyMzYzZjIxMWJkMmY1NzgxOGFkZWFmOWMwZGJl
MTRiZGIwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU1NjMxOWMwNjZhODM4MjQ5ODJjNWMzYzJmYjI3NmE4Yzg2YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRY58dTbYpxJrEeksNK3t2G/m3lK
1EUAgef/k/+rFAzubf9YpfFMTpQc9swHKFC/WwbUA9nk48RTSHBHciDMlHt6TFdR
D3d0bKRdvEFiRsuzdlLAyjAV/n3XFyJRH7shnFOtjx6oX+AS/y1J3qCiOmwP4CBf
4NGk/6L/yUi7FDBtrRgP1cr4XOVdDaE3MOMgLMtlKKF8THcTxraaVB87dWtMz6Gr
IG4XVvhI0yIZq159TCkZ8YjYBkOroTX4wNz+s6NcER1PNVwM+m+48e1xltgC0UGr
T0rRkN37aGIF/ToxEoBi2fN51KShxxrPRYUMRMaNt6whqm2NIxVx3l9JhwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEBVYxnAZqg4JJgsXDwvsnaoyGvsMB8GA1UdIwQY
MBaAFKiAG+I2PyEb0vV4GK3q+cDb4UvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMt
ODQyMGFlOWUwNjIyLzEvUUZWakdjQm1xRGdrbUN4Y1BDLXlkcWpJYS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMtODQyMGFlOWUwNjIy
LzEvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnPWAwQB
uULKAwQCue0EMA8EAgACMAkDBwAqB+PAAAAwDQYJKoZIhvcNAQELBQADggEBADzU
i19Oq0iqQMbFzOjGEbhDr6IoYzynnvKt8zp1Mm1Is6Duld+T6kkpj+oepB2X7qWV
UGrpTi1y6o1q3JUn3ffEz3Mt7iROWc4DUVadgUJH+a8CGjybhZwptEsUP3L1ySIN
vLXuKo30+dvXl6UqrFfDPOlSbqc5Xx0SaDzYd6Gk3d4ThI5apJKcNDLNwa7RYr66
CL0vf4FePdKEfy4o8KiuskHlBdphXptS/qb9J9C3AMvLoFdORowEqp67bxV+IaOi
A2R8rEfm+nbKrny0PwuUT8ZgKY8BUIIckwd3RCC96dLqxspTlwA0frkQvPllcuiL
Yyn6jLdxShjkzagkdJU=
-----END CERTIFICATE-----
Generated at Thu May 2 01:31:04 2024 by rpki-client on console-ams.rpki-client.org