Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QeHJwnhAkpXHO4v9mvtikuSAPms.roa
File: QeHJwnhAkpXHO4v9mvtikuSAPms.roa (raw, json)
Hash identifier: xoKdBooEsFUwYNd8D2PHHdDRRZTiYLbXiYTdS54pbaY=
Subject key identifier: 41:E1:C9:C2:78:40:92:95:C7:3B:8B:FD:9A:FB:62:92:E4:80:3E:6B
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018D7EF004EA276DC21B71DD846053388CE8
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QeHJwnhAkpXHO4v9mvtikuSAPms.roa
Signing time: Tue 06 Feb 2024 15:01:15 +0000
ROA not before: Tue 06 Feb 2024 15:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 82.206.48.0/21 maxlen: 24
82.206.80.0/20 maxlen: 20
82.206.80.0/21 maxlen: 24
82.206.88.0/21 maxlen: 24
82.206.96.0/19 maxlen: 19
82.206.96.0/21 maxlen: 24
82.206.104.0/21 maxlen: 24
82.206.112.0/21 maxlen: 24
82.206.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:f0:04:ea:27:6d:c2:1b:71:dd:84:60:53:38:8c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 6 15:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41e1c9c278409295c73b8bfd9afb6292e4803e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1a:4c:0f:76:06:c6:44:79:d4:3d:38:19:fe:
5e:ef:28:fb:24:6f:3d:d7:13:ed:af:58:61:82:46:
67:b8:da:ef:1d:60:4d:3c:53:c5:fb:fc:9d:1b:9c:
ec:42:c3:57:f8:b0:22:62:1d:c3:02:1e:a8:4d:4e:
ed:23:ee:15:45:24:ad:30:3b:4f:5d:a6:e0:83:6f:
91:15:bd:d6:25:0b:59:6d:44:9c:76:55:c4:da:0e:
4f:1d:c0:19:0c:59:27:d8:14:7f:02:65:6c:cd:51:
56:7f:cd:94:81:c1:ff:ed:39:68:07:a5:f0:1f:ee:
f5:0e:db:b1:16:7a:ea:98:e4:65:7a:55:7c:90:38:
b7:79:cf:46:80:40:77:5c:3d:f8:38:67:00:b1:6e:
2b:cf:7c:df:e4:65:a3:ab:f4:08:13:81:8a:d8:61:
41:e5:95:95:5c:67:fa:f9:77:99:52:8c:11:3b:03:
82:b5:ba:84:05:2b:4c:02:d0:7a:75:74:69:88:f0:
8a:4e:a9:39:1c:57:41:6a:9a:a5:f1:e0:11:7f:2c:
47:6f:a4:5b:0e:42:5f:37:fb:98:4c:c8:99:49:db:
69:65:f0:da:54:0b:05:91:32:f2:5c:ec:59:f2:90:
4d:e9:18:93:a4:cc:5b:e2:17:ee:6b:e1:6a:de:b1:
c9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E1:C9:C2:78:40:92:95:C7:3B:8B:FD:9A:FB:62:92:E4:80:3E:6B
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/QeHJwnhAkpXHO4v9mvtikuSAPms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.48.0/21
82.206.80.0-82.206.127.255
Signature Algorithm: sha256WithRSAEncryption
a2:6f:f2:8c:ba:9f:35:ec:d6:ed:40:ca:2f:b3:40:ea:6f:21:
aa:7b:af:6a:39:c4:3e:d2:89:bc:43:09:a6:a6:29:91:51:e6:
56:a2:c0:6b:05:ef:a3:02:56:d9:6f:f1:e1:96:f0:1b:bd:3d:
b4:78:db:2a:8e:8d:c9:22:0c:41:e6:6b:42:68:4c:ba:47:18:
ad:cc:ec:0f:ff:19:51:66:6d:7f:1f:a6:d5:a2:6f:8c:27:30:
d3:ce:3e:08:d9:ab:c8:41:b4:1e:93:02:31:6e:84:17:ca:57:
37:50:0d:42:0d:ad:ac:d0:66:5e:6c:49:93:a0:b3:20:ab:93:
8a:a7:3b:9d:0d:4e:ae:05:73:65:e6:64:e1:f4:00:62:9b:aa:
42:e5:e1:e6:70:13:54:a9:3a:0e:76:69:35:8c:44:d0:f0:89:
23:be:da:22:14:69:d2:ae:13:59:e1:f1:e1:e6:59:d0:a6:72:
7b:0a:53:e7:6f:ec:85:ad:39:57:28:75:33:bc:2b:20:5c:19:
0e:48:58:b0:1b:cd:46:95:c0:8d:c2:3b:de:72:ee:1d:11:71:
fb:11:67:0c:cb:ff:a4:2b:a5:bf:b3:4b:d2:a7:4f:28:3e:f1:
05:d1:bb:65:9b:f0:30:c2:37:67:25:94:4f:b7:d0:53:ee:67:
a8:aa:a2:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY1+8ATqJ23CG3HdhGBTOIzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMjA2MTUwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUxYzljMjc4NDA5Mjk1YzczYjhiZmQ5YWZiNjI5MmU0ODAzZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBpMD3YGxkR51D04Gf5e7yj7JG89
1xPtr1hhgkZnuNrvHWBNPFPF+/ydG5zsQsNX+LAiYh3DAh6oTU7tI+4VRSStMDtP
Xabgg2+RFb3WJQtZbUScdlXE2g5PHcAZDFkn2BR/AmVszVFWf82UgcH/7TloB6Xw
H+71DtuxFnrqmORlelV8kDi3ec9GgEB3XD34OGcAsW4rz3zf5GWjq/QIE4GK2GFB
5ZWVXGf6+XeZUowROwOCtbqEBStMAtB6dXRpiPCKTqk5HFdBapql8eARfyxHb6Rb
DkJfN/uYTMiZSdtpZfDaVAsFkTLyXOxZ8pBN6RiTpMxb4hfua+Fq3rHJaQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEHhycJ4QJKVxzuL/Zr7YpLkgD5rMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvUWVISnduaEFrcFhITzR2OW12dGlrdVNBUG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDUs4wMAwD
BARSzlADBAdSzgAwDQYJKoZIhvcNAQELBQADggEBAKJv8oy6nzXs1u1Ayi+zQOpv
Iap7r2o5xD7SibxDCaamKZFR5laiwGsF76MCVtlv8eGW8Bu9PbR42yqOjckiDEHm
a0JoTLpHGK3M7A//GVFmbX8fptWib4wnMNPOPgjZq8hBtB6TAjFuhBfKVzdQDUIN
razQZl5sSZOgsyCrk4qnO50NTq4Fc2XmZOH0AGKbqkLl4eZwE1SpOg52aTWMRNDw
iSO+2iIUadKuE1nh8eHmWdCmcnsKU+dv7IWtOVcodTO8KyBcGQ5IWLAbzUaVwI3C
O95y7h0RcfsRZwzL/6Qrpb+zS9KnTyg+8QXRu2Wb8DDCN2cllE+30FPuZ6iqojQ=
-----END CERTIFICATE-----
Generated at Sat Jun 1 07:31:11 2024 by rpki-client on console-fra.rpki-client.org