Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/QJZZm1l8HlG4iLfHYInW9Vp9K1g.roa
File: QJZZm1l8HlG4iLfHYInW9Vp9K1g.roa (raw, json)
Hash identifier: Q9J+gRipddUXliNqsKRpg0v8hfnYfmMUiLuS0wdAkc4=
Subject key identifier: 40:96:59:9B:59:7C:1E:51:B8:88:B7:C7:60:89:D6:F5:5A:7D:2B:58
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 018CC870F258D186B70CF818029E6F2CC899
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/QJZZm1l8HlG4iLfHYInW9Vp9K1g.roa
Signing time: Tue 02 Jan 2024 04:31:34 +0000
ROA not before: Tue 02 Jan 2024 04:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51170
IP address blocks: 185.185.77.0/24 maxlen: 24
185.185.78.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:f2:58:d1:86:b7:0c:f8:18:02:9e:6f:2c:c8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jan 2 04:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4096599b597c1e51b888b7c76089d6f55a7d2b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:72:a9:a0:72:54:d9:58:51:81:52:a3:d5:
b3:48:9f:73:a3:76:70:a3:12:15:87:fa:57:df:98:
3d:1a:ad:4d:6a:88:fd:5d:4f:5c:25:b3:9d:62:ea:
d1:81:4a:c6:6e:3e:9f:e1:60:bc:0a:01:95:06:b8:
53:71:a1:46:e1:88:08:76:ed:04:8c:8b:1e:65:50:
a8:40:df:a0:b7:01:8e:08:29:d8:3e:c2:6a:f9:8f:
d0:0d:ba:a8:37:34:e9:c9:46:b7:ae:29:5e:cc:23:
3a:06:40:83:64:34:5d:97:35:c3:43:f1:d4:b4:64:
93:92:17:73:33:24:de:c8:8b:a7:ff:95:43:da:2e:
3c:c5:b6:39:25:aa:7c:0a:de:af:d4:1c:19:34:09:
29:71:e1:45:57:e4:15:78:63:ca:5e:08:6e:28:d1:
3a:0f:49:99:21:4f:4c:83:85:3c:2e:a1:d0:26:48:
d7:39:c3:00:ac:72:b4:d2:fb:97:f0:2f:ac:27:f0:
80:97:c0:cf:bd:d2:9e:95:7a:52:8c:cb:1a:57:4a:
5b:a6:c6:f3:ac:b2:a7:51:a5:9c:b6:91:06:4a:42:
c0:82:db:50:8a:ff:a3:5e:e6:5f:f8:b2:a8:dc:ff:
49:2d:d7:43:0c:d6:0d:df:4d:84:79:54:3d:a9:9d:
7f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:96:59:9B:59:7C:1E:51:B8:88:B7:C7:60:89:D6:F5:5A:7D:2B:58
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/QJZZm1l8HlG4iLfHYInW9Vp9K1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
Signature Algorithm: sha256WithRSAEncryption
86:7d:08:e3:89:ba:d4:5c:3f:d8:61:c9:ee:1c:95:27:1f:dd:
a2:11:b3:57:8f:12:75:20:6b:8d:90:48:8f:18:dd:de:9a:73:
21:93:64:55:e7:d0:87:9d:9c:c6:04:7c:01:45:60:04:87:8e:
31:de:26:f7:4a:92:8c:2a:9a:f5:75:0e:b6:ea:20:ab:26:e9:
d9:d8:14:c4:ec:f6:4c:57:d0:7a:54:b6:05:16:7c:c9:6f:48:
24:33:a7:3c:aa:a4:34:a5:e8:9e:e3:84:2c:a5:f6:3a:23:46:
77:46:49:38:e3:9d:e0:76:8e:c4:ab:d6:94:1c:95:24:57:ef:
b2:c0:2f:af:70:ee:ef:8e:6e:ca:6f:6a:94:69:1b:f7:1f:05:
42:94:38:55:2a:b1:64:67:96:c9:0e:50:8b:a0:f8:3d:8a:84:
a4:2d:5f:07:82:1e:cc:06:69:fa:63:3d:38:5c:be:8f:ab:3b:
35:36:18:cd:c2:35:fb:d8:b6:83:54:bb:3c:5c:2a:3a:65:1c:
97:12:52:01:82:ea:1d:4c:01:81:90:f5:77:17:d4:56:c9:e5:
d2:36:5b:ee:62:c2:8c:ad:59:dd:63:6f:29:a8:f4:32:64:e2:
58:b2:d9:5f:c4:b0:82:40:54:c2:7f:00:6d:ec:9f:e7:cc:6c:
f0:f0:2a:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIcPJY0Ya3DPgYAp5vLMiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjQwMTAyMDQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk2NTk5YjU5N2MxZTUxYjg4OGI3Yzc2MDg5ZDZmNTVhN2QyYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRxyqaByVNlYUYFSo9WzSJ9zo3Zw
oxIVh/pX35g9Gq1Naoj9XU9cJbOdYurRgUrGbj6f4WC8CgGVBrhTcaFG4YgIdu0E
jIseZVCoQN+gtwGOCCnYPsJq+Y/QDbqoNzTpyUa3rilezCM6BkCDZDRdlzXDQ/HU
tGSTkhdzMyTeyIun/5VD2i48xbY5Jap8Ct6v1BwZNAkpceFFV+QVeGPKXghuKNE6
D0mZIU9Mg4U8LqHQJkjXOcMArHK00vuX8C+sJ/CAl8DPvdKelXpSjMsaV0pbpsbz
rLKnUaWctpEGSkLAgttQiv+jXuZf+LKo3P9JLddDDNYN302EeVQ9qZ1/6QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFECWWZtZfB5RuIi3x2CJ1vVafStYMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvUUpaWm0xbDhIbEc0aUxmSFlJblc5VnA5SzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQYJKoZIhvcNAQELBQADggEBAIZ9COOJutRcP9hhye4clScf
3aIRs1ePEnUga42QSI8Y3d6acyGTZFXn0IednMYEfAFFYASHjjHeJvdKkowqmvV1
DrbqIKsm6dnYFMTs9kxX0HpUtgUWfMlvSCQzpzyqpDSl6J7jhCyl9jojRndGSTjj
neB2jsSr1pQclSRX77LAL69w7u+ObspvapRpG/cfBUKUOFUqsWRnlskOUIug+D2K
hKQtXweCHswGafpjPThcvo+rOzU2GM3CNfvYtoNUuzxcKjplHJcSUgGC6h1MAYGQ
9XcX1FbJ5dI2W+5iwoytWd1jbymo9DJk4liy2V/EsIJAVMJ/AG3sn+fMbPDwKng=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:59:05 2024 by rpki-client on console-fra.rpki-client.org