Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/Q2PTAgsRCglGy8eZW7islDi2Wkg.roa
File: Q2PTAgsRCglGy8eZW7islDi2Wkg.roa (raw, json)
Hash identifier: 7U+45wlPgUPDK0KYYGQyuC/LydX/3x9YaVe0cKDQgKc=
Subject key identifier: 43:63:D3:02:0B:11:0A:09:46:CB:C7:99:5B:B8:AC:94:38:B6:5A:48
Certificate issuer: /CN=8b19f3d7ffea957261501e91664ff6823ed936ad
Certificate serial: 018CC7273F9101A8BF17628868D959103AAA
Authority key identifier: 8B:19:F3:D7:FF:EA:95:72:61:50:1E:91:66:4F:F6:82:3E:D9:36:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ixnz1__qlXJhUB6RZk_2gj7ZNq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/Q2PTAgsRCglGy8eZW7islDi2Wkg.roa
Signing time: Mon 01 Jan 2024 22:31:27 +0000
ROA not before: Mon 01 Jan 2024 22:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8758
IP address blocks: 185.166.96.0/22 maxlen: 22
2a0a:de00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ixnz1__qlXJhUB6RZk_2gj7ZNq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ixnz1__qlXJhUB6RZk_2gj7ZNq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ixnz1__qlXJhUB6RZk_2gj7ZNq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3f:91:01:a8:bf:17:62:88:68:d9:59:10:3a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b19f3d7ffea957261501e91664ff6823ed936ad
Validity
Not Before: Jan 1 22:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4363d3020b110a0946cbc7995bb8ac9438b65a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:26:69:6d:62:57:ac:d9:e4:0b:cf:4a:02:
24:2a:b4:e0:ba:94:65:47:ab:6f:a8:20:91:57:13:
ea:f5:a4:0e:a6:a3:e8:51:cf:ae:9e:d6:0b:6c:d4:
ad:6a:22:8d:5d:19:d7:ff:be:8f:b3:ab:c1:b9:15:
32:45:9f:e2:38:f8:47:3c:2f:f6:4b:82:45:bb:68:
6a:b8:72:76:27:67:51:00:a4:e5:61:5b:19:68:81:
73:ad:f6:5c:c3:8a:2c:45:47:ef:ad:de:de:81:c0:
48:6b:b0:30:e3:de:73:48:bf:b8:19:3c:4b:63:67:
f3:33:02:7d:88:5d:bd:d3:84:53:e8:77:a5:1f:2b:
97:ed:9f:50:5a:2e:11:55:69:33:90:4f:3b:cd:40:
1c:0a:36:27:fa:44:b1:17:b8:ec:ac:fb:e9:8c:13:
dc:65:8c:8d:9d:25:8c:50:72:4b:b6:8c:d1:19:76:
60:34:56:67:b7:d8:cb:42:1a:fe:32:a2:09:45:71:
d5:db:4a:32:d9:4a:78:be:70:15:08:a4:c4:9f:73:
5e:8b:0e:a2:89:20:b9:b3:3d:c2:7b:24:47:78:c3:
7c:7d:ef:a5:94:30:dd:91:65:90:41:1c:d5:f0:5c:
46:58:b1:32:8b:b8:1c:99:5c:70:89:51:2d:78:da:
d5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:63:D3:02:0B:11:0A:09:46:CB:C7:99:5B:B8:AC:94:38:B6:5A:48
X509v3 Authority Key Identifier:
keyid:8B:19:F3:D7:FF:EA:95:72:61:50:1E:91:66:4F:F6:82:3E:D9:36:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ixnz1__qlXJhUB6RZk_2gj7ZNq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/Q2PTAgsRCglGy8eZW7islDi2Wkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1ade7-fbe2-4203-8551-b6542e6447a0/1/ixnz1__qlXJhUB6RZk_2gj7ZNq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.96.0/22
IPv6:
2a0a:de00::/32
Signature Algorithm: sha256WithRSAEncryption
b6:39:17:63:ea:71:ef:83:de:30:15:dd:25:6e:e7:de:90:27:
a4:e6:5d:0c:e6:a7:64:fa:5c:ea:d5:a2:2c:30:6e:f8:a3:25:
0f:88:3b:87:c8:cc:82:a2:2c:19:d2:4d:91:4e:59:c3:de:af:
ec:0b:87:d8:e8:fe:94:6d:e4:1f:c0:cc:15:7f:22:ca:07:62:
36:c6:f5:ea:09:ae:e8:78:1e:fc:37:05:f9:83:24:5b:90:92:
ad:fa:0d:fe:7e:a6:2e:1e:ee:e0:bf:7c:be:c9:42:33:fd:a1:
cb:9a:96:15:fe:ea:cd:26:44:28:32:ad:3c:93:b2:70:b0:01:
be:7f:09:39:38:a2:9f:47:47:44:d9:5f:f3:c4:49:74:86:53:
54:05:32:41:30:32:98:2e:50:55:09:63:0d:30:de:e0:61:8d:
ce:e4:b2:9f:4a:56:a2:3d:48:78:9c:bb:aa:a0:9e:d7:93:6e:
aa:48:89:d7:93:19:f6:f8:74:c2:02:e5:b0:b6:6b:37:18:94:
64:ca:ea:57:ea:c4:f3:f9:52:c0:53:97:29:87:df:de:a2:13:
ac:b1:2c:8a:b3:fa:b5:ce:99:08:d9:2b:4f:ec:f3:94:f7:74:
44:a8:d8:3e:d9:a1:aa:12:e0:e2:ce:39:56:f6:d0:40:5c:b7:
08:65:51:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJz+RAai/F2KIaNlZEDqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMTlmM2Q3ZmZlYTk1NzI2MTUwMWU5MTY2NGZmNjgyM2Vk
OTM2YWQwHhcNMjQwMTAxMjIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzYzZDMwMjBiMTEwYTA5NDZjYmM3OTk1YmI4YWM5NDM4YjY1YTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZQmaW1iV6zZ5AvPSgIkKrTgupRl
R6tvqCCRVxPq9aQOpqPoUc+untYLbNStaiKNXRnX/76Ps6vBuRUyRZ/iOPhHPC/2
S4JFu2hquHJ2J2dRAKTlYVsZaIFzrfZcw4osRUfvrd7egcBIa7Aw495zSL+4GTxL
Y2fzMwJ9iF2904RT6HelHyuX7Z9QWi4RVWkzkE87zUAcCjYn+kSxF7jsrPvpjBPc
ZYyNnSWMUHJLtozRGXZgNFZnt9jLQhr+MqIJRXHV20oy2Up4vnAVCKTEn3Neiw6i
iSC5sz3CeyRHeMN8fe+llDDdkWWQQRzV8FxGWLEyi7gcmVxwiVEteNrVgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFENj0wILEQoJRsvHmVu4rJQ4tlpIMB8GA1UdIwQY
MBaAFIsZ89f/6pVyYVAekWZP9oI+2TatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXhuejFfX3FsWEpoVUI2UlprXzJnajdaTnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWFkZTctZmJlMi00MjAzLTg1NTEt
YjY1NDJlNjQ0N2EwLzEvUTJQVEFnc1JDZ2xHeThlWlc3aXNsRGkyV2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kMWFkZTctZmJlMi00MjAzLTg1NTEtYjY1NDJlNjQ0N2Ew
LzEvaXhuejFfX3FsWEpoVUI2UlprXzJnajdaTnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaZgMA0E
AgACMAcDBQAqCt4AMA0GCSqGSIb3DQEBCwUAA4IBAQC2ORdj6nHvg94wFd0lbufe
kCek5l0M5qdk+lzq1aIsMG74oyUPiDuHyMyCoiwZ0k2RTlnD3q/sC4fY6P6UbeQf
wMwVfyLKB2I2xvXqCa7oeB78NwX5gyRbkJKt+g3+fqYuHu7gv3y+yUIz/aHLmpYV
/urNJkQoMq08k7JwsAG+fwk5OKKfR0dE2V/zxEl0hlNUBTJBMDKYLlBVCWMNMN7g
YY3O5LKfSlaiPUh4nLuqoJ7Xk26qSInXkxn2+HTCAuWwtms3GJRkyupX6sTz+VLA
U5cph9/eohOssSyKs/q1zpkI2StP7POU93REqNg+2aGqEuDizjlW9tBAXLcIZVEl
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:51:57 2024 by rpki-client on console-fra.rpki-client.org