Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/QPUWXbUGz0umv7Yco8c9JmQVZ74.roa
File: QPUWXbUGz0umv7Yco8c9JmQVZ74.roa (raw, json)
Hash identifier: ObrkEY0e9HVkoDtWktdfXZG/YFqjkQ3f4azSdrr7fjo=
Subject key identifier: 40:F5:16:5D:B5:06:CF:4B:A6:BF:B6:1C:A3:C7:3D:26:64:15:67:BE
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 019296B7F7CEDDB765F6B0F2B96FCBC861E6
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/QPUWXbUGz0umv7Yco8c9JmQVZ74.roa
Signing time: Wed 16 Oct 2024 19:04:51 +0000
ROA not before: Wed 16 Oct 2024 19:04:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.68.144/28 maxlen: 28
185.104.68.240/29 maxlen: 29
185.104.70.0/24 maxlen: 24
185.104.70.0/28 maxlen: 28
185.104.70.32/30 maxlen: 30
185.104.70.220/30 maxlen: 30
185.104.71.0/24 maxlen: 24
185.104.71.0/28 maxlen: 28
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
185.104.71.24/30 maxlen: 30
185.104.71.28/30 maxlen: 30
185.104.71.32/28 maxlen: 28
185.104.71.176/29 maxlen: 29
2a06:3480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:b7:f7:ce:dd:b7:65:f6:b0:f2:b9:6f:cb:c8:61:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Oct 16 19:04:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40f5165db506cf4ba6bfb61ca3c73d26641567be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a0:15:11:8a:e6:73:82:6d:4c:f6:28:1a:2f:
92:f8:6d:fa:58:6e:51:f0:4a:88:9b:a9:6d:9d:ae:
73:30:90:fb:8e:5a:bc:78:59:0d:c1:f0:25:c4:c1:
14:f8:29:f3:aa:26:86:7b:29:2a:d4:16:da:1b:44:
c3:ba:50:0e:14:da:19:60:73:e4:d6:3d:58:ea:90:
f2:cd:27:8b:3f:cb:a6:21:05:bb:67:b1:8f:70:e5:
40:7c:1b:fc:7e:26:79:11:5e:72:e1:b4:fb:25:84:
17:f9:5a:71:cc:7e:93:ca:a1:f8:19:4f:0c:b7:46:
49:26:45:af:37:77:e2:c3:9a:55:5e:cb:59:58:e5:
17:87:c7:dd:13:12:64:2f:e8:d5:ba:02:17:39:0e:
8a:e1:f5:49:f3:8e:38:d2:40:cf:d6:f1:be:ca:d5:
c8:d9:69:a6:9a:b1:1c:31:8f:ab:a7:57:bc:03:73:
12:75:0d:19:d5:c5:69:7b:31:ff:e6:97:3c:a4:3f:
68:e5:95:bb:cb:ca:b0:22:54:a0:ac:1d:df:88:aa:
ed:25:ce:ed:49:f6:3e:b4:cb:3a:97:c4:a9:ec:10:
8b:95:f7:0b:2b:16:4d:6e:b5:ca:9c:16:0e:67:15:
13:39:43:7b:0d:d1:29:5b:7b:0c:5e:6c:85:b3:78:
16:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F5:16:5D:B5:06:CF:4B:A6:BF:B6:1C:A3:C7:3D:26:64:15:67:BE
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/QPUWXbUGz0umv7Yco8c9JmQVZ74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
27:12:fb:b7:7a:9a:bf:2b:22:a1:f7:b7:70:3c:82:7d:78:11:
b2:57:f5:3b:59:c8:f5:74:1f:3a:1c:ba:16:86:f2:01:ec:69:
5d:ca:49:67:2a:f1:37:d1:e1:0f:ab:bf:70:ac:d9:43:d7:b2:
78:c2:fd:d4:cd:0f:0d:91:48:93:f2:62:2d:ab:00:5e:b1:cf:
4e:db:75:84:38:aa:4e:ab:e7:04:0e:2b:0c:05:a7:74:b9:cd:
f3:41:c0:a8:87:4d:f9:3e:2c:1e:e9:67:d2:63:60:07:51:31:
0a:65:b6:8b:c3:30:22:66:29:46:24:02:0f:ec:98:0e:e4:67:
cd:69:ec:a9:5a:96:93:52:7e:17:48:c0:a1:48:8b:5a:73:14:
40:1c:72:ab:16:ab:ef:f7:e9:a9:18:80:01:0c:a9:b2:50:e7:
6e:b6:15:8c:e2:5b:6b:ad:0b:d4:1f:e2:79:70:93:09:92:f5:
67:87:96:91:be:f3:88:6a:58:40:9d:dd:07:3d:5d:a5:83:ca:
72:ef:57:bd:a1:14:71:4a:5c:03:97:6d:52:4b:a5:1c:f0:8c:
c1:ba:8b:4b:d7:17:d6:81:f0:af:b4:77:c0:f2:8c:b3:b1:72:
25:d9:c6:ca:60:9e:a0:03:f6:db:a4:f4:1c:e3:0c:8d:de:0f:
a7:31:e9:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKWt/fO3bdl9rDyuW/LyGHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjQxMDE2MTkwNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY1MTY1ZGI1MDZjZjRiYTZiZmI2MWNhM2M3M2QyNjY0MTU2N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKAVEYrmc4JtTPYoGi+S+G36WG5R
8EqIm6ltna5zMJD7jlq8eFkNwfAlxMEU+CnzqiaGeykq1BbaG0TDulAOFNoZYHPk
1j1Y6pDyzSeLP8umIQW7Z7GPcOVAfBv8fiZ5EV5y4bT7JYQX+VpxzH6TyqH4GU8M
t0ZJJkWvN3fiw5pVXstZWOUXh8fdExJkL+jVugIXOQ6K4fVJ84440kDP1vG+ytXI
2WmmmrEcMY+rp1e8A3MSdQ0Z1cVpezH/5pc8pD9o5ZW7y8qwIlSgrB3fiKrtJc7t
SfY+tMs6l8Sp7BCLlfcLKxZNbrXKnBYOZxUTOUN7DdEpW3sMXmyFs3gWzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFED1Fl21Bs9Lpr+2HKPHPSZkFWe+MB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvUVBVV1hiVUd6MHVtdjdZY284YzlKbVFWWjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQAnEvu3epq/KyKh97dwPIJ9
eBGyV/U7Wcj1dB86HLoWhvIB7GldyklnKvE30eEPq79wrNlD17J4wv3UzQ8NkUiT
8mItqwBesc9O23WEOKpOq+cEDisMBad0uc3zQcCoh035Piwe6WfSY2AHUTEKZbaL
wzAiZilGJAIP7JgO5GfNaeypWpaTUn4XSMChSItacxRAHHKrFqvv9+mpGIABDKmy
UOduthWM4ltrrQvUH+J5cJMJkvVnh5aRvvOIalhAnd0HPV2lg8py71e9oRRxSlwD
l21SS6Uc8IzBuotL1xfWgfCvtHfA8oyzsXIl2cbKYJ6gA/bbpPQc4wyN3g+nMelG
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:47 2024 by rpki-client on console-ams.rpki-client.org