Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/qdl5fku-AQNMruwoJyh0jH26_CU.roa
File: qdl5fku-AQNMruwoJyh0jH26_CU.roa (raw, json)
Hash identifier: dn4K1VnnRaJkkXquVd29t6+4xYzZ7Au4JfP78rZG2Qo=
Subject key identifier: A9:D9:79:7E:4B:BE:01:03:4C:AE:EC:28:27:28:74:8C:7D:BA:FC:25
Certificate issuer: /CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Certificate serial: 018CC6B921081B7925BEF4C94AFF07A12315
Authority key identifier: 68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/qdl5fku-AQNMruwoJyh0jH26_CU.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47344
IP address blocks: 91.202.249.0/24 maxlen: 24
91.202.248.0/24 maxlen: 24
91.202.248.0/22 maxlen: 22
91.202.251.0/24 maxlen: 24
91.202.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:21:08:1b:79:25:be:f4:c9:4a:ff:07:a1:23:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68637081ca7c2eba41010abeaad64a7c61f6a113
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9d9797e4bbe01034caeec282728748c7dbafc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7a:70:d1:fb:fd:94:cd:2c:1f:f4:f3:fb:f1:
b1:39:0f:6a:89:ef:7e:7a:31:fe:bf:21:cb:29:26:
f8:2e:2f:ac:7a:b4:10:d8:79:7b:d1:e2:83:f1:6d:
54:e9:16:30:3e:74:32:57:3b:28:fb:e6:42:50:b4:
65:33:32:b0:a2:13:77:88:cc:af:45:85:d2:d8:f0:
ac:bf:9c:85:6d:37:11:c8:35:42:49:f0:9a:56:da:
53:f1:db:32:65:c1:68:c6:29:58:2f:01:b3:9a:10:
ac:0a:fc:38:4e:fa:e6:dc:21:b4:b0:5d:7d:d6:42:
fa:57:70:76:7b:b5:89:29:4c:8b:37:a8:e9:bf:da:
8c:a5:22:73:3a:58:68:a3:9c:c6:55:f1:49:77:38:
dd:10:cf:35:2a:72:4b:77:43:4a:72:e1:8e:6a:f4:
17:b7:cd:b4:7f:1d:cc:e7:73:e3:3f:fa:e8:fd:16:
fa:96:4a:54:cd:fe:da:db:66:e9:80:84:fe:f7:b9:
9b:5f:91:6d:27:46:b3:d6:13:c4:60:6f:c9:98:f0:
d1:dc:fe:4e:af:ee:a9:7e:20:cf:3c:a1:79:95:cc:
4a:f5:29:05:f8:a1:27:c9:c3:e4:ae:f7:c8:17:37:
7d:16:7c:0d:7d:5a:6e:9d:75:3b:b4:d8:e1:19:18:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D9:79:7E:4B:BE:01:03:4C:AE:EC:28:27:28:74:8C:7D:BA:FC:25
X509v3 Authority Key Identifier:
keyid:68:63:70:81:CA:7C:2E:BA:41:01:0A:BE:AA:D6:4A:7C:61:F6:A1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGNwgcp8LrpBAQq-qtZKfGH2oRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/qdl5fku-AQNMruwoJyh0jH26_CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6f3269-587d-4b87-8d3a-e6679e7b795a/1/aGNwgcp8LrpBAQq-qtZKfGH2oRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.248.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:85:ee:f8:08:0e:52:f4:73:96:16:e9:66:c2:b3:18:ef:98:
24:83:c0:48:fe:e6:c8:ba:05:a5:a7:1b:13:68:8f:82:7d:73:
e3:3b:47:48:ea:e0:32:86:1f:67:e1:25:65:cc:e8:eb:7d:e9:
bf:d4:fc:b4:7a:59:a2:f3:34:4e:72:e2:a7:9b:ae:2f:d9:bf:
05:b5:05:c5:54:cd:2c:02:80:f0:31:e7:b8:bb:00:96:eb:c5:
fa:4c:21:1b:5d:aa:39:8d:62:99:ef:eb:1e:73:c9:9b:11:4a:
cb:df:6d:6d:56:8e:2b:e3:5e:2c:eb:ef:43:22:4d:30:c3:7e:
bb:86:ec:bc:eb:1a:16:bd:19:49:2d:cf:9a:65:6f:c2:4e:9c:
49:00:c3:9d:2c:c0:44:6e:16:79:59:c9:83:79:6f:52:b8:5a:
77:b5:f7:9d:d0:df:82:2d:98:67:15:df:68:fa:92:df:d5:ed:
1d:86:ed:f3:e4:a6:96:d1:20:23:c4:77:3f:00:b3:74:2c:59:
bf:97:f5:6a:0f:d2:8c:81:1f:bb:81:70:11:15:84:50:f6:48:
59:7e:fa:b6:75:73:c3:fb:4e:c2:16:7c:40:c4:67:93:bc:de:
1f:8f:eb:d4:1e:4a:a0:94:dc:1b:a2:66:7b:dc:a4:c4:7c:f2:
c0:e7:64:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSEIG3klvvTJSv8HoSMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM3MDgxY2E3YzJlYmE0MTAxMGFiZWFhZDY0YTdjNjFm
NmExMTMwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ5Nzk3ZTRiYmUwMTAzNGNhZWVjMjgyNzI4NzQ4YzdkYmFmYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHpw0fv9lM0sH/Tz+/GxOQ9qie9+
ejH+vyHLKSb4Li+serQQ2Hl70eKD8W1U6RYwPnQyVzso++ZCULRlMzKwohN3iMyv
RYXS2PCsv5yFbTcRyDVCSfCaVtpT8dsyZcFoxilYLwGzmhCsCvw4Tvrm3CG0sF19
1kL6V3B2e7WJKUyLN6jpv9qMpSJzOlhoo5zGVfFJdzjdEM81KnJLd0NKcuGOavQX
t820fx3M53PjP/ro/Rb6lkpUzf7a22bpgIT+97mbX5FtJ0az1hPEYG/JmPDR3P5O
r+6pfiDPPKF5lcxK9SkF+KEnycPkrvfIFzd9FnwNfVpunXU7tNjhGRjGlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnZeX5LvgEDTK7sKCcodIx9uvwlMB8GA1UdIwQY
MBaAFGhjcIHKfC66QQEKvqrWSnxh9qETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2Et
ZTY2NzllN2I3OTVhLzEvcWRsNWZrdS1BUU5NcnV3b0p5aDBqSDI2X0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82ZjMyNjktNTg3ZC00Yjg3LThkM2EtZTY2NzllN2I3OTVh
LzEvYUdOd2djcDhMcnBCQVFxLXF0WktmR0gyb1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8r4MA0G
CSqGSIb3DQEBCwUAA4IBAQAOhe74CA5S9HOWFulmwrMY75gkg8BI/ubIugWlpxsT
aI+CfXPjO0dI6uAyhh9n4SVlzOjrfem/1Py0elmi8zROcuKnm64v2b8FtQXFVM0s
AoDwMee4uwCW68X6TCEbXao5jWKZ7+sec8mbEUrL321tVo4r414s6+9DIk0ww367
huy86xoWvRlJLc+aZW/CTpxJAMOdLMBEbhZ5WcmDeW9SuFp3tfed0N+CLZhnFd9o
+pLf1e0dhu3z5KaW0SAjxHc/ALN0LFm/l/VqD9KMgR+7gXARFYRQ9khZfvq2dXPD
+07CFnxAxGeTvN4fj+vUHkqglNwbomZ73KTEfPLA52Q3
-----END CERTIFICATE-----
Generated at Mon Jul 1 01:22:59 2024 by rpki-client on console-ams.rpki-client.org