Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/QLO2VyVtyhzo35Mp7Hn5Fnanlz8.roa
File: QLO2VyVtyhzo35Mp7Hn5Fnanlz8.roa (raw, json)
Hash identifier: OMCwpAgfsNKBBKaK3GJopD7aAY0Bz+29a2mFhlZxDsM=
Subject key identifier: 40:B3:B6:57:25:6D:CA:1C:E8:DF:93:29:EC:79:F9:16:76:A7:97:3F
Certificate issuer: /CN=0502861f923c7ec1132b548f7abb861baca1f406
Certificate serial: 018CC86F051235F9AE5C55FC971D6BB2B0F6
Authority key identifier: 05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/QLO2VyVtyhzo35Mp7Hn5Fnanlz8.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 185.104.28.0/22 maxlen: 24
2a06:2ec0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 22:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:05:12:35:f9:ae:5c:55:fc:97:1d:6b:b2:b0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0502861f923c7ec1132b548f7abb861baca1f406
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b3b657256dca1ce8df9329ec79f91676a7973f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d1:15:b5:0a:5f:2a:4e:7c:8a:a5:81:ad:84:
3a:77:b0:04:8d:b1:c3:69:6e:53:b2:5b:84:9a:03:
61:f3:8d:22:a1:27:0a:29:50:d7:2b:e7:11:96:aa:
f2:d9:4e:8e:3c:e8:4e:b3:45:28:54:48:9e:22:69:
eb:2c:8c:58:5c:c5:69:ca:b6:5e:5a:cc:d8:f1:fb:
49:cf:35:7c:f7:58:d8:de:b5:e8:2d:49:81:4a:b0:
a1:18:c7:bb:aa:44:d1:f0:9b:57:65:91:40:96:bc:
f6:1b:de:af:41:46:d6:51:40:dd:48:c9:2e:31:99:
2c:81:96:20:6d:12:1b:20:77:31:2b:d2:5c:fa:48:
3d:14:b6:6d:d5:be:84:ee:79:3d:86:8f:9b:b7:59:
96:dc:b5:91:a0:06:e1:23:dc:50:9e:20:64:29:a4:
96:f3:a0:0f:23:ab:f5:3e:89:48:78:db:d6:dc:fc:
9e:6c:81:6b:4e:d6:15:52:ee:b5:d0:d3:a5:c5:cd:
79:cf:87:5f:47:37:6e:94:01:04:95:0d:e6:8a:51:
4c:35:19:2d:fd:41:f6:26:3c:dc:7d:77:e1:43:d1:
c2:c5:a8:4e:5d:43:cc:11:d5:26:ef:cd:b8:30:d8:
6b:4f:04:f0:c4:df:89:e9:d8:7f:30:2d:77:41:9d:
e9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B3:B6:57:25:6D:CA:1C:E8:DF:93:29:EC:79:F9:16:76:A7:97:3F
X509v3 Authority Key Identifier:
keyid:05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/QLO2VyVtyhzo35Mp7Hn5Fnanlz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.28.0/22
IPv6:
2a06:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
42:dd:42:e0:34:5c:19:0b:d5:ce:86:e1:36:5c:53:30:bb:f6:
b4:32:7a:fe:ac:9e:65:92:b1:97:8a:fc:20:4d:22:09:29:4b:
0d:52:6d:1d:14:6f:72:45:79:00:f0:aa:3b:05:41:a8:19:8c:
ed:7d:61:15:16:1c:3b:9f:7f:ea:83:ce:32:72:02:60:6b:a5:
6b:18:43:f1:6c:c2:cd:f3:28:85:fb:5c:e7:b9:24:af:28:f0:
af:26:2f:b5:07:a4:ba:f2:33:45:c9:d2:47:ca:1a:0a:09:7a:
76:21:31:25:4f:44:83:11:f2:bd:60:b6:c9:e3:ae:3b:28:9b:
d9:d4:76:6b:b9:52:28:92:ee:7b:6b:7d:0b:49:8e:17:6b:d2:
26:aa:de:11:0c:73:de:b2:9a:e2:7b:ce:cc:dc:06:04:3c:be:
f1:62:d1:e2:8b:99:96:6e:d2:ba:9f:86:5b:ad:f9:f2:2b:d8:
fa:35:ab:9d:47:83:b4:26:00:4b:eb:69:cf:1d:c9:1e:ae:c9:
47:d7:a8:c4:df:5a:39:b5:ee:4c:66:33:f2:8e:aa:7b:d7:5e:
fd:1f:bb:3c:b6:ff:44:8a:87:71:9b:b8:5d:03:4b:f8:20:e4:
9a:c4:c0:2d:ec:e6:5c:54:e0:2d:41:fb:67:b2:b3:95:50:a5:
8e:8f:67:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbwUSNfmuXFX8lx1rsrD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI4NjFmOTIzYzdlYzExMzJiNTQ4ZjdhYmI4NjFiYWNh
MWY0MDYwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIzYjY1NzI1NmRjYTFjZThkZjkzMjllYzc5ZjkxNjc2YTc5NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09EVtQpfKk58iqWBrYQ6d7AEjbHD
aW5TsluEmgNh840ioScKKVDXK+cRlqry2U6OPOhOs0UoVEieImnrLIxYXMVpyrZe
WszY8ftJzzV891jY3rXoLUmBSrChGMe7qkTR8JtXZZFAlrz2G96vQUbWUUDdSMku
MZksgZYgbRIbIHcxK9Jc+kg9FLZt1b6E7nk9ho+bt1mW3LWRoAbhI9xQniBkKaSW
86API6v1PolIeNvW3PyebIFrTtYVUu610NOlxc15z4dfRzdulAEElQ3milFMNRkt
/UH2JjzcfXfhQ9HCxahOXUPMEdUm7824MNhrTwTwxN+J6dh/MC13QZ3pgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFECztlclbcoc6N+TKex5+RZ2p5c/MB8GA1UdIwQY
MBaAFAUChh+SPH7BEytUj3q7hhusofQGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQt
MGM2NGRlYmU5ZWM0LzEvUUxPMlZ5VnR5aHpvMzVNcDdIbjVGbmFubHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQtMGM2NGRlYmU5ZWM0
LzEvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWgcMA0E
AgACMAcDBQMqBi7AMA0GCSqGSIb3DQEBCwUAA4IBAQBC3ULgNFwZC9XOhuE2XFMw
u/a0Mnr+rJ5lkrGXivwgTSIJKUsNUm0dFG9yRXkA8Ko7BUGoGYztfWEVFhw7n3/q
g84ycgJga6VrGEPxbMLN8yiF+1znuSSvKPCvJi+1B6S68jNFydJHyhoKCXp2ITEl
T0SDEfK9YLbJ4647KJvZ1HZruVIoku57a30LSY4Xa9Imqt4RDHPesprie87M3AYE
PL7xYtHii5mWbtK6n4ZbrfnyK9j6NaudR4O0JgBL62nPHckerslH16jE31o5te5M
ZjPyjqp71179H7s8tv9Eiodxm7hdA0v4IOSaxMAt7OZcVOAtQftnsrOVUKWOj2fo
-----END CERTIFICATE-----
Generated at Fri May 17 06:46:41 2024 by rpki-client on console-fra.rpki-client.org