Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/QPCcgVd0TuwiCLQdDDUYjpm9gR8.roa
File: QPCcgVd0TuwiCLQdDDUYjpm9gR8.roa (raw, json)
Hash identifier: 88ygav6yIv+VnVu9T1Qv+Gl86jFuakl9TbSKftzDTuU=
Subject key identifier: 40:F0:9C:81:57:74:4E:EC:22:08:B4:1D:0C:35:18:8E:99:BD:81:1F
Certificate issuer: /CN=ba4c685efa6a2c1045637f027a325c0aec79c015
Certificate serial: 018F39FF7F84FCDC9BF7596CAA39D76F21B9
Authority key identifier: BA:4C:68:5E:FA:6A:2C:10:45:63:7F:02:7A:32:5C:0A:EC:79:C0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/QPCcgVd0TuwiCLQdDDUYjpm9gR8.roa
Signing time: Thu 02 May 2024 15:49:56 +0000
ROA not before: Thu 02 May 2024 15:49:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12557
IP address blocks: 185.117.180.0/22 maxlen: 22
185.117.182.0/24 maxlen: 24
2a03:52a0::/32 maxlen: 32
2a03:52a0:172::/48 maxlen: 48
2a03:52a0:180::/48 maxlen: 48
2a03:52a0:181::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:ff:7f:84:fc:dc:9b:f7:59:6c:aa:39:d7:6f:21:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4c685efa6a2c1045637f027a325c0aec79c015
Validity
Not Before: May 2 15:49:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40f09c8157744eec2208b41d0c35188e99bd811f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:27:dc:bc:44:53:d8:b5:ec:81:c9:27:ff:
38:26:d4:c2:22:6b:d3:f5:8f:d6:f8:e3:5d:79:67:
d5:98:73:da:cc:eb:c7:d9:14:e3:d9:f1:15:27:ba:
73:8b:10:0c:8a:16:30:01:0a:1a:2f:ce:5a:f9:3f:
87:eb:89:eb:ea:8c:e7:c3:9e:a9:da:a8:51:93:7d:
ee:26:45:de:d8:d1:42:54:c3:39:2e:6b:c0:91:c6:
e2:21:1f:80:49:8f:ce:4a:30:40:59:7f:5c:77:ae:
b5:2c:b8:6c:5d:9f:81:fa:ee:b9:b0:37:06:86:5a:
7c:e1:dc:a6:49:75:02:e2:c1:99:4e:f7:69:35:00:
ff:67:2b:35:b9:85:97:4e:5e:b4:69:61:d1:39:ee:
c9:cb:5f:27:36:04:c4:4b:dd:e4:19:44:b3:15:91:
aa:f6:6c:18:ee:c2:54:ed:7a:e1:11:5d:7d:82:69:
28:41:b7:01:15:4f:e2:00:72:2f:6b:70:cc:e1:7b:
ef:fd:ec:99:2c:ba:33:4f:36:4b:c3:30:c5:fe:a2:
94:a9:95:a8:07:69:e3:16:50:4d:8e:e1:e1:59:ef:
d9:0d:e8:0e:c9:d2:1f:88:eb:c1:28:fa:9b:87:41:
91:a5:16:58:78:8d:42:d4:84:ab:24:43:36:71:34:
8b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F0:9C:81:57:74:4E:EC:22:08:B4:1D:0C:35:18:8E:99:BD:81:1F
X509v3 Authority Key Identifier:
keyid:BA:4C:68:5E:FA:6A:2C:10:45:63:7F:02:7A:32:5C:0A:EC:79:C0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukxoXvpqLBBFY38CejJcCux5wBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/QPCcgVd0TuwiCLQdDDUYjpm9gR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/42872a-5617-4ec2-ab8d-c8604720642d/1/ukxoXvpqLBBFY38CejJcCux5wBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.180.0/22
IPv6:
2a03:52a0::/32
Signature Algorithm: sha256WithRSAEncryption
83:2d:60:e5:80:26:b5:7b:4a:4c:3c:f2:6e:5a:cf:52:46:53:
4b:06:92:b0:9b:21:46:25:b1:3f:63:c9:c8:8b:08:4e:bc:f3:
21:c2:2c:7c:3d:f6:14:ed:d9:c4:60:24:f9:d9:7e:19:8b:03:
30:d9:d3:ba:0b:02:4f:0f:9d:58:cd:ad:10:4e:1a:cf:3f:8e:
6d:0f:bb:95:3a:77:41:7e:95:6e:e9:ae:ea:f3:8a:84:32:09:
33:4c:bf:2b:dd:f0:e1:63:ff:d6:d3:5c:49:ad:7b:3d:76:01:
a3:85:fb:cb:90:86:1c:07:3a:b8:d9:56:a3:3b:5c:dd:77:32:
47:94:87:d8:a4:53:7d:f0:aa:f7:59:04:0e:bc:62:c2:d4:82:
57:6e:0b:6a:1c:8a:6a:c8:86:58:80:1a:61:bb:19:ea:70:99:
76:ac:4e:f5:fa:de:1e:1d:e1:53:88:67:e5:7e:e3:b3:24:4c:
d1:8f:59:f8:92:de:3e:20:fe:ef:06:c7:fc:6a:e5:0f:3d:8d:
5b:7a:15:e8:f7:a7:8d:5f:28:e3:ab:8c:d7:98:1f:b6:c0:d2:
10:64:18:37:d3:dc:68:1b:a2:21:00:46:35:ec:57:12:aa:8b:
5c:6b:fd:c8:b6:23:ce:18:7c:5f:af:54:98:d7:b2:5f:3c:e6:
fb:a2:6a:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY85/3+E/Nyb91lsqjnXbyG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGM2ODVlZmE2YTJjMTA0NTYzN2YwMjdhMzI1YzBhZWM3
OWMwMTUwHhcNMjQwNTAyMTU0OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYwOWM4MTU3NzQ0ZWVjMjIwOGI0MWQwYzM1MTg4ZTk5YmQ4MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1kn3LxEU9i17IHJJ/84JtTCImvT
9Y/W+ONdeWfVmHPazOvH2RTj2fEVJ7pzixAMihYwAQoaL85a+T+H64nr6oznw56p
2qhRk33uJkXe2NFCVMM5LmvAkcbiIR+ASY/OSjBAWX9cd661LLhsXZ+B+u65sDcG
hlp84dymSXUC4sGZTvdpNQD/Zys1uYWXTl60aWHROe7Jy18nNgTES93kGUSzFZGq
9mwY7sJU7XrhEV19gmkoQbcBFU/iAHIva3DM4Xvv/eyZLLozTzZLwzDF/qKUqZWo
B2njFlBNjuHhWe/ZDegOydIfiOvBKPqbh0GRpRZYeI1C1ISrJEM2cTSLpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDwnIFXdE7sIgi0HQw1GI6ZvYEfMB8GA1UdIwQY
MBaAFLpMaF76aiwQRWN/AnoyXArsecAVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWt4b1h2cHFMQkJGWTM4Q2VqSmNDdXg1d0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80Mjg3MmEtNTYxNy00ZWMyLWFiOGQt
Yzg2MDQ3MjA2NDJkLzEvUVBDY2dWZDBUdXdpQ0xRZEREVVlqcG05Z1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80Mjg3MmEtNTYxNy00ZWMyLWFiOGQtYzg2MDQ3MjA2NDJk
LzEvdWt4b1h2cHFMQkJGWTM4Q2VqSmNDdXg1d0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXW0MA0E
AgACMAcDBQAqA1KgMA0GCSqGSIb3DQEBCwUAA4IBAQCDLWDlgCa1e0pMPPJuWs9S
RlNLBpKwmyFGJbE/Y8nIiwhOvPMhwix8PfYU7dnEYCT52X4ZiwMw2dO6CwJPD51Y
za0QThrPP45tD7uVOndBfpVu6a7q84qEMgkzTL8r3fDhY//W01xJrXs9dgGjhfvL
kIYcBzq42VajO1zddzJHlIfYpFN98Kr3WQQOvGLC1IJXbgtqHIpqyIZYgBphuxnq
cJl2rE71+t4eHeFTiGflfuOzJEzRj1n4kt4+IP7vBsf8auUPPY1behXo96eNXyjj
q4zXmB+2wNIQZBg309xoG6IhAEY17FcSqotca/3ItiPOGHxfr1SY17JfPOb7omr5
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:37:16 2024 by rpki-client on console-fra.rpki-client.org