Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/Qpt_WE7u7qPmZQvhid6Wdj14J-Q.roa
File: Qpt_WE7u7qPmZQvhid6Wdj14J-Q.roa (raw, json)
Hash identifier: +cZhAWwD80FbGGP1sJdoVLy5zcq2Q13OMjQP9BRud4A=
Subject key identifier: 42:9B:7F:58:4E:EE:EE:A3:E6:65:0B:E1:89:DE:96:76:3D:78:27:E4
Certificate issuer: /CN=de14a429e6658abb70a3792c172d7ed62eb8fa26
Certificate serial: 018EBDB9780C8AD22995297DB4AC85C7682D
Authority key identifier: DE:14:A4:29:E6:65:8A:BB:70:A3:79:2C:17:2D:7E:D6:2E:B8:FA:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hSkKeZlirtwo3ksFy1-1i64-iY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/Qpt_WE7u7qPmZQvhid6Wdj14J-Q.roa
Signing time: Mon 08 Apr 2024 12:40:32 +0000
ROA not before: Mon 08 Apr 2024 12:40:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60472
IP address blocks: 185.128.11.0/24 maxlen: 26
2a0f:5ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/3hSkKeZlirtwo3ksFy1-1i64-iY.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/3hSkKeZlirtwo3ksFy1-1i64-iY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hSkKeZlirtwo3ksFy1-1i64-iY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:b9:78:0c:8a:d2:29:95:29:7d:b4:ac:85:c7:68:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de14a429e6658abb70a3792c172d7ed62eb8fa26
Validity
Not Before: Apr 8 12:40:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=429b7f584eeeeea3e6650be189de96763d7827e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dc:02:24:ee:ca:c6:59:bf:59:1b:94:15:58:
bb:33:dc:ae:e3:6d:3d:f1:0d:52:65:01:33:34:11:
e2:14:6d:da:8c:09:90:bd:81:cb:4b:65:dc:b4:e4:
4d:e8:7b:4b:32:d0:c5:10:e1:6b:6d:27:94:e1:01:
56:4b:ce:60:3c:c4:db:fa:61:b4:08:00:bb:b6:b1:
01:74:3c:ef:13:5e:d9:6f:6d:81:8a:ca:c2:ee:bd:
9c:1e:c8:6a:21:ea:39:24:1c:0d:19:6c:ab:36:a2:
d1:17:30:11:f5:b7:ad:30:4d:84:19:53:9b:b6:24:
16:f2:a7:f5:ed:f6:f1:bf:73:d9:dd:b5:40:9b:fd:
b2:c4:f9:4c:71:14:3a:cb:de:8b:39:6b:a1:a5:55:
27:8a:fa:5d:22:61:6e:ef:6f:5c:97:e6:a3:b5:0e:
6d:12:ca:d0:6a:73:a2:12:72:7d:24:3f:25:31:d9:
6e:57:45:cf:56:8a:d9:9b:2e:bd:9e:33:33:89:87:
d7:f0:55:e5:fd:11:95:5f:47:99:92:77:31:8c:a2:
21:86:b9:7e:93:40:f3:ad:f8:80:2a:76:4b:b0:08:
52:aa:46:e7:ec:af:32:a8:58:c9:cc:ca:22:e2:a0:
75:bf:81:98:18:aa:04:e0:41:4e:f4:a7:47:16:3a:
51:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9B:7F:58:4E:EE:EE:A3:E6:65:0B:E1:89:DE:96:76:3D:78:27:E4
X509v3 Authority Key Identifier:
keyid:DE:14:A4:29:E6:65:8A:BB:70:A3:79:2C:17:2D:7E:D6:2E:B8:FA:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hSkKeZlirtwo3ksFy1-1i64-iY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/Qpt_WE7u7qPmZQvhid6Wdj14J-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/73d197-33c0-42e8-a291-05d9c1cd7425/1/3hSkKeZlirtwo3ksFy1-1i64-iY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.11.0/24
IPv6:
2a0f:5ac0::/32
Signature Algorithm: sha256WithRSAEncryption
82:83:ad:cd:49:6b:a9:d4:9f:02:6a:31:e3:a4:7d:d7:48:86:
a3:92:fe:7f:20:f9:25:4d:20:b5:4f:fd:00:31:be:03:0f:01:
d9:3b:a6:54:ff:f7:15:dd:c8:ea:73:40:3c:6a:ca:b9:25:40:
6b:3e:c5:5f:06:a6:6e:48:be:2a:cd:1b:cd:9e:b6:ba:af:e6:
72:00:a2:7b:01:af:20:79:7a:ab:51:e5:50:39:92:31:98:11:
d3:c4:f8:fa:d2:0c:d9:bb:91:55:dc:77:34:a6:a7:de:22:76:
8c:f9:4c:75:89:85:fe:11:dc:a7:9c:27:1e:06:5f:3b:61:fc:
bb:90:7d:9d:aa:a4:33:90:46:88:82:20:90:42:ea:87:43:18:
37:2b:af:a6:44:74:cf:30:f8:fe:11:a1:a2:01:1b:62:74:96:
6c:48:ce:00:9f:f3:3a:15:d5:91:2c:2a:50:97:81:cc:5c:7d:
4a:93:5e:39:50:01:17:ac:e6:42:26:65:74:13:1a:fd:3e:bc:
ce:7f:06:c6:22:09:e2:7a:92:4a:5e:53:1c:52:ec:4c:ac:4e:
55:9c:37:ca:7b:a4:f0:90:45:7a:15:2d:1c:35:61:6f:5f:46:
90:82:62:0f:38:e9:4e:38:fa:66:8a:05:f7:d5:26:c8:5a:ae:
5a:8c:b1:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY69uXgMitIplSl9tKyFx2gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTRhNDI5ZTY2NThhYmI3MGEzNzkyYzE3MmQ3ZWQ2MmVi
OGZhMjYwHhcNMjQwNDA4MTI0MDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjliN2Y1ODRlZWVlZWEzZTY2NTBiZTE4OWRlOTY3NjNkNzgyN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNwCJO7Kxlm/WRuUFVi7M9yu4209
8Q1SZQEzNBHiFG3ajAmQvYHLS2XctORN6HtLMtDFEOFrbSeU4QFWS85gPMTb+mG0
CAC7trEBdDzvE17Zb22BisrC7r2cHshqIeo5JBwNGWyrNqLRFzAR9betME2EGVOb
tiQW8qf17fbxv3PZ3bVAm/2yxPlMcRQ6y96LOWuhpVUnivpdImFu729cl+ajtQ5t
EsrQanOiEnJ9JD8lMdluV0XPVorZmy69njMziYfX8FXl/RGVX0eZkncxjKIhhrl+
k0DzrfiAKnZLsAhSqkbn7K8yqFjJzMoi4qB1v4GYGKoE4EFO9KdHFjpRCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEKbf1hO7u6j5mUL4YnelnY9eCfkMB8GA1UdIwQY
MBaAFN4UpCnmZYq7cKN5LBctftYuuPomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hTa0tlWmxpcnR3bzNrc0Z5MS0xaTY0LWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83M2QxOTctMzNjMC00MmU4LWEyOTEt
MDVkOWMxY2Q3NDI1LzEvUXB0X1dFN3U3cVBtWlF2aGlkNldkajE0Si1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83M2QxOTctMzNjMC00MmU4LWEyOTEtMDVkOWMxY2Q3NDI1
LzEvM2hTa0tlWmxpcnR3bzNrc0Z5MS0xaTY0LWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYALMA0E
AgACMAcDBQAqD1rAMA0GCSqGSIb3DQEBCwUAA4IBAQCCg63NSWup1J8CajHjpH3X
SIajkv5/IPklTSC1T/0AMb4DDwHZO6ZU//cV3cjqc0A8asq5JUBrPsVfBqZuSL4q
zRvNnra6r+ZyAKJ7Aa8geXqrUeVQOZIxmBHTxPj60gzZu5FV3Hc0pqfeInaM+Ux1
iYX+EdynnCceBl87Yfy7kH2dqqQzkEaIgiCQQuqHQxg3K6+mRHTPMPj+EaGiARti
dJZsSM4An/M6FdWRLCpQl4HMXH1Kk145UAEXrOZCJmV0Exr9PrzOfwbGIgniepJK
XlMcUuxMrE5VnDfKe6TwkEV6FS0cNWFvX0aQgmIPOOlOOPpmigX31SbIWq5ajLEA
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:35:24 2024 by rpki-client on console-ams.rpki-client.org