Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/CQ_6N9m8J7zfNFXSCfg6Ho34Fpc.roa
File: CQ_6N9m8J7zfNFXSCfg6Ho34Fpc.roa (raw, json)
Hash identifier: N7nVJjqzKG7TuJIw0ibfpw5I9i+j3S5Gg+Rsyv9b1GY=
Subject key identifier: 09:0F:FA:37:D9:BC:27:BC:DF:34:55:D2:09:F8:3A:1E:8D:F8:16:97
Certificate issuer: /CN=2fb87a2c309d75553a46e1025775e9aa41f6b337
Certificate serial: 018CC3B69976919D0109B6741B7408EBC379
Authority key identifier: 2F:B8:7A:2C:30:9D:75:55:3A:46:E1:02:57:75:E9:AA:41:F6:B3:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L7h6LDCddVU6RuECV3XpqkH2szc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/CQ_6N9m8J7zfNFXSCfg6Ho34Fpc.roa
Signing time: Mon 01 Jan 2024 06:29:33 +0000
ROA not before: Mon 01 Jan 2024 06:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208463
IP address blocks: 45.135.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/L7h6LDCddVU6RuECV3XpqkH2szc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/L7h6LDCddVU6RuECV3XpqkH2szc.mft
rsync://rpki.ripe.net/repository/DEFAULT/L7h6LDCddVU6RuECV3XpqkH2szc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:99:76:91:9d:01:09:b6:74:1b:74:08:eb:c3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fb87a2c309d75553a46e1025775e9aa41f6b337
Validity
Not Before: Jan 1 06:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=090ffa37d9bc27bcdf3455d209f83a1e8df81697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:35:01:91:81:fb:dc:c9:28:c1:95:e4:da:94:
30:2a:24:a0:af:b8:69:43:b9:4a:c3:e6:30:93:51:
e7:29:1c:7e:7a:a6:d9:b6:c3:2e:b1:d1:72:4e:b0:
99:ec:0c:45:d0:7b:3f:72:85:da:a7:75:40:21:ea:
58:1b:a2:b4:52:dc:5a:c7:26:55:39:f1:4d:3b:05:
96:9f:28:6e:ad:56:6f:c9:13:a9:d1:b1:ec:2b:c1:
17:63:b5:6e:bf:6d:49:b6:04:95:b4:f8:97:d6:80:
4e:3c:b7:98:24:db:e9:55:44:79:3a:72:a9:93:8e:
d7:ae:d0:f7:d2:f5:f7:d5:9f:0f:be:88:e9:d3:fd:
46:42:b1:0e:43:69:dd:c1:5f:d5:2d:9d:ca:26:e1:
28:23:45:23:5f:4a:37:cf:8d:c2:62:b0:86:ac:03:
8f:49:cc:fc:88:f5:a7:93:cf:7a:a9:a4:c3:ea:f5:
29:11:dc:7d:48:b9:5e:1f:fa:ff:6a:c5:f3:3b:66:
24:72:34:02:47:ab:72:14:75:6c:39:db:7c:f0:21:
8b:7c:4a:a1:56:66:20:9a:4e:10:b7:f6:2b:57:79:
97:6b:92:1d:2d:47:06:e5:b5:0e:d9:3d:f2:27:78:
5f:b6:49:2c:2d:39:5a:fc:76:00:97:bc:73:a5:72:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0F:FA:37:D9:BC:27:BC:DF:34:55:D2:09:F8:3A:1E:8D:F8:16:97
X509v3 Authority Key Identifier:
keyid:2F:B8:7A:2C:30:9D:75:55:3A:46:E1:02:57:75:E9:AA:41:F6:B3:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L7h6LDCddVU6RuECV3XpqkH2szc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/CQ_6N9m8J7zfNFXSCfg6Ho34Fpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/L7h6LDCddVU6RuECV3XpqkH2szc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.108.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d5:33:96:a8:a7:de:84:dc:30:cd:32:2e:82:94:3e:64:5d:
84:fe:53:25:52:ce:38:f4:24:73:a2:37:f2:18:16:28:08:66:
cb:f1:c3:ae:8a:40:b8:4e:e8:4a:1b:25:b5:fa:68:bc:24:02:
91:eb:55:33:ba:57:bf:5e:be:c6:61:5c:d4:ef:4f:69:14:d7:
a9:59:31:71:d2:d7:43:4b:f0:cd:e9:20:29:46:11:3e:a8:a2:
d5:39:a1:db:9b:12:69:a3:10:5c:fb:dc:47:46:e4:89:22:54:
9b:46:64:9b:dc:7f:98:5d:fc:cb:7f:b3:01:a1:bb:05:8b:c1:
84:4d:f8:50:e9:b7:d2:e6:8d:37:6a:48:d3:bb:8f:ea:4e:66:
e5:14:64:7a:bc:99:16:f5:3c:2d:e8:5d:b8:79:0d:1f:d6:4f:
56:b3:ce:dc:4e:47:61:fb:92:38:86:42:6b:b3:e0:7c:16:e2:
95:3c:18:cc:70:f9:b9:65:55:43:81:bf:30:c0:f4:fe:47:25:
c9:8c:d8:4b:db:69:6c:30:37:e9:b1:bf:da:9b:22:6f:46:22:
f7:5c:ef:33:15:d7:45:1e:86:0a:2b:74:42:5b:36:75:2b:fe:
ff:27:e0:c3:76:69:d5:bc:a9:af:1a:1e:f0:5f:b1:27:a0:32:
bd:e2:21:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpl2kZ0BCbZ0G3QI68N5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYjg3YTJjMzA5ZDc1NTUzYTQ2ZTEwMjU3NzVlOWFhNDFm
NmIzMzcwHhcNMjQwMTAxMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBmZmEzN2Q5YmMyN2JjZGYzNDU1ZDIwOWY4M2ExZThkZjgxNjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzUBkYH73MkowZXk2pQwKiSgr7hp
Q7lKw+Ywk1HnKRx+eqbZtsMusdFyTrCZ7AxF0Hs/coXap3VAIepYG6K0UtxaxyZV
OfFNOwWWnyhurVZvyROp0bHsK8EXY7Vuv21JtgSVtPiX1oBOPLeYJNvpVUR5OnKp
k47XrtD30vX31Z8Pvojp0/1GQrEOQ2ndwV/VLZ3KJuEoI0UjX0o3z43CYrCGrAOP
Scz8iPWnk896qaTD6vUpEdx9SLleH/r/asXzO2YkcjQCR6tyFHVsOdt88CGLfEqh
VmYgmk4Qt/YrV3mXa5IdLUcG5bUO2T3yJ3hftkksLTla/HYAl7xzpXKaxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkP+jfZvCe83zRV0gn4Oh6N+BaXMB8GA1UdIwQY
MBaAFC+4eiwwnXVVOkbhAld16apB9rM3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDdoNkxEQ2RkVlU2UnVFQ1YzWHBxa0gyc3pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zY2ZkOTQtN2Q1MS00NTlhLTgzOTMt
NzcxN2ViMzE5MTYwLzEvQ1FfNk45bThKN3pmTkZYU0NmZzZIbzM0RnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zY2ZkOTQtN2Q1MS00NTlhLTgzOTMtNzcxN2ViMzE5MTYw
LzEvTDdoNkxEQ2RkVlU2UnVFQ1YzWHBxa0gyc3pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYdsMA0G
CSqGSIb3DQEBCwUAA4IBAQAe1TOWqKfehNwwzTIugpQ+ZF2E/lMlUs449CRzojfy
GBYoCGbL8cOuikC4TuhKGyW1+mi8JAKR61Uzule/Xr7GYVzU709pFNepWTFx0tdD
S/DN6SApRhE+qKLVOaHbmxJpoxBc+9xHRuSJIlSbRmSb3H+YXfzLf7MBobsFi8GE
TfhQ6bfS5o03akjTu4/qTmblFGR6vJkW9Twt6F24eQ0f1k9Ws87cTkdh+5I4hkJr
s+B8FuKVPBjMcPm5ZVVDgb8wwPT+RyXJjNhL22lsMDfpsb/amyJvRiL3XO8zFddF
HoYKK3RCWzZ1K/7/J+DDdmnVvKmvGh7wX7EnoDK94iG8
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:35:31 2024 by rpki-client on console-fra.rpki-client.org