Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/qqy1OZqTqwInbuisrPFrILIj1-U.roa
File: qqy1OZqTqwInbuisrPFrILIj1-U.roa (raw, json)
Hash identifier: NBcDDsVylkEOmh8NwS2rYLgekJC1MOY3+nQRXJfPd1A=
Subject key identifier: AA:AC:B5:39:9A:93:AB:02:27:6E:E8:AC:AC:F1:6B:20:B2:23:D7:E5
Certificate issuer: /CN=27b8dbd97de4cd4059b52e513dcf35cd381a32b3
Certificate serial: 018CC9BCE764755040611AA7E8A19A2CD213
Authority key identifier: 27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/qqy1OZqTqwInbuisrPFrILIj1-U.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205862
IP address blocks: 185.204.43.0/24 maxlen: 24
185.204.40.0/24 maxlen: 24
185.204.42.0/24 maxlen: 24
185.204.41.0/24 maxlen: 24
2a0d:b00:2901::/48 maxlen: 48
2a0d:b00:3501::/48 maxlen: 48
2a0d:b00:9201::/48 maxlen: 48
2a0d:b00:3502::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e7:64:75:50:40:61:1a:a7:e8:a1:9a:2c:d2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b8dbd97de4cd4059b52e513dcf35cd381a32b3
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaacb5399a93ab02276ee8acacf16b20b223d7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:09:fe:58:5e:76:4f:78:dc:5b:d9:85:15:5e:
74:76:d9:13:a1:16:8c:d6:2e:7e:af:ff:1a:6f:fe:
c2:78:25:42:85:5f:96:5a:dd:fb:d0:fd:b3:4b:ce:
8c:e2:10:14:f0:78:bf:fd:96:6b:05:71:c3:ab:39:
cf:85:74:be:8f:68:7e:57:42:a6:fc:07:06:bc:5c:
72:3c:02:d6:37:07:de:53:6e:b2:99:33:1d:b2:21:
d6:90:9a:3b:b8:7b:ac:6b:87:3e:43:f9:b6:a6:5e:
36:4c:14:dc:ee:2d:d2:eb:fa:b3:e1:62:df:e8:9c:
70:74:4d:fb:30:58:40:2d:1d:9f:2b:9d:b0:8f:00:
68:86:85:95:d5:9f:7b:6b:df:a6:84:a0:d4:6e:db:
bf:7c:cc:0b:af:43:48:9b:bc:0c:b9:9a:4d:b5:53:
6c:d4:7c:1c:c6:55:66:04:ed:be:a2:50:f5:ab:2f:
dc:7a:7b:c7:98:ef:80:11:c8:90:c6:96:51:a1:65:
03:e0:b1:74:c0:7e:cb:78:43:74:b8:b9:cd:2c:8d:
cd:8a:19:d8:68:4d:d9:1a:ab:f9:b0:b0:89:3c:5a:
67:af:65:94:bc:23:6d:bc:fa:de:76:74:18:28:a0:
66:83:67:f4:46:8c:49:44:b4:7f:23:3f:5d:58:d7:
2a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AC:B5:39:9A:93:AB:02:27:6E:E8:AC:AC:F1:6B:20:B2:23:D7:E5
X509v3 Authority Key Identifier:
keyid:27:B8:DB:D9:7D:E4:CD:40:59:B5:2E:51:3D:CF:35:CD:38:1A:32:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7jb2X3kzUBZtS5RPc81zTgaMrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/qqy1OZqTqwInbuisrPFrILIj1-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/85928f-5f19-41d9-8238-5c54cdad19f1/1/J7jb2X3kzUBZtS5RPc81zTgaMrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.40.0/22
IPv6:
2a0d:b00:2901::/48
2a0d:b00:3501::-2a0d:b00:3502:ffff:ffff:ffff:ffff:ffff
2a0d:b00:9201::/48
Signature Algorithm: sha256WithRSAEncryption
97:a6:ab:7c:7a:c3:6e:f7:ee:0d:1a:4b:c1:fb:d0:fc:d5:a3:
ed:c1:12:15:c9:dd:3d:b8:44:cf:cf:8c:11:aa:f5:7b:db:f6:
7e:c3:78:39:18:6d:b9:0f:3c:b1:80:77:cb:4d:69:2c:73:a2:
93:03:05:b2:58:03:d4:ba:77:f9:b2:86:d4:f0:0c:ce:a9:ef:
1d:0f:de:c5:bf:f7:fb:92:e9:5c:12:8c:ee:5a:7c:62:3d:08:
5e:fb:49:fa:38:f0:8e:de:a4:dc:63:31:d4:2f:e9:e9:85:37:
3a:a7:76:41:ef:ad:b1:bc:3e:96:0d:f1:9d:a5:fc:cf:1b:a4:
18:62:f9:e1:a0:a1:a5:15:1a:d2:5c:fa:78:e2:4e:23:90:65:
8b:57:e0:98:1f:9e:2d:16:22:35:1b:72:51:0e:de:a5:b5:73:
6e:74:23:c2:35:9c:5f:51:1e:0d:8e:33:bb:a9:66:9f:15:9f:
5e:e6:77:85:be:f5:02:05:3d:5a:92:ff:8e:f4:eb:1d:31:b8:
f6:0b:dd:b5:07:30:84:f1:f8:19:33:76:52:d0:49:d1:ee:f2:
85:dd:36:da:87:46:9e:9b:85:57:54:31:4e:2b:01:d6:c4:a4:
89:61:e1:cd:3e:ef:f5:aa:da:19:c6:f4:67:4e:0e:82:a6:dd:
16:10:ec:ed
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzJvOdkdVBAYRqn6KGaLNITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YjhkYmQ5N2RlNGNkNDA1OWI1MmU1MTNkY2YzNWNkMzgx
YTMyYjMwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFjYjUzOTlhOTNhYjAyMjc2ZWU4YWNhY2YxNmIyMGIyMjNkN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAn+WF52T3jcW9mFFV50dtkToRaM
1i5+r/8ab/7CeCVChV+WWt370P2zS86M4hAU8Hi//ZZrBXHDqznPhXS+j2h+V0Km
/AcGvFxyPALWNwfeU26ymTMdsiHWkJo7uHusa4c+Q/m2pl42TBTc7i3S6/qz4WLf
6JxwdE37MFhALR2fK52wjwBohoWV1Z97a9+mhKDUbtu/fMwLr0NIm7wMuZpNtVNs
1HwcxlVmBO2+olD1qy/cenvHmO+AEciQxpZRoWUD4LF0wH7LeEN0uLnNLI3NihnY
aE3ZGqv5sLCJPFpnr2WUvCNtvPrednQYKKBmg2f0RoxJRLR/Iz9dWNcq3wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKqstTmak6sCJ27orKzxayCyI9flMB8GA1UdIwQY
MBaAFCe429l95M1AWbUuUT3PNc04GjKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdqYjJYM2t6VUJadFM1UlBjODF6VGdhTXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84NTkyOGYtNWYxOS00MWQ5LTgyMzgt
NWM1NGNkYWQxOWYxLzEvcXF5MU9acVRxd0luYnVpc3JQRnJJTElqMS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84NTkyOGYtNWYxOS00MWQ5LTgyMzgtNWM1NGNkYWQxOWYx
LzEvSjdqYjJYM2t6VUJadFM1UlBjODF6VGdhTXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQCucwoMCwE
AgACMCYDBwAqDQsAKQEwEgMHACoNCwA1AQMHACoNCwA1AgMHACoNCwCSATANBgkq
hkiG9w0BAQsFAAOCAQEAl6arfHrDbvfuDRpLwfvQ/NWj7cESFcndPbhEz8+MEar1
e9v2fsN4ORhtuQ88sYB3y01pLHOikwMFslgD1Lp3+bKG1PAMzqnvHQ/exb/3+5Lp
XBKM7lp8Yj0IXvtJ+jjwjt6k3GMx1C/p6YU3Oqd2Qe+tsbw+lg3xnaX8zxukGGL5
4aChpRUa0lz6eOJOI5Bli1fgmB+eLRYiNRtyUQ7epbVzbnQjwjWcX1EeDY4zu6lm
nxWfXuZ3hb71AgU9WpL/jvTrHTG49gvdtQcwhPH4GTN2UtBJ0e7yhd022odGnpuF
V1QxTisB1sSkiWHhzT7v9araGcb0Z04OgqbdFhDs7Q==
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:52:44 2024 by rpki-client on console-fra.rpki-client.org