Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/qMA5Wb0lFgoNqw-0corus6K0Wlc.roa
File: qMA5Wb0lFgoNqw-0corus6K0Wlc.roa (raw, json)
Hash identifier: dSUWFOJsf69PbcPIT8V+4SOsi/ESlg9B/i/idnWhmNk=
Subject key identifier: A8:C0:39:59:BD:25:16:0A:0D:AB:0F:B4:72:8A:EE:B3:A2:B4:5A:57
Certificate issuer: /CN=d2617d15db58fe3062d1badbe04d30c1949dd5ff
Certificate serial: 018D3050170026B7C54B8E1E737F79225E7D
Authority key identifier: D2:61:7D:15:DB:58:FE:30:62:D1:BA:DB:E0:4D:30:C1:94:9D:D5:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mF9FdtY_jBi0brb4E0wwZSd1f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/qMA5Wb0lFgoNqw-0corus6K0Wlc.roa
Signing time: Mon 22 Jan 2024 08:36:11 +0000
ROA not before: Mon 22 Jan 2024 08:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201542
IP address blocks: 185.71.92.0/24 maxlen: 24
185.71.93.0/24 maxlen: 24
185.71.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/0mF9FdtY_jBi0brb4E0wwZSd1f8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/0mF9FdtY_jBi0brb4E0wwZSd1f8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0mF9FdtY_jBi0brb4E0wwZSd1f8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:50:17:00:26:b7:c5:4b:8e:1e:73:7f:79:22:5e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2617d15db58fe3062d1badbe04d30c1949dd5ff
Validity
Not Before: Jan 22 08:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8c03959bd25160a0dab0fb4728aeeb3a2b45a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:aa:a0:ca:75:1a:5d:b8:1e:eb:5f:0d:93:2d:
f9:c5:5b:b1:19:52:8d:4a:4a:b1:08:d6:fb:3c:33:
dd:2e:74:36:be:3f:d4:95:94:5b:d9:31:dd:f8:47:
00:f6:8e:35:eb:bf:96:36:dc:98:c7:77:4a:00:7a:
19:8b:eb:be:6a:a0:e9:28:f9:fb:71:bc:0a:a0:7c:
21:df:a8:34:df:bb:6a:67:5d:aa:99:26:dc:2f:83:
64:1f:6c:77:ce:db:9e:85:6d:22:5b:64:05:48:75:
11:c9:bb:67:45:9e:2b:96:0f:1f:59:bf:2d:63:e1:
29:c9:62:bd:9c:bc:79:e3:66:4b:2d:d5:df:27:db:
0e:0a:ef:72:8e:1e:38:11:71:3d:c0:20:cb:2c:37:
97:98:d7:38:e1:0c:52:38:bc:c6:9c:f0:0e:dd:a3:
d0:93:62:88:5e:08:bf:35:43:be:0b:8b:ed:d1:ef:
4b:de:b3:42:97:fc:dd:34:3a:7d:0c:bc:70:8d:21:
fd:16:ba:a7:aa:62:5a:41:14:51:27:7c:a3:57:65:
ed:a3:d3:19:36:15:b4:ae:1f:fc:03:10:f7:ab:82:
f2:4b:1b:ca:24:14:1d:de:13:ad:ed:6c:48:db:4f:
4a:ae:48:f7:9b:ca:1f:17:15:94:b8:27:07:53:2b:
7f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C0:39:59:BD:25:16:0A:0D:AB:0F:B4:72:8A:EE:B3:A2:B4:5A:57
X509v3 Authority Key Identifier:
keyid:D2:61:7D:15:DB:58:FE:30:62:D1:BA:DB:E0:4D:30:C1:94:9D:D5:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mF9FdtY_jBi0brb4E0wwZSd1f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/qMA5Wb0lFgoNqw-0corus6K0Wlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/cbca0b-6453-494c-8727-57e08f61f2ec/1/0mF9FdtY_jBi0brb4E0wwZSd1f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.92.0/23
185.71.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:bb:a1:83:49:54:32:44:87:e4:6a:0b:90:16:5a:48:fd:60:
34:24:85:c1:b4:0b:10:53:14:f3:86:d8:a9:fd:0e:1b:fe:0d:
59:2a:4e:b0:bc:0f:ad:02:b0:ca:31:1e:79:3f:32:49:58:42:
ea:87:96:46:91:bc:a5:fd:59:e3:f5:ea:a8:7f:80:b7:cc:f6:
8f:7c:1c:bd:aa:71:62:13:88:1e:49:8e:82:a5:8a:f3:c3:36:
a0:08:16:9a:f3:00:18:85:37:02:d3:56:40:c0:24:3d:64:d7:
a8:23:b2:97:ef:54:b9:9c:87:b6:2a:af:c6:a5:c6:8e:03:70:
69:b4:8c:2e:f4:26:d5:66:a7:e5:60:cc:f6:8d:d5:24:d0:70:
60:df:8b:89:b2:fb:78:d2:30:57:ef:c4:c2:ce:5f:3d:54:1f:
78:1c:02:4f:94:cd:88:2a:ef:01:48:1c:29:bd:73:76:3e:ed:
af:fe:b6:8e:1e:90:55:6e:fd:de:df:d0:03:34:36:1d:0e:88:
fc:a9:ea:22:cc:1d:63:41:29:be:25:6e:e8:33:9e:91:3f:d1:
65:65:41:5f:a8:2c:2f:3c:54:cd:7f:5f:b5:05:81:c3:99:51:
60:05:cf:a9:28:d3:a4:42:8b:9a:9c:57:3e:c5:9e:e3:c5:14:
df:76:3e:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0wUBcAJrfFS44ec395Il59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjE3ZDE1ZGI1OGZlMzA2MmQxYmFkYmUwNGQzMGMxOTQ5
ZGQ1ZmYwHhcNMjQwMTIyMDgzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMwMzk1OWJkMjUxNjBhMGRhYjBmYjQ3MjhhZWViM2EyYjQ1YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKqgynUaXbge618Nky35xVuxGVKN
SkqxCNb7PDPdLnQ2vj/UlZRb2THd+EcA9o4167+WNtyYx3dKAHoZi+u+aqDpKPn7
cbwKoHwh36g037tqZ12qmSbcL4NkH2x3ztuehW0iW2QFSHURybtnRZ4rlg8fWb8t
Y+EpyWK9nLx542ZLLdXfJ9sOCu9yjh44EXE9wCDLLDeXmNc44QxSOLzGnPAO3aPQ
k2KIXgi/NUO+C4vt0e9L3rNCl/zdNDp9DLxwjSH9FrqnqmJaQRRRJ3yjV2Xto9MZ
NhW0rh/8AxD3q4LySxvKJBQd3hOt7WxI209Krkj3m8ofFxWUuCcHUyt/GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKjAOVm9JRYKDasPtHKK7rOitFpXMB8GA1UdIwQY
MBaAFNJhfRXbWP4wYtG62+BNMMGUndX/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1GOUZkdFlfakJpMGJyYjRFMHd3WlNkMWY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9jYmNhMGItNjQ1My00OTRjLTg3Mjct
NTdlMDhmNjFmMmVjLzEvcU1BNVdiMGxGZ29OcXctMGNvcnVzNkswV2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9jYmNhMGItNjQ1My00OTRjLTg3MjctNTdlMDhmNjFmMmVj
LzEvMG1GOUZkdFlfakJpMGJyYjRFMHd3WlNkMWY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuUdcAwQA
uUdfMA0GCSqGSIb3DQEBCwUAA4IBAQBdu6GDSVQyRIfkaguQFlpI/WA0JIXBtAsQ
UxTzhtip/Q4b/g1ZKk6wvA+tArDKMR55PzJJWELqh5ZGkbyl/Vnj9eqof4C3zPaP
fBy9qnFiE4geSY6CpYrzwzagCBaa8wAYhTcC01ZAwCQ9ZNeoI7KX71S5nIe2Kq/G
pcaOA3BptIwu9CbVZqflYMz2jdUk0HBg34uJsvt40jBX78TCzl89VB94HAJPlM2I
Ku8BSBwpvXN2Pu2v/raOHpBVbv3e39ADNDYdDoj8qeoizB1jQSm+JW7oM56RP9Fl
ZUFfqCwvPFTNf1+1BYHDmVFgBc+pKNOkQouanFc+xZ7jxRTfdj7c
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:42:46 2024 by rpki-client on console-ams.rpki-client.org