Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/QFNoJynQHDPkkRQ_q1jmUp9mQbg.roa
File: QFNoJynQHDPkkRQ_q1jmUp9mQbg.roa (raw, json)
Hash identifier: 69OSYX3FWri22UAuH4GB3liTOfcLf59RlugBZYWJW54=
Subject key identifier: 40:53:68:27:29:D0:1C:33:E4:91:14:3F:AB:58:E6:52:9F:66:41:B8
Certificate issuer: /CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Certificate serial: 018CC49355F877BFAB2E1CCFB143077B3126
Authority key identifier: 37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/QFNoJynQHDPkkRQ_q1jmUp9mQbg.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205315
IP address blocks: 185.222.116.0/24 maxlen: 24
2a0c:3800:ff::/48 maxlen: 48
2a0c:3800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/N4ezJLDTL7GjZ4sCxIIobUwmug8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/N4ezJLDTL7GjZ4sCxIIobUwmug8.mft
rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:55:f8:77:bf:ab:2e:1c:cf:b1:43:07:7b:31:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3787b324b0d32fb1a3678b02c482286d4c26ba0f
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4053682729d01c33e491143fab58e6529f6641b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:48:c3:07:2e:c5:cc:b6:b6:bb:a7:d2:5a:
50:66:17:9e:41:6c:f5:83:a0:1b:24:8d:46:0b:12:
6c:ef:f8:b0:00:0a:81:0b:64:d3:1a:d8:80:8a:af:
c5:90:d3:5b:b6:0c:61:e4:34:53:2b:17:3b:74:6c:
17:98:80:b2:19:eb:8e:c2:16:3a:e3:b7:b9:a9:d4:
03:2c:f8:29:43:4f:a4:9d:a3:b7:0c:5f:81:b0:f1:
b7:59:a8:16:cf:4f:d5:40:cb:98:02:77:3d:30:ba:
04:d1:10:2f:f5:80:14:bb:5f:b7:4e:b9:53:c8:58:
ce:11:7e:7a:be:2d:54:c6:d4:69:55:94:dd:81:92:
60:86:56:a4:4f:76:fd:79:e0:89:87:f7:e7:35:80:
c4:b5:50:63:83:1f:dd:63:82:d7:64:37:81:76:e0:
5f:c5:9b:71:e2:2f:94:07:80:90:46:54:6a:cc:c4:
72:f9:2e:9d:e3:b6:21:07:fe:6b:bb:4e:b0:09:34:
5d:2d:81:74:b3:76:b0:b9:64:93:b6:c6:f4:f0:a4:
44:19:da:3a:b3:63:42:55:21:fa:42:04:0a:c4:e3:
3c:cc:18:94:b3:0a:df:15:cc:58:bc:ce:20:10:ef:
c4:79:ed:13:42:8b:89:f6:4d:77:be:c3:26:d4:53:
83:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:53:68:27:29:D0:1C:33:E4:91:14:3F:AB:58:E6:52:9F:66:41:B8
X509v3 Authority Key Identifier:
keyid:37:87:B3:24:B0:D3:2F:B1:A3:67:8B:02:C4:82:28:6D:4C:26:BA:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4ezJLDTL7GjZ4sCxIIobUwmug8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/QFNoJynQHDPkkRQ_q1jmUp9mQbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/602244-7699-4103-bc7e-c4711482380e/1/N4ezJLDTL7GjZ4sCxIIobUwmug8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.116.0/24
IPv6:
2a0c:3800::/40
Signature Algorithm: sha256WithRSAEncryption
63:3a:f7:e8:56:f8:87:94:08:2a:70:be:fb:b8:3a:6d:d6:96:
69:e6:3f:98:24:74:57:b4:12:84:71:19:01:fb:b0:ba:de:21:
06:ad:d1:88:ec:21:db:47:d5:51:b4:77:4d:05:a4:c0:46:ab:
73:7f:89:d5:dc:4d:b0:54:d3:e1:3a:34:50:32:c6:22:eb:68:
6f:da:69:1f:72:04:9f:c3:5c:88:ae:8c:90:8a:fc:1c:bc:bb:
af:90:80:eb:0d:8b:2c:90:56:f8:17:63:ab:b1:e6:63:32:1c:
94:91:65:85:10:d7:47:21:90:cf:d3:68:31:e2:58:b4:1f:e4:
05:9d:fb:31:2e:45:d7:9e:3a:8d:1f:34:2b:75:e4:f2:67:46:
91:89:c6:1a:f3:e7:9d:26:25:7a:df:c0:ff:3a:a4:55:1e:a0:
05:d1:39:0f:19:2b:8b:3f:27:d0:5f:94:0a:6f:18:39:d0:55:
88:09:1d:46:46:77:2b:30:89:cd:db:90:b9:19:b4:ee:3d:52:
94:e9:d1:4f:5d:74:ac:bb:3c:76:9a:e4:07:38:b7:a0:34:dd:
d3:14:5e:59:6d:22:46:2f:9b:bf:da:d4:05:74:ef:e7:b0:d9:
de:cb:28:c5:8b:5a:00:68:bf:ac:5d:23:2f:fa:c1:5e:3b:a6:
e7:d6:dd:00
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzEk1X4d7+rLhzPsUMHezEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODdiMzI0YjBkMzJmYjFhMzY3OGIwMmM0ODIyODZkNGMy
NmJhMGYwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUzNjgyNzI5ZDAxYzMzZTQ5MTE0M2ZhYjU4ZTY1MjlmNjY0MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteVIwwcuxcy2trun0lpQZheeQWz1
g6AbJI1GCxJs7/iwAAqBC2TTGtiAiq/FkNNbtgxh5DRTKxc7dGwXmICyGeuOwhY6
47e5qdQDLPgpQ0+knaO3DF+BsPG3WagWz0/VQMuYAnc9MLoE0RAv9YAUu1+3TrlT
yFjOEX56vi1UxtRpVZTdgZJghlakT3b9eeCJh/fnNYDEtVBjgx/dY4LXZDeBduBf
xZtx4i+UB4CQRlRqzMRy+S6d47YhB/5ru06wCTRdLYF0s3awuWSTtsb08KREGdo6
s2NCVSH6QgQKxOM8zBiUswrfFcxYvM4gEO/Eee0TQouJ9k13vsMm1FODLQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEBTaCcp0Bwz5JEUP6tY5lKfZkG4MB8GA1UdIwQY
MBaAFDeHsySw0y+xo2eLAsSCKG1MJroPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2Ut
YzQ3MTE0ODIzODBlLzEvUUZOb0p5blFIRFBra1JRX3Exam1VcDltUWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82MDIyNDQtNzY5OS00MTAzLWJjN2UtYzQ3MTE0ODIzODBl
LzEvTjRlekpMRFRMN0dqWjRzQ3hJSW9iVXdtdWc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAud50MA4E
AgACMAgDBgAqDDgAADANBgkqhkiG9w0BAQsFAAOCAQEAYzr36Fb4h5QIKnC++7g6
bdaWaeY/mCR0V7QShHEZAfuwut4hBq3RiOwh20fVUbR3TQWkwEarc3+J1dxNsFTT
4To0UDLGIutob9ppH3IEn8NciK6MkIr8HLy7r5CA6w2LLJBW+Bdjq7HmYzIclJFl
hRDXRyGQz9NoMeJYtB/kBZ37MS5F1546jR80K3Xk8mdGkYnGGvPnnSYlet/A/zqk
VR6gBdE5Dxkriz8n0F+UCm8YOdBViAkdRkZ3KzCJzduQuRm07j1SlOnRT110rLs8
dprkBzi3oDTd0xReWW0iRi+bv9rUBXTv57DZ3ssoxYtaAGi/rF0jL/rBXjum59bd
AA==
-----END CERTIFICATE-----
Generated at Fri May 31 23:54:47 2024 by rpki-client on console-fra.rpki-client.org