Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/ql8br5Bm5ryHvG7PGnuTt1_1oD4.roa
File: ql8br5Bm5ryHvG7PGnuTt1_1oD4.roa (raw, json)
Hash identifier: KCujset59rTqVNduQdpUs+54KUtiwc2lwnnEFXvAvTA=
Subject key identifier: AA:5F:1B:AF:90:66:E6:BC:87:BC:6E:CF:1A:7B:93:B7:5F:F5:A0:3E
Certificate issuer: /CN=c32ed45fcea9c71bbef56a5325c297cafae91e6e
Certificate serial: 018CC6B93D7A9A2A28EA7CCD5D2BA2F572FE
Authority key identifier: C3:2E:D4:5F:CE:A9:C7:1B:BE:F5:6A:53:25:C2:97:CA:FA:E9:1E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wy7UX86pxxu-9WpTJcKXyvrpHm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/ql8br5Bm5ryHvG7PGnuTt1_1oD4.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 192.33.120.0/21 maxlen: 21
192.33.118.0/23 maxlen: 23
129.129.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/wy7UX86pxxu-9WpTJcKXyvrpHm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/wy7UX86pxxu-9WpTJcKXyvrpHm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wy7UX86pxxu-9WpTJcKXyvrpHm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3d:7a:9a:2a:28:ea:7c:cd:5d:2b:a2:f5:72:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c32ed45fcea9c71bbef56a5325c297cafae91e6e
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa5f1baf9066e6bc87bc6ecf1a7b93b75ff5a03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:95:98:cf:66:17:db:af:a9:54:c7:16:69:
fd:56:3c:e7:f4:b3:37:95:5e:b9:39:27:39:4d:19:
59:cd:cc:86:c2:1d:89:44:5c:2b:ef:2b:06:8d:89:
fe:1c:a2:5a:9d:ed:cf:08:7c:b9:ce:22:8f:ef:51:
0e:88:c0:52:10:78:86:11:a3:75:a6:35:10:ad:3f:
c6:30:5f:25:4b:c6:e8:33:5d:72:26:46:80:19:7f:
ad:73:26:f4:18:c6:9f:60:e6:6a:12:cb:b5:4d:01:
60:9f:b8:ac:12:b6:40:64:03:66:64:4d:8c:18:7f:
1d:18:5b:69:29:dd:34:5e:de:71:6c:41:d9:6b:ee:
3d:7b:9c:99:3e:ce:9d:ef:46:cf:1f:0d:48:6d:e1:
b6:f3:74:df:d5:9a:17:f9:12:4a:dd:60:9b:39:dc:
32:fb:1c:12:a7:ee:b2:4a:02:f1:71:98:13:0e:10:
04:48:8b:9b:c9:97:39:9a:43:93:e4:4e:3d:cd:34:
64:e5:00:d6:d9:98:ca:37:c2:7d:76:36:74:a2:d0:
df:e3:57:8f:df:f5:16:fc:fc:eb:2f:f4:d2:42:33:
b3:00:1a:91:16:01:78:fc:59:c3:95:01:8a:81:b7:
f4:9c:b4:1c:ab:7d:6f:6a:8f:fc:47:03:49:7f:56:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5F:1B:AF:90:66:E6:BC:87:BC:6E:CF:1A:7B:93:B7:5F:F5:A0:3E
X509v3 Authority Key Identifier:
keyid:C3:2E:D4:5F:CE:A9:C7:1B:BE:F5:6A:53:25:C2:97:CA:FA:E9:1E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wy7UX86pxxu-9WpTJcKXyvrpHm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/ql8br5Bm5ryHvG7PGnuTt1_1oD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0a6ecb-bbdf-4e99-94c3-877446e88e40/1/wy7UX86pxxu-9WpTJcKXyvrpHm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.129.0.0/16
192.33.118.0-192.33.127.255
Signature Algorithm: sha256WithRSAEncryption
bc:d6:46:3b:7b:32:02:d2:89:4d:7b:85:4a:a8:f1:6d:be:ee:
0d:c7:10:0c:dc:b5:17:c4:bb:4c:34:89:09:08:88:a0:46:6c:
ff:64:59:fa:44:ae:76:2f:a6:11:86:74:62:ea:87:d7:be:8c:
67:29:8a:8b:c9:19:5e:e7:c6:a6:8b:5a:98:52:74:eb:ce:b1:
a1:e4:15:81:cf:97:d0:00:5f:e0:55:e8:c3:55:c3:d1:36:dd:
5d:b0:b8:da:b8:27:66:34:98:61:d2:f7:f2:a9:cf:9e:e5:49:
1e:02:0d:29:0d:a6:8b:28:f6:e6:15:f9:dd:6b:c1:e0:ba:7a:
a8:d4:55:50:32:9b:2d:b3:17:9c:10:48:b4:7d:92:b8:7a:75:
21:5b:78:9d:1d:76:0d:ed:a4:f7:58:af:19:9a:97:d4:c0:c7:
5f:9b:9f:95:bd:4a:2e:97:60:bc:65:cc:0a:81:a7:d5:80:7d:
41:1e:bc:5d:54:c0:21:41:8c:6f:35:4b:52:a5:25:96:15:97:
87:d0:c0:2a:93:90:71:d4:34:6d:1d:c0:15:ba:c3:39:57:6e:
fa:8f:ce:05:d2:64:28:a0:36:c5:1d:4a:9b:cb:8b:35:97:5c:
e2:b3:4e:2f:e8:72:c9:aa:6b:4d:5e:7c:79:23:10:87:41:9e:
c4:14:0e:3c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzGuT16mioo6nzNXSui9XL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmVkNDVmY2VhOWM3MWJiZWY1NmE1MzI1YzI5N2NhZmFl
OTFlNmUwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVmMWJhZjkwNjZlNmJjODdiYzZlY2YxYTdiOTNiNzVmZjVhMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3WVmM9mF9uvqVTHFmn9Vjzn9LM3
lV65OSc5TRlZzcyGwh2JRFwr7ysGjYn+HKJane3PCHy5ziKP71EOiMBSEHiGEaN1
pjUQrT/GMF8lS8boM11yJkaAGX+tcyb0GMafYOZqEsu1TQFgn7isErZAZANmZE2M
GH8dGFtpKd00Xt5xbEHZa+49e5yZPs6d70bPHw1IbeG283Tf1ZoX+RJK3WCbOdwy
+xwSp+6ySgLxcZgTDhAESIubyZc5mkOT5E49zTRk5QDW2ZjKN8J9djZ0otDf41eP
3/UW/PzrL/TSQjOzABqRFgF4/FnDlQGKgbf0nLQcq31vao/8RwNJf1Y5VwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFKpfG6+QZua8h7xuzxp7k7df9aA+MB8GA1UdIwQY
MBaAFMMu1F/OqccbvvVqUyXCl8r66R5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3k3VVg4NnB4eHUtOVdwVEpjS1h5dnJwSG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYTZlY2ItYmJkZi00ZTk5LTk0YzMt
ODc3NDQ2ZTg4ZTQwLzEvcWw4YnI1Qm01cnlIdkc3UEdudVR0MV8xb0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYTZlY2ItYmJkZi00ZTk5LTk0YzMtODc3NDQ2ZTg4ZTQw
LzEvd3k3VVg4NnB4eHUtOVdwVEpjS1h5dnJwSG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAgYEwDAME
AcAhdgMEB8AhADANBgkqhkiG9w0BAQsFAAOCAQEAvNZGO3syAtKJTXuFSqjxbb7u
DccQDNy1F8S7TDSJCQiIoEZs/2RZ+kSudi+mEYZ0YuqH176MZymKi8kZXufGpota
mFJ0686xoeQVgc+X0ABf4FXow1XD0TbdXbC42rgnZjSYYdL38qnPnuVJHgINKQ2m
iyj25hX53WvB4Lp6qNRVUDKbLbMXnBBItH2SuHp1IVt4nR12De2k91ivGZqX1MDH
X5uflb1KLpdgvGXMCoGn1YB9QR68XVTAIUGMbzVLUqUllhWXh9DAKpOQcdQ0bR3A
FbrDOVdu+o/OBdJkKKA2xR1Km8uLNZdc4rNOL+hyyaprTV58eSMQh0GexBQOPA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 12:51:56 2024 by rpki-client on console-ams.rpki-client.org