Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/CqJtTcr4maRXWDNwyH_pUyMGEww.roa
File: CqJtTcr4maRXWDNwyH_pUyMGEww.roa (raw, json)
Hash identifier: aIxSp7okMpJ98DbFnh/fqP9cC6nCQyAyiWL2Ipf3gjI=
Subject key identifier: 0A:A2:6D:4D:CA:F8:99:A4:57:58:33:70:C8:7F:E9:53:23:06:13:0C
Certificate issuer: /CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Certificate serial: 018CC42542CF5E0AD853A85EC1531618C681
Authority key identifier: 40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/CqJtTcr4maRXWDNwyH_pUyMGEww.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 109.107.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/QA_hcqDH4zxDzKruOh70LNAJ6R4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/QA_hcqDH4zxDzKruOh70LNAJ6R4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:42:cf:5e:0a:d8:53:a8:5e:c1:53:16:18:c6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aa26d4dcaf899a457583370c87fe9532306130c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:01:a3:b5:9c:79:2b:17:35:65:75:5c:d0:
4f:9c:8a:bf:5d:ba:81:e1:ec:a5:af:68:fc:2d:6b:
57:20:14:69:92:dc:49:2f:c0:59:c4:b8:1c:21:dd:
68:0b:1e:84:15:af:3b:81:b8:60:2e:00:72:81:a2:
1d:00:4a:58:0a:81:16:f2:7b:f1:a0:7e:a5:4b:a1:
25:18:8f:d8:6f:d1:f1:8a:75:a4:a2:5d:48:c7:53:
7a:01:91:46:6f:13:54:af:84:c5:22:21:b2:9c:33:
6d:ab:fc:23:0e:ee:ac:00:dd:71:e1:1a:e4:c6:b2:
57:47:58:1b:8f:1f:b4:f0:52:55:30:f0:76:02:f4:
dd:7c:1e:85:c1:80:5e:94:02:ba:77:95:61:de:87:
73:86:8e:ef:fd:87:eb:1a:e9:bc:c3:71:45:2e:1b:
f1:44:75:ae:c0:a6:2b:6b:60:b0:d1:3b:f8:f8:19:
f5:26:a5:1f:0b:a1:bb:dd:8a:b9:8d:02:76:22:b6:
a2:26:48:e8:36:ce:d0:27:0b:39:77:2c:84:fe:24:
30:23:1c:6d:3b:71:fe:30:36:9c:17:88:aa:98:0f:
02:8d:01:11:b4:99:56:bc:d7:0b:c4:a4:3e:66:bf:
77:31:83:47:c0:d5:ab:2a:94:5a:0a:81:b7:43:90:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A2:6D:4D:CA:F8:99:A4:57:58:33:70:C8:7F:E9:53:23:06:13:0C
X509v3 Authority Key Identifier:
keyid:40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/CqJtTcr4maRXWDNwyH_pUyMGEww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/QA_hcqDH4zxDzKruOh70LNAJ6R4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.145.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c6:11:f0:12:61:06:14:5b:a7:cd:cb:dd:27:04:73:ec:a0:
30:50:75:85:41:98:38:f7:26:8e:59:80:5e:00:91:e7:ec:c4:
0e:e4:7c:55:b2:fb:50:e5:81:49:ce:7b:3e:c3:af:ef:d7:69:
b0:ca:95:c4:cc:c9:b5:6d:09:01:01:c1:a0:80:f2:70:f7:cb:
71:87:4a:c8:79:6c:74:9b:ff:3b:76:7b:1a:7f:c2:1c:78:87:
4e:59:f6:54:fe:08:a4:83:8c:5b:9c:64:e1:a2:71:7b:8c:64:
a7:e9:33:16:85:db:25:08:e2:47:53:7e:ae:d9:ea:ed:89:b5:
91:81:d0:60:40:3f:4e:26:cc:2f:1f:05:58:0e:d4:21:f2:59:
45:fc:11:fc:a6:94:8f:9f:ec:23:8d:f8:1d:25:c8:be:aa:fb:
d3:10:9c:7b:a1:a0:f0:34:01:46:56:10:c9:31:72:01:96:37:
1d:17:c3:e0:ca:d3:50:06:c8:9e:ef:98:4a:54:05:ba:ed:5b:
58:be:33:d0:c7:89:66:cb:7b:d8:eb:cf:77:df:77:60:9f:87:
0b:28:62:86:0c:b8:ea:ac:26:48:24:b3:58:29:46:80:90:84:
45:45:b9:d7:c2:49:96:36:cd:db:7f:f8:e1:51:a0:44:58:d3:
ea:02:68:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJULPXgrYU6hewVMWGMaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGZlMTcyYTBjN2UzM2M0M2NjYWFlZTNhMWVmNDJjZDAw
OWU5MWUwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEyNmQ0ZGNhZjg5OWE0NTc1ODMzNzBjODdmZTk1MzIzMDYxMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlScBo7WceSsXNWV1XNBPnIq/XbqB
4eylr2j8LWtXIBRpktxJL8BZxLgcId1oCx6EFa87gbhgLgBygaIdAEpYCoEW8nvx
oH6lS6ElGI/Yb9HxinWkol1Ix1N6AZFGbxNUr4TFIiGynDNtq/wjDu6sAN1x4Rrk
xrJXR1gbjx+08FJVMPB2AvTdfB6FwYBelAK6d5Vh3odzho7v/YfrGum8w3FFLhvx
RHWuwKYra2Cw0Tv4+Bn1JqUfC6G73Yq5jQJ2IraiJkjoNs7QJws5dyyE/iQwIxxt
O3H+MDacF4iqmA8CjQERtJlWvNcLxKQ+Zr93MYNHwNWrKpRaCoG3Q5DGzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqibU3K+JmkV1gzcMh/6VMjBhMMMB8GA1UdIwQY
MBaAFEAP4XKgx+M8Q8yq7joe9CzQCekeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFfaGNxREg0enhEektydU9oNzBMTkFKNlI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mYTU3ODItODAxYy00ODkzLTkzMjgt
M2UwYjg0NDc4YjlkLzEvQ3FKdFRjcjRtYVJYV0ROd3lIX3BVeU1HRXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mYTU3ODItODAxYy00ODkzLTkzMjgtM2UwYjg0NDc4Yjlk
LzEvUUFfaGNxREg0enhEektydU9oNzBMTkFKNlI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuRMA0G
CSqGSIb3DQEBCwUAA4IBAQBJxhHwEmEGFFunzcvdJwRz7KAwUHWFQZg49yaOWYBe
AJHn7MQO5HxVsvtQ5YFJzns+w6/v12mwypXEzMm1bQkBAcGggPJw98txh0rIeWx0
m/87dnsaf8IceIdOWfZU/gikg4xbnGThonF7jGSn6TMWhdslCOJHU36u2ertibWR
gdBgQD9OJswvHwVYDtQh8llF/BH8ppSPn+wjjfgdJci+qvvTEJx7oaDwNAFGVhDJ
MXIBljcdF8PgytNQBsie75hKVAW67VtYvjPQx4lmy3vY689333dgn4cLKGKGDLjq
rCZIJLNYKUaAkIRFRbnXwkmWNs3bf/jhUaBEWNPqAmiV
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:13:15 2024 by rpki-client on console-fra.rpki-client.org