Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/qMeUtrw65x1_mh8MKibAohkWeng.roa
File: qMeUtrw65x1_mh8MKibAohkWeng.roa (raw, json)
Hash identifier: telTy9TKJvTEcqlMgm1bM/JpV9b6NIBX+cBGLByN79Q=
Subject key identifier: A8:C7:94:B6:BC:3A:E7:1D:7F:9A:1F:0C:2A:26:C0:A2:19:16:7A:78
Certificate issuer: /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial: 018CC8DF9F68BB39E4092B6720983AF896E1
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/qMeUtrw65x1_mh8MKibAohkWeng.roa
Signing time: Tue 02 Jan 2024 06:32:27 +0000
ROA not before: Tue 02 Jan 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211631
IP address blocks: 85.112.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9f:68:bb:39:e4:09:2b:67:20:98:3a:f8:96:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Validity
Not Before: Jan 2 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8c794b6bc3ae71d7f9a1f0c2a26c0a219167a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:34:c1:7f:93:20:4a:a3:95:3a:fe:aa:b5:93:
24:f1:43:0c:f3:b6:ca:0d:f3:d0:22:b1:cf:0d:ef:
e6:55:0f:3b:75:e6:60:71:73:6f:5a:6c:bb:48:1b:
a6:b7:d5:16:ad:e2:63:c7:46:72:f6:8a:62:9b:ca:
7c:e6:39:4c:3e:cf:a4:df:e9:18:45:3e:f5:d0:e5:
80:be:88:5e:ab:49:a6:2e:18:48:8d:00:5d:25:e2:
d3:35:3c:1a:77:7c:34:ee:24:ed:8a:9c:ca:e8:c5:
55:fe:a4:5e:91:fb:d2:dc:8e:70:81:48:0c:de:22:
ed:e3:1a:f5:89:08:d5:08:bb:a6:b1:c0:cf:fb:99:
78:b1:79:0f:84:5f:cc:75:2b:c4:b5:08:22:93:34:
f4:e4:0e:58:7e:e9:8e:45:96:49:3f:c5:a5:32:f8:
2c:5f:2c:e2:8f:c2:4d:6e:fb:4c:bb:15:8c:ca:42:
ac:e3:ac:1c:78:8a:b0:6e:6e:bc:86:25:05:5d:eb:
f8:d3:dd:87:91:35:ce:3a:73:ec:f0:6a:56:51:fd:
d0:cf:d9:e5:49:54:d9:e1:bd:8c:92:92:2a:43:d0:
0f:a4:65:02:75:86:09:68:ff:97:94:2e:73:d1:e8:
fe:0f:e8:5a:e5:eb:94:5e:3b:9e:f6:91:3f:ce:28:
4b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C7:94:B6:BC:3A:E7:1D:7F:9A:1F:0C:2A:26:C0:A2:19:16:7A:78
X509v3 Authority Key Identifier:
keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/qMeUtrw65x1_mh8MKibAohkWeng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.112.98.0/24
Signature Algorithm: sha256WithRSAEncryption
39:46:c7:13:58:9a:81:16:23:33:72:01:d3:55:1e:ef:63:4f:
8b:b1:a8:87:cf:d4:e8:6e:40:3c:1c:cc:83:e4:d2:ac:ab:48:
2d:98:d0:f1:e1:31:9a:42:1e:39:9e:19:fe:43:6a:f1:14:f9:
2e:2d:d1:5c:07:35:3d:4b:25:cd:40:bb:e8:42:6e:00:0c:83:
13:af:1b:4a:b2:8b:92:c1:c3:86:0e:68:82:32:2a:91:fa:a2:
9e:0b:cf:68:eb:32:6c:77:ae:95:e7:ec:02:f8:55:d2:a7:16:
de:8b:6c:52:31:52:3b:e0:80:60:ca:8b:0b:72:8d:fb:7f:46:
0c:e9:2a:87:09:c3:f1:14:b1:98:14:5f:e3:38:4f:dc:40:b1:
bf:8f:e5:93:72:1d:92:cb:5a:95:11:08:47:f7:d2:01:80:9d:
5e:77:2c:cc:1e:3f:2d:1d:f3:14:71:43:8d:f5:fb:01:de:f1:
04:94:36:e0:71:9c:94:94:af:e7:bb:ba:56:92:08:dc:7c:da:
0b:aa:b1:33:60:3e:b9:c4:9b:00:2a:ae:bd:45:02:6f:ce:9c:
b4:14:95:31:4b:a6:28:e8:f8:88:e0:48:32:4e:1c:bb:b5:11:
03:80:c9:3c:8d:2d:b5:b2:ee:76:6c:54:7c:e0:d7:67:26:07:
92:f9:05:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI359ouznkCStnIJg6+JbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDNmYTcwM2ZiZWUwNGJiZDkxY2U2M2EzMjE0OGIzNmI4
ZTU1YWEwHhcNMjQwMTAyMDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM3OTRiNmJjM2FlNzFkN2Y5YTFmMGMyYTI2YzBhMjE5MTY3YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TTBf5MgSqOVOv6qtZMk8UMM87bK
DfPQIrHPDe/mVQ87deZgcXNvWmy7SBumt9UWreJjx0Zy9opim8p85jlMPs+k3+kY
RT710OWAvoheq0mmLhhIjQBdJeLTNTwad3w07iTtipzK6MVV/qRekfvS3I5wgUgM
3iLt4xr1iQjVCLumscDP+5l4sXkPhF/MdSvEtQgikzT05A5YfumORZZJP8WlMvgs
Xyzij8JNbvtMuxWMykKs46wceIqwbm68hiUFXev4092HkTXOOnPs8GpWUf3Qz9nl
SVTZ4b2MkpIqQ9APpGUCdYYJaP+XlC5z0ej+D+ha5euUXjue9pE/zihLkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjHlLa8Oucdf5ofDComwKIZFnp4MB8GA1UdIwQY
MBaAFLFD+nA/vuBLvZHOY6MhSLNrjlWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEt
MDBkMWU3YTE3MGEyLzEvcU1lVXRydzY1eDFfbWg4TUtpYkFvaGtXZW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEtMDBkMWU3YTE3MGEy
LzEvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXBiMA0G
CSqGSIb3DQEBCwUAA4IBAQA5RscTWJqBFiMzcgHTVR7vY0+LsaiHz9TobkA8HMyD
5NKsq0gtmNDx4TGaQh45nhn+Q2rxFPkuLdFcBzU9SyXNQLvoQm4ADIMTrxtKsouS
wcOGDmiCMiqR+qKeC89o6zJsd66V5+wC+FXSpxbei2xSMVI74IBgyosLco37f0YM
6SqHCcPxFLGYFF/jOE/cQLG/j+WTch2Sy1qVEQhH99IBgJ1edyzMHj8tHfMUcUON
9fsB3vEElDbgcZyUlK/nu7pWkgjcfNoLqrEzYD65xJsAKq69RQJvzpy0FJUxS6Yo
6PiI4EgyThy7tREDgMk8jS21su52bFR84NdnJgeS+QXB
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:14:29 2024 by rpki-client on console-fra.rpki-client.org