Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/wqaok-bqRgMiW3VqW5qyrdF1yZY.roa
File: wqaok-bqRgMiW3VqW5qyrdF1yZY.roa (raw, json)
Hash identifier: KBy/OjOpgBAmgF8HPzbQuyCG3sivK+oMIxlzMtbK7ls=
Subject key identifier: C2:A6:A8:93:E6:EA:46:03:22:5B:75:6A:5B:9A:B2:AD:D1:75:C9:96
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF1040F761391AFA4E62A6A878C7E
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/wqaok-bqRgMiW3VqW5qyrdF1yZY.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25211
IP address blocks: 109.160.32.0/22 maxlen: 22
109.160.38.0/24 maxlen: 24
109.160.36.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f1:04:0f:76:13:91:af:a4:e6:2a:6a:87:8c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2a6a893e6ea4603225b756a5b9ab2add175c996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:8a:2c:27:0d:f6:4d:4b:b5:70:ed:5a:7b:
54:a9:8d:51:f3:94:cf:af:ee:d0:83:cb:f2:6b:4b:
7a:04:e0:01:5f:7f:0d:18:bd:fe:5d:ce:b1:25:19:
47:a2:fd:cc:44:55:c7:c1:51:fc:c4:71:67:2b:b5:
d3:2b:42:e4:25:b8:4a:cc:2d:0f:d9:56:b0:0c:99:
8d:60:6c:06:04:d1:c1:8e:1c:a0:7c:45:19:30:ac:
9d:d1:16:0d:f7:a3:ab:6e:34:0d:0f:a2:e8:00:d6:
cb:40:c0:a8:22:cc:3d:cd:25:38:16:88:ff:eb:b8:
b7:12:0e:cb:32:62:ea:50:7d:7b:7b:66:06:ed:1d:
b3:8d:e0:32:09:e9:96:2e:04:cc:24:33:a4:ad:11:
af:99:b3:ba:c7:4a:ad:cf:ce:8f:03:b6:d6:5a:29:
e8:0f:c0:41:f0:be:5c:f5:9b:db:11:7b:1f:7f:b1:
ea:86:99:f3:37:94:db:19:50:30:01:a5:c7:80:0e:
9e:2c:e3:0c:ae:56:e2:26:ba:41:1c:c1:14:0b:8b:
e2:f8:45:bd:8b:5d:6c:96:d7:d3:e5:f1:36:e0:17:
50:f7:db:6b:3c:1e:11:b5:76:b9:fc:22:e0:01:8e:
98:5c:c7:43:2d:0e:87:79:40:84:80:11:27:8a:51:
3c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A6:A8:93:E6:EA:46:03:22:5B:75:6A:5B:9A:B2:AD:D1:75:C9:96
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/wqaok-bqRgMiW3VqW5qyrdF1yZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0-109.160.41.255
Signature Algorithm: sha256WithRSAEncryption
4d:57:c3:83:a5:5f:ac:a5:93:ab:8c:14:0d:e6:93:ff:73:9e:
56:a3:3b:e1:2d:17:20:9c:e6:78:87:03:58:65:d7:a2:8c:d4:
96:ab:93:41:69:92:82:a3:63:eb:1f:28:ad:c1:44:a3:51:e3:
78:0e:f2:1f:6b:6a:50:2f:d5:e8:97:32:82:d6:a6:52:97:56:
47:a0:0c:0b:2c:e0:d1:5c:32:f8:1d:57:e8:8c:57:d8:29:d5:
56:5b:97:8f:38:38:ec:47:df:33:02:3c:12:db:ac:c8:52:8a:
b1:bf:ab:68:b5:0b:ec:eb:1e:06:f1:7d:19:8e:5b:2e:0a:18:
03:4a:7e:fa:69:5e:15:f5:70:3b:35:52:fa:73:16:81:01:c5:
53:4e:1c:8c:2f:92:58:a2:a3:ae:52:33:ab:5c:ec:86:64:70:
fd:94:74:23:87:79:03:b0:a6:6e:6d:65:87:a8:b0:1f:98:d6:
3e:5b:6f:72:a3:36:a2:fb:ee:03:53:76:8d:4c:6e:3d:a7:5a:
45:ab:c8:66:a1:07:9e:96:f9:5d:f8:5a:ee:8a:2e:e2:4f:88:
01:04:cd:92:d1:ce:b2:be:b3:b5:8f:28:5a:30:9e:13:77:7c:
42:64:e4:ca:eb:d5:30:4c:eb:6d:00:c5:82:1c:be:7c:f2:e1:
64:a6:e4:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbvEED3YTka+k5ipqh4x+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE2YTg5M2U2ZWE0NjAzMjI1Yjc1NmE1YjlhYjJhZGQxNzVjOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqKKLCcN9k1LtXDtWntUqY1R85TP
r+7Qg8vya0t6BOABX38NGL3+Xc6xJRlHov3MRFXHwVH8xHFnK7XTK0LkJbhKzC0P
2VawDJmNYGwGBNHBjhygfEUZMKyd0RYN96OrbjQND6LoANbLQMCoIsw9zSU4Foj/
67i3Eg7LMmLqUH17e2YG7R2zjeAyCemWLgTMJDOkrRGvmbO6x0qtz86PA7bWWino
D8BB8L5c9ZvbEXsff7HqhpnzN5TbGVAwAaXHgA6eLOMMrlbiJrpBHMEUC4vi+EW9
i11sltfT5fE24BdQ99trPB4RtXa5/CLgAY6YXMdDLQ6HeUCEgBEnilE8ywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMKmqJPm6kYDIlt1aluasq3RdcmWMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvd3Fhb2stYnFSZ01pVzNWcVc1cXlyZEYxeVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVtoCAD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBAE1Xw4OlX6ylk6uMFA3mk/9znlajO+Et
FyCc5niHA1hl16KM1Jark0FpkoKjY+sfKK3BRKNR43gO8h9ralAv1eiXMoLWplKX
VkegDAss4NFcMvgdV+iMV9gp1VZbl484OOxH3zMCPBLbrMhSirG/q2i1C+zrHgbx
fRmOWy4KGANKfvppXhX1cDs1UvpzFoEBxVNOHIwvkliio65SM6tc7IZkcP2UdCOH
eQOwpm5tZYeosB+Y1j5bb3KjNqL77gNTdo1Mbj2nWkWryGahB56W+V34Wu6KLuJP
iAEEzZLRzrK+s7WPKFownhN3fEJk5Mrr1TBM620AxYIcvnzy4WSm5C0=
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:15:30 2024 by rpki-client on console-ams.rpki-client.org