Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/qwsyEaNMjcz8YmlkY5ldCSOix9g.roa
File: qwsyEaNMjcz8YmlkY5ldCSOix9g.roa (raw, json)
Hash identifier: +O9G9pgG5yJmzlke6ioyUm8dNmN/TDh6WqxpGFZE4vU=
Subject key identifier: AB:0B:32:11:A3:4C:8D:CC:FC:62:69:64:63:99:5D:09:23:A2:C7:D8
Certificate issuer: /CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Certificate serial: 018CC6B8DC17FB4ADE4F6605A0BECFD71273
Authority key identifier: 9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/qwsyEaNMjcz8YmlkY5ldCSOix9g.roa
Signing time: Mon 01 Jan 2024 20:30:52 +0000
ROA not before: Mon 01 Jan 2024 20:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60602
IP address blocks: 194.33.40.0/22 maxlen: 24
185.181.230.0/24 maxlen: 24
185.181.228.0/24 maxlen: 24
185.181.228.0/23 maxlen: 23
185.181.229.0/24 maxlen: 24
2a0a:d580::/32 maxlen: 32
2a0a:d580::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:dc:17:fb:4a:de:4f:66:05:a0:be:cf:d7:12:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Validity
Not Before: Jan 1 20:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab0b3211a34c8dccfc62696463995d0923a2c7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:16:c6:c7:1c:61:11:76:ff:83:05:7e:68:
45:6d:a5:22:bf:c8:f0:2f:de:c1:90:f9:87:18:5b:
6e:99:17:e3:90:fb:7e:c5:7d:93:20:43:92:5a:1b:
64:eb:48:3f:be:7a:f5:c9:fb:8a:34:33:0e:c7:d3:
7b:40:05:d6:78:80:80:26:c4:40:2d:9e:10:e9:20:
8f:ed:83:13:3e:85:f5:70:19:e9:65:27:f0:81:9f:
9c:c7:8c:92:5a:53:2d:bc:2f:04:4e:62:33:f8:c2:
d8:74:92:8c:f3:d4:6c:7d:51:ef:13:9b:b0:d1:ba:
68:75:d7:09:79:b5:07:71:2a:84:c8:fa:7e:4c:b9:
8c:01:d1:a8:f4:cf:d4:65:9f:e5:5a:6e:b5:e2:d8:
3c:ad:56:fb:b7:cb:cf:1e:9b:ef:e7:25:37:7f:e5:
68:28:a9:16:f1:1d:d4:53:f2:93:ef:4a:3a:f7:96:
3b:12:67:e0:b6:31:4b:87:4c:4a:ed:d8:0f:6e:44:
12:f4:41:2e:95:f8:48:fc:ac:4c:c8:08:e8:a3:61:
ff:5d:a7:6b:bb:4a:2a:fb:8c:4b:64:d6:27:87:71:
4f:e1:92:37:a3:cb:ee:1c:cb:ce:8f:11:aa:9c:f2:
5d:7c:9e:03:70:06:e5:37:78:a0:18:e1:21:ae:61:
0c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:0B:32:11:A3:4C:8D:CC:FC:62:69:64:63:99:5D:09:23:A2:C7:D8
X509v3 Authority Key Identifier:
keyid:9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/qwsyEaNMjcz8YmlkY5ldCSOix9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.228.0-185.181.230.255
194.33.40.0/22
IPv6:
2a0a:d580::/32
Signature Algorithm: sha256WithRSAEncryption
cc:53:7c:9a:c2:e9:55:9b:d1:23:7c:02:d2:28:5c:2a:1d:4e:
44:18:0a:75:93:35:13:e3:46:3c:48:a4:5b:63:e6:0f:a8:ef:
b3:e0:c8:dc:3c:85:62:99:0e:30:3e:f8:18:e1:7a:a3:99:db:
e8:cc:f2:3f:cf:67:42:2f:bc:f6:e3:c1:90:0a:e3:86:38:e1:
9d:57:85:6d:30:66:bf:4e:05:0d:2a:ad:6b:b6:e1:a4:f0:84:
28:ca:44:76:e8:59:1e:84:7e:51:38:b5:13:16:23:b8:b9:70:
33:24:5f:ff:19:5c:53:c1:70:13:a4:b6:c1:df:12:45:c6:2b:
11:9f:b9:d9:a2:27:d8:b1:92:9a:2d:f7:cd:b0:42:f2:3f:5f:
47:5a:26:43:a1:2a:f4:97:08:b4:51:d4:17:06:b0:50:87:71:
25:75:b6:48:44:4d:d7:88:1c:26:32:c3:47:83:f4:90:61:45:
f0:b7:b5:59:c2:ee:eb:44:ed:f5:97:ed:c8:51:51:a4:4e:e7:
69:dd:3d:45:0e:00:35:34:8e:2a:1b:6c:88:d6:b3:40:3e:12:
cb:5c:06:43:f1:dd:48:b8:03:70:e2:18:18:5c:b9:6d:bc:be:
3d:6e:22:6a:55:d5:3d:30:c2:db:61:c7:28:96:a0:13:c6:fd:
59:ae:cf:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGuNwX+0reT2YFoL7P1xJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliM2YyOWZmOWVhNzFiM2MzZGMxZjVhZjA1NGI0MTY0N2M5
MWFmOTgwHhcNMjQwMTAxMjAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjBiMzIxMWEzNGM4ZGNjZmM2MjY5NjQ2Mzk5NWQwOTIzYTJjN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc8WxsccYRF2/4MFfmhFbaUiv8jw
L97BkPmHGFtumRfjkPt+xX2TIEOSWhtk60g/vnr1yfuKNDMOx9N7QAXWeICAJsRA
LZ4Q6SCP7YMTPoX1cBnpZSfwgZ+cx4ySWlMtvC8ETmIz+MLYdJKM89RsfVHvE5uw
0bpoddcJebUHcSqEyPp+TLmMAdGo9M/UZZ/lWm614tg8rVb7t8vPHpvv5yU3f+Vo
KKkW8R3UU/KT70o695Y7EmfgtjFLh0xK7dgPbkQS9EEulfhI/KxMyAjoo2H/Xadr
u0oq+4xLZNYnh3FP4ZI3o8vuHMvOjxGqnPJdfJ4DcAblN3igGOEhrmEMmwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKsLMhGjTI3M/GJpZGOZXQkjosfYMB8GA1UdIwQY
MBaAFJs/Kf+epxs8PcH1rwVLQWR8ka+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTct
ZjQ2MjI0YjBkMTYxLzEvcXdzeUVhTk1qY3o4WW1sa1k1bGRDU09peDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTctZjQ2MjI0YjBkMTYx
LzEvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5teQD
BAC5teYDBALCISgwDQQCAAIwBwMFACoK1YAwDQYJKoZIhvcNAQELBQADggEBAMxT
fJrC6VWb0SN8AtIoXCodTkQYCnWTNRPjRjxIpFtj5g+o77PgyNw8hWKZDjA++Bjh
eqOZ2+jM8j/PZ0IvvPbjwZAK44Y44Z1XhW0wZr9OBQ0qrWu24aTwhCjKRHboWR6E
flE4tRMWI7i5cDMkX/8ZXFPBcBOktsHfEkXGKxGfudmiJ9ixkpot982wQvI/X0da
JkOhKvSXCLRR1BcGsFCHcSV1tkhETdeIHCYyw0eD9JBhRfC3tVnC7utE7fWX7chR
UaRO52ndPUUOADU0jiobbIjWs0A+EstcBkPx3Ui4A3DiGBhcuW28vj1uImpV1T0w
wtthxyiWoBPG/Vmuz24=
-----END CERTIFICATE-----
Generated at Tue May 7 12:55:47 2024 by rpki-client on console-ams.rpki-client.org