Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/QwwAb2l90khno-2jaMfBRPoeDZ0.roa
File: QwwAb2l90khno-2jaMfBRPoeDZ0.roa (raw, json)
Hash identifier: NNnV0yC+kIsIZpnHWbTx6ioy1Ma9jO4uPAirfZcYGUU=
Subject key identifier: 43:0C:00:6F:69:7D:D2:48:67:A3:ED:A3:68:C7:C1:44:FA:1E:0D:9D
Certificate issuer: /CN=7d0b44e492549e1b7da532c80c348850c5a44e80
Certificate serial: 018CC793577C8F57B9F90DBCE74E339E7D5E
Authority key identifier: 7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/QwwAb2l90khno-2jaMfBRPoeDZ0.roa
Signing time: Tue 02 Jan 2024 00:29:31 +0000
ROA not before: Tue 02 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 185.83.40.0/22 maxlen: 22
2a05:9800::/29 maxlen: 29
2a05:9804::/32 maxlen: 32
2a05:9800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:57:7c:8f:57:b9:f9:0d:bc:e7:4e:33:9e:7d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0b44e492549e1b7da532c80c348850c5a44e80
Validity
Not Before: Jan 2 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=430c006f697dd24867a3eda368c7c144fa1e0d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:19:8e:c1:41:20:73:89:5e:ce:b1:3d:e2:
0b:2b:05:f2:a6:0f:5b:a2:cd:da:7a:d9:cf:53:88:
dd:d6:90:4e:03:ea:46:ba:9d:a4:ed:1a:39:9c:ff:
bc:4e:40:3b:f5:87:9f:61:d0:3c:1e:b3:e4:cb:d1:
d1:8a:7f:eb:50:20:6d:93:49:ea:20:38:df:67:31:
87:e8:32:05:bd:e8:51:e7:31:e6:d1:a3:fb:bf:a9:
10:d7:55:28:b7:46:32:9a:91:61:7c:bf:73:d2:c4:
1e:65:c3:79:1c:5c:34:37:18:5d:32:cc:28:d3:f6:
bf:9c:02:de:2b:9d:97:10:81:be:58:a5:6f:7f:69:
73:be:6f:13:ba:0b:2c:f5:65:48:bf:2d:96:dc:79:
4b:90:1f:d8:00:25:87:a2:31:9f:0b:98:f3:d9:d9:
57:8a:35:c8:6c:bd:83:4b:37:ef:f9:96:37:a0:8e:
51:68:c2:cf:35:21:15:a7:ad:d9:72:81:1d:d7:b4:
d9:3a:cd:7c:84:89:b8:dd:5e:d8:49:0d:64:13:52:
26:36:b1:4c:0e:98:55:26:7b:0a:a8:6b:c1:75:53:
34:bc:b7:64:ad:47:fb:c2:83:6d:cd:03:da:5c:6c:
09:e3:ed:21:79:bf:a4:b2:65:3e:fa:1b:9f:52:69:
4b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:0C:00:6F:69:7D:D2:48:67:A3:ED:A3:68:C7:C1:44:FA:1E:0D:9D
X509v3 Authority Key Identifier:
keyid:7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/QwwAb2l90khno-2jaMfBRPoeDZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.40.0/22
IPv6:
2a05:9800::/29
Signature Algorithm: sha256WithRSAEncryption
60:f4:c9:71:dd:59:0b:0f:b3:d9:b0:fc:b2:9e:af:ac:db:5c:
ae:d1:e1:79:1e:96:9c:18:bd:49:34:b8:3e:84:a0:56:38:7a:
49:f6:0a:c0:26:70:8a:15:57:22:04:f9:53:d8:4d:1c:d1:9d:
17:66:b0:e3:05:74:ed:88:2f:f2:30:6a:57:47:6b:78:51:16:
48:3d:a2:5d:68:d1:86:64:27:d2:fd:2e:aa:7e:7f:d5:bf:69:
77:38:37:dc:3e:99:e1:c5:08:56:8a:04:32:96:77:36:84:a9:
2d:01:17:05:05:71:f0:17:45:48:07:bb:b8:7c:38:11:ab:08:
e1:e6:c4:8c:b8:43:5f:a2:3b:9d:e3:c9:f8:b0:07:d4:c9:f7:
58:ef:a1:2c:6e:8e:a4:1c:d3:e1:c8:45:da:78:5c:eb:11:e7:
a0:91:ab:e2:a0:50:56:0b:20:99:7b:fc:dc:8b:a9:f5:5f:e3:
23:f5:29:e3:56:06:01:6f:4a:e2:19:a5:27:f2:83:69:9e:db:
12:ea:8f:1b:70:f9:e3:a8:85:3f:95:d3:89:45:5f:39:24:83:
a8:42:29:bb:f5:c4:29:69:79:a1:3c:da:b0:de:7c:3a:98:d9:
7d:d3:91:84:c6:17:22:0e:c2:9f:bf:9f:a2:be:02:c1:73:e3:
ea:61:e3:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk1d8j1e5+Q28504znn1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGI0NGU0OTI1NDllMWI3ZGE1MzJjODBjMzQ4ODUwYzVh
NDRlODAwHhcNMjQwMTAyMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzBjMDA2ZjY5N2RkMjQ4NjdhM2VkYTM2OGM3YzE0NGZhMWUwZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO0ZjsFBIHOJXs6xPeILKwXypg9b
os3aetnPU4jd1pBOA+pGup2k7Ro5nP+8TkA79YefYdA8HrPky9HRin/rUCBtk0nq
IDjfZzGH6DIFvehR5zHm0aP7v6kQ11Uot0YympFhfL9z0sQeZcN5HFw0NxhdMswo
0/a/nALeK52XEIG+WKVvf2lzvm8Tugss9WVIvy2W3HlLkB/YACWHojGfC5jz2dlX
ijXIbL2DSzfv+ZY3oI5RaMLPNSEVp63ZcoEd17TZOs18hIm43V7YSQ1kE1ImNrFM
DphVJnsKqGvBdVM0vLdkrUf7woNtzQPaXGwJ4+0heb+ksmU++hufUmlLHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEMMAG9pfdJIZ6Pto2jHwUT6Hg2dMB8GA1UdIwQY
MBaAFH0LROSSVJ4bfaUyyAw0iFDFpE6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDct
NzIwNGI4MTEyNTBmLzEvUXd3QWIybDkwa2huby0yamFNZkJSUG9lRFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDctNzIwNGI4MTEyNTBm
LzEvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVMoMA0E
AgACMAcDBQMqBZgAMA0GCSqGSIb3DQEBCwUAA4IBAQBg9Mlx3VkLD7PZsPyynq+s
21yu0eF5HpacGL1JNLg+hKBWOHpJ9grAJnCKFVciBPlT2E0c0Z0XZrDjBXTtiC/y
MGpXR2t4URZIPaJdaNGGZCfS/S6qfn/Vv2l3ODfcPpnhxQhWigQylnc2hKktARcF
BXHwF0VIB7u4fDgRqwjh5sSMuENfojud48n4sAfUyfdY76Esbo6kHNPhyEXaeFzr
EeegkavioFBWCyCZe/zci6n1X+Mj9SnjVgYBb0riGaUn8oNpntsS6o8bcPnjqIU/
ldOJRV85JIOoQim79cQpaXmhPNqw3nw6mNl905GExhciDsKfv5+ivgLBc+PqYeMe
-----END CERTIFICATE-----
Generated at Sun May 5 07:01:58 2024 by rpki-client on console-ams.rpki-client.org