Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/QOSive1cmGDxbBJxoauVoYL9-7U.roa
File: QOSive1cmGDxbBJxoauVoYL9-7U.roa (raw, json)
Hash identifier: xDjjhb8PsqPKaE/+6ifT3xHzcDIZIFiuKaI3xcq9QGs=
Subject key identifier: 40:E4:A2:BD:ED:5C:98:60:F1:6C:12:71:A1:AB:95:A1:82:FD:FB:B5
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018CC64B7670D60478342AD86097C7E678AD
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/QOSive1cmGDxbBJxoauVoYL9-7U.roa
Signing time: Mon 01 Jan 2024 18:31:23 +0000
ROA not before: Mon 01 Jan 2024 18:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 45.89.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:76:70:d6:04:78:34:2a:d8:60:97:c7:e6:78:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 1 18:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e4a2bded5c9860f16c1271a1ab95a182fdfbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:24:4b:f0:88:5d:2c:ef:f6:df:7b:fd:88:92:
86:8f:85:0a:6c:63:96:7b:ff:3b:8d:8e:c0:c0:49:
45:ff:e2:49:21:07:c6:d2:64:44:54:4e:a1:47:82:
60:1a:ba:e7:d1:dd:bb:5c:27:91:d1:8a:9e:d6:b2:
75:66:79:48:70:a4:c7:9d:d8:ca:5c:eb:97:20:75:
86:6e:f5:31:4f:1d:53:1f:0e:57:37:75:eb:42:6f:
e6:08:04:31:54:7d:ac:50:a6:72:bf:62:e7:5f:f2:
c8:24:62:e3:0b:34:3e:5a:6f:4a:0d:59:20:ea:c8:
2f:9a:03:2a:14:f8:bd:1b:55:47:31:ca:6c:3c:04:
59:56:d4:20:02:ea:c8:e2:0f:0e:52:0a:78:31:13:
32:a1:94:63:1c:ea:02:bd:6c:70:c1:66:0d:8b:2c:
b9:52:2a:64:25:27:3c:d7:4b:f0:b0:23:1a:a5:10:
ad:56:36:28:62:4a:5b:55:d3:4b:92:3c:c5:97:1c:
5d:d3:a1:29:7e:3f:c2:93:fd:79:ee:e9:e3:33:66:
02:e3:6c:d9:3c:98:94:c2:55:90:b8:5b:53:0b:e1:
16:95:df:d1:bc:59:4b:d3:88:9f:a8:13:c0:a7:22:
bb:1a:2b:20:ae:aa:fd:02:9a:9f:ca:ec:9e:cc:9f:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:A2:BD:ED:5C:98:60:F1:6C:12:71:A1:AB:95:A1:82:FD:FB:B5
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/QOSive1cmGDxbBJxoauVoYL9-7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.21.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:0d:19:e8:16:b6:e1:37:f0:87:11:50:65:d4:dd:8f:1c:59:
4f:99:bd:4b:1f:f4:e0:69:bb:62:03:ab:32:f3:3e:9c:f5:f9:
93:a4:07:f1:42:52:93:c0:f2:3f:ad:19:96:2c:18:67:07:05:
55:d2:94:7c:49:70:6c:97:2f:0b:01:6a:fe:36:a9:c5:95:f7:
15:4d:04:1a:55:9e:46:aa:6f:07:02:e9:71:eb:6e:93:32:26:
d8:13:fc:aa:82:ef:c1:c5:bb:2d:9c:28:9f:08:f6:fd:36:25:
61:42:a3:c8:4f:5e:8e:cf:0d:68:f7:94:8f:14:bf:64:f0:fa:
46:be:f3:cc:9f:d8:ef:00:47:29:4f:26:d8:8a:b7:f4:fc:ab:
a6:8f:d8:c7:b9:b6:a3:78:b2:20:58:b1:81:fd:dc:a2:37:60:
72:e7:08:01:e4:d3:08:f5:c8:98:77:2e:d6:97:ae:6a:80:42:
9b:2f:5d:30:9e:fa:93:37:fe:31:c7:75:8b:a7:3e:d7:12:de:
d4:7a:0a:31:7f:a0:ac:49:77:a9:c0:cb:e3:42:96:b7:d9:d8:
a5:6d:06:aa:c0:45:aa:06:ec:9d:f1:22:0c:3c:b5:ec:a9:7d:
d6:a7:95:a3:05:89:c7:6e:0a:25:36:2c:51:44:59:1a:0a:be:
08:e5:8c:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS3Zw1gR4NCrYYJfH5nitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjQwMTAxMTgzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0YTJiZGVkNWM5ODYwZjE2YzEyNzFhMWFiOTVhMTgyZmRmYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyRL8IhdLO/233v9iJKGj4UKbGOW
e/87jY7AwElF/+JJIQfG0mREVE6hR4JgGrrn0d27XCeR0Yqe1rJ1ZnlIcKTHndjK
XOuXIHWGbvUxTx1THw5XN3XrQm/mCAQxVH2sUKZyv2LnX/LIJGLjCzQ+Wm9KDVkg
6sgvmgMqFPi9G1VHMcpsPARZVtQgAurI4g8OUgp4MRMyoZRjHOoCvWxwwWYNiyy5
UipkJSc810vwsCMapRCtVjYoYkpbVdNLkjzFlxxd06Epfj/Ck/157unjM2YC42zZ
PJiUwlWQuFtTC+EWld/RvFlL04ifqBPApyK7Gisgrqr9ApqfyuyezJ9mvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDkor3tXJhg8WwScaGrlaGC/fu1MB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvUU9TaXZlMWNtR0R4YkJKeG9hdVZvWUw5LTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVkVMA0G
CSqGSIb3DQEBCwUAA4IBAQB7DRnoFrbhN/CHEVBl1N2PHFlPmb1LH/TgabtiA6sy
8z6c9fmTpAfxQlKTwPI/rRmWLBhnBwVV0pR8SXBsly8LAWr+NqnFlfcVTQQaVZ5G
qm8HAulx626TMibYE/yqgu/BxbstnCifCPb9NiVhQqPIT16Ozw1o95SPFL9k8PpG
vvPMn9jvAEcpTybYirf0/Kumj9jHubajeLIgWLGB/dyiN2By5wgB5NMI9ciYdy7W
l65qgEKbL10wnvqTN/4xx3WLpz7XEt7Uegoxf6CsSXepwMvjQpa32dilbQaqwEWq
Buyd8SIMPLXsqX3Wp5WjBYnHbgolNixRRFkaCr4I5Yy9
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:00:50 2024 by rpki-client on console-fra.rpki-client.org