Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/QKfvfLS8cT0ooEOhr298q92f4bc.roa
File: QKfvfLS8cT0ooEOhr298q92f4bc.roa (raw, json)
Hash identifier: 1W0yvaq9yIGfBQXIzuvfnuqz6TpwTYqY7yMtFnbrO0k=
Subject key identifier: 40:A7:EF:7C:B4:BC:71:3D:28:A0:43:A1:AF:6F:7C:AB:DD:9F:E1:B7
Certificate issuer: /CN=612aef4c7bfe7e072f62d2dd505ab57e37ea385e
Certificate serial: 018CC4928CD0EFA84BB63F1B0DEC4E8618B6
Authority key identifier: 61:2A:EF:4C:7B:FE:7E:07:2F:62:D2:DD:50:5A:B5:7E:37:EA:38:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSrvTHv-fgcvYtLdUFq1fjfqOF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/QKfvfLS8cT0ooEOhr298q92f4bc.roa
Signing time: Mon 01 Jan 2024 10:29:47 +0000
ROA not before: Mon 01 Jan 2024 10:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59494
IP address blocks: 185.145.140.0/22 maxlen: 22
185.145.140.0/23 maxlen: 23
185.145.142.0/23 maxlen: 23
193.187.80.0/23 maxlen: 23
2a07:4480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/YSrvTHv-fgcvYtLdUFq1fjfqOF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/YSrvTHv-fgcvYtLdUFq1fjfqOF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YSrvTHv-fgcvYtLdUFq1fjfqOF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:8c:d0:ef:a8:4b:b6:3f:1b:0d:ec:4e:86:18:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612aef4c7bfe7e072f62d2dd505ab57e37ea385e
Validity
Not Before: Jan 1 10:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40a7ef7cb4bc713d28a043a1af6f7cabdd9fe1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:81:ce:99:66:a7:b8:a9:76:ab:2f:18:b5:
dd:97:05:c2:a2:72:1a:8f:9c:06:8f:74:9f:8e:bb:
55:68:9a:bf:b4:7a:b2:11:f1:2c:93:54:df:e2:97:
73:df:31:9d:3b:34:30:63:d9:06:3e:44:13:50:bf:
0e:5e:76:46:e1:0b:37:94:c4:2d:2e:c6:07:cf:5f:
e8:28:25:73:26:87:1f:16:98:5f:32:04:58:80:62:
2b:dd:b9:04:14:26:c1:43:4a:62:0d:89:e5:e7:fb:
6e:1e:d0:5c:bf:6c:75:a8:e7:95:b6:54:8f:a5:ee:
bc:7c:74:9c:08:0f:1d:6b:f4:af:6d:0d:99:98:a8:
c2:96:ed:93:27:50:bc:af:67:61:24:60:52:49:33:
b7:55:e9:6a:27:92:66:6d:c0:07:82:a7:67:33:01:
88:d5:9c:7f:85:64:b0:ef:2c:ae:0f:2d:d6:20:69:
73:5e:86:61:b3:e3:6f:ee:3b:72:f8:89:f5:83:05:
25:5c:ac:cf:f5:80:6b:59:0e:a9:96:8a:14:33:b0:
a5:9a:bb:cc:3e:6c:8f:e0:dc:73:d9:b2:c9:3e:86:
27:20:12:16:1a:2e:bc:dc:ed:42:0f:83:66:fa:46:
a6:38:65:8b:1a:d7:3f:58:91:d1:96:9d:2d:e0:47:
9d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A7:EF:7C:B4:BC:71:3D:28:A0:43:A1:AF:6F:7C:AB:DD:9F:E1:B7
X509v3 Authority Key Identifier:
keyid:61:2A:EF:4C:7B:FE:7E:07:2F:62:D2:DD:50:5A:B5:7E:37:EA:38:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSrvTHv-fgcvYtLdUFq1fjfqOF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/QKfvfLS8cT0ooEOhr298q92f4bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/YSrvTHv-fgcvYtLdUFq1fjfqOF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.140.0/22
193.187.80.0/23
IPv6:
2a07:4480::/32
Signature Algorithm: sha256WithRSAEncryption
86:92:ad:61:6b:74:9c:48:f5:28:53:fb:84:80:46:4b:bf:e4:
04:3a:c4:23:29:48:72:ac:8d:ca:8b:c7:1b:f9:e3:45:ab:ee:
38:5f:c5:9f:a4:b9:04:c8:f8:a1:70:70:5a:63:57:10:b3:7b:
6c:16:1f:f6:f6:26:25:bc:5b:86:65:e0:0c:41:65:0e:d6:c5:
1a:d8:ad:8c:66:4d:0a:ae:fe:44:76:29:9a:db:db:47:fb:d8:
03:ed:4a:75:aa:11:5c:d8:ce:45:ae:39:bf:96:f6:bb:10:79:
87:27:ab:03:f7:d0:ca:9e:c4:db:b6:b8:7d:d5:4d:35:d9:41:
e1:0a:54:ce:6c:d0:82:9a:92:e8:e6:43:7b:68:d1:b8:c2:54:
99:93:f7:71:b4:cf:65:b0:bf:b3:c2:82:b3:8f:c7:ed:7e:bb:
ba:a1:41:78:29:6f:85:e8:44:29:fe:f0:42:90:ff:71:12:2a:
50:dd:a0:55:d0:b8:26:a7:8c:fc:fe:e1:89:ce:a7:fb:33:a7:
88:85:ed:a9:50:e0:11:77:0f:40:27:37:e2:57:11:34:64:98:
49:4a:c8:99:26:65:76:17:db:6f:5a:ad:83:ec:07:d0:66:50:
7f:29:07:95:0b:66:b5:16:b7:10:c3:de:d5:3e:bf:ae:5d:5c:
df:c8:e5:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkozQ76hLtj8bDexOhhi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMmFlZjRjN2JmZTdlMDcyZjYyZDJkZDUwNWFiNTdlMzdl
YTM4NWUwHhcNMjQwMTAxMTAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE3ZWY3Y2I0YmM3MTNkMjhhMDQzYTFhZjZmN2NhYmRkOWZlMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4CBzplmp7ipdqsvGLXdlwXConIa
j5wGj3SfjrtVaJq/tHqyEfEsk1Tf4pdz3zGdOzQwY9kGPkQTUL8OXnZG4Qs3lMQt
LsYHz1/oKCVzJocfFphfMgRYgGIr3bkEFCbBQ0piDYnl5/tuHtBcv2x1qOeVtlSP
pe68fHScCA8da/SvbQ2ZmKjClu2TJ1C8r2dhJGBSSTO3VelqJ5JmbcAHgqdnMwGI
1Zx/hWSw7yyuDy3WIGlzXoZhs+Nv7jty+In1gwUlXKzP9YBrWQ6plooUM7ClmrvM
PmyP4Nxz2bLJPoYnIBIWGi683O1CD4Nm+kamOGWLGtc/WJHRlp0t4EedrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFECn73y0vHE9KKBDoa9vfKvdn+G3MB8GA1UdIwQY
MBaAFGEq70x7/n4HL2LS3VBatX436jheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVNydlRIdi1mZ2N2WXRMZFVGcTFmamZxT0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83MjA3YTktMjdmNC00NGVjLWJmNzgt
YTIwN2M3YTE5ZWQyLzEvUUtmdmZMUzhjVDBvb0VPaHIyOThxOTJmNGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83MjA3YTktMjdmNC00NGVjLWJmNzgtYTIwN2M3YTE5ZWQy
LzEvWVNydlRIdi1mZ2N2WXRMZFVGcTFmamZxT0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZGMAwQB
wbtQMA0EAgACMAcDBQAqB0SAMA0GCSqGSIb3DQEBCwUAA4IBAQCGkq1ha3ScSPUo
U/uEgEZLv+QEOsQjKUhyrI3Ki8cb+eNFq+44X8WfpLkEyPihcHBaY1cQs3tsFh/2
9iYlvFuGZeAMQWUO1sUa2K2MZk0Krv5Edima29tH+9gD7Up1qhFc2M5Frjm/lva7
EHmHJ6sD99DKnsTbtrh91U012UHhClTObNCCmpLo5kN7aNG4wlSZk/dxtM9lsL+z
woKzj8ftfru6oUF4KW+F6EQp/vBCkP9xEipQ3aBV0Lgmp4z8/uGJzqf7M6eIhe2p
UOARdw9AJzfiVxE0ZJhJSsiZJmV2F9tvWq2D7AfQZlB/KQeVC2a1FrcQw97VPr+u
XVzfyOWE
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:30:23 2024 by rpki-client on console-ams.rpki-client.org