Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QKGiLmjWMTEkveUIL6UZ5q0SEOs.roa
File: QKGiLmjWMTEkveUIL6UZ5q0SEOs.roa (raw, json)
Hash identifier: 3bV/k8iRKu3mHQg27t48OxF+5AiEfzpTb/vWuEwl8KY=
Subject key identifier: 40:A1:A2:2E:68:D6:31:31:24:BD:E5:08:2F:A5:19:E6:AD:12:10:EB
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649D4F445ABE825DEC9948038469973
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QKGiLmjWMTEkveUIL6UZ5q0SEOs.roa
Signing time: Mon 01 Jan 2024 18:29:36 +0000
ROA not before: Mon 01 Jan 2024 18:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21337
IP address blocks: 195.34.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:d4:f4:45:ab:e8:25:de:c9:94:80:38:46:99:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40a1a22e68d6313124bde5082fa519e6ad1210eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0e:2f:d2:04:b5:83:f1:fd:90:f9:bc:0c:26:
98:18:44:8a:e1:51:75:22:ef:f8:f5:61:dc:be:b2:
e4:23:34:0d:12:e4:0c:0d:96:92:e7:9f:04:d4:c0:
e7:7c:c5:32:07:02:58:6f:c5:e7:3b:6b:4a:bc:65:
7d:cd:ba:94:de:91:de:37:4f:1f:14:2e:fe:be:11:
30:30:ac:8b:35:08:a3:22:e4:6d:f4:f0:b9:d7:1a:
b1:96:09:16:62:2f:ba:d9:06:eb:9e:14:a3:75:2d:
42:58:6a:40:8f:b3:16:13:a9:ad:c4:59:ed:32:e4:
aa:96:f8:5d:0d:98:60:1b:ac:54:cd:93:fa:aa:36:
f8:6f:6d:dc:54:0b:a5:44:95:7e:7a:45:c8:ab:35:
ce:65:cc:74:b0:fe:53:20:05:58:34:db:31:dc:04:
d9:79:a4:fb:41:ca:4e:4e:69:fe:46:65:79:9d:3c:
29:18:e0:6f:56:12:3c:03:47:5d:d3:5e:9a:3b:26:
96:2a:20:ef:45:60:b7:ae:b3:ad:28:52:f9:8d:71:
32:4b:f5:66:3a:c5:42:bf:cd:fd:ee:9e:21:c2:02:
dc:b6:d6:17:08:d1:59:fe:1d:1b:77:37:57:5f:3f:
12:27:a2:70:b8:8c:c6:78:df:00:e5:2f:c8:22:84:
da:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:A2:2E:68:D6:31:31:24:BD:E5:08:2F:A5:19:E6:AD:12:10:EB
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QKGiLmjWMTEkveUIL6UZ5q0SEOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.112.0/24
Signature Algorithm: sha256WithRSAEncryption
17:7f:90:c7:df:48:1d:1a:04:c0:b6:05:eb:e1:53:f3:0d:7e:
75:8d:f0:b3:4a:4c:9d:84:e4:19:8b:d8:6f:21:ab:60:4d:fd:
e1:56:58:9b:1b:5c:3b:df:a6:ed:f8:e5:20:e1:14:58:90:9b:
08:b6:53:c8:b4:b8:9c:4d:08:51:c3:14:41:f7:4b:e2:79:26:
09:c0:d2:9c:fd:71:12:cc:d4:3a:46:2a:ae:4e:2a:79:44:b5:
24:79:00:a8:1f:f3:b6:39:f5:62:41:ad:ce:a8:f0:8a:8d:df:
79:48:ac:57:15:a0:d6:29:60:94:fb:19:1a:2d:42:6e:cf:4d:
4a:f7:a9:84:7f:55:c4:51:9e:fa:5d:f4:43:1e:f0:60:e5:4f:
65:74:19:17:dd:ea:3f:b5:bb:dd:e9:a5:dc:4a:dd:f7:90:62:
6b:6d:d0:51:71:76:19:ea:60:20:bb:c7:52:b1:ea:c1:f9:8b:
3a:20:f6:b3:71:a7:82:2b:f2:97:89:f4:7c:36:56:9f:b2:ae:
bb:73:a5:ea:df:4a:95:9f:19:58:5a:38:bc:9d:4a:2b:0a:95:
9b:8d:ce:0d:bb:62:d1:26:d5:65:c0:9d:8e:9d:59:2f:52:1a:
e6:36:0e:a9:82:f6:9e:83:b0:68:3c:7e:55:3c:3d:0f:a1:15:
3b:86:64:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSdT0RavoJd7JlIA4RplzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGExYTIyZTY4ZDYzMTMxMjRiZGU1MDgyZmE1MTllNmFkMTIxMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg4v0gS1g/H9kPm8DCaYGESK4VF1
Iu/49WHcvrLkIzQNEuQMDZaS558E1MDnfMUyBwJYb8XnO2tKvGV9zbqU3pHeN08f
FC7+vhEwMKyLNQijIuRt9PC51xqxlgkWYi+62QbrnhSjdS1CWGpAj7MWE6mtxFnt
MuSqlvhdDZhgG6xUzZP6qjb4b23cVAulRJV+ekXIqzXOZcx0sP5TIAVYNNsx3ATZ
eaT7QcpOTmn+RmV5nTwpGOBvVhI8A0dd016aOyaWKiDvRWC3rrOtKFL5jXEyS/Vm
OsVCv8397p4hwgLcttYXCNFZ/h0bdzdXXz8SJ6JwuIzGeN8A5S/IIoTaqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEChoi5o1jExJL3lCC+lGeatEhDrMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvUUtHaUxtaldNVEVrdmVVSUw2VVo1cTBTRU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyJwMA0G
CSqGSIb3DQEBCwUAA4IBAQAXf5DH30gdGgTAtgXr4VPzDX51jfCzSkydhOQZi9hv
IatgTf3hVlibG1w736bt+OUg4RRYkJsItlPItLicTQhRwxRB90vieSYJwNKc/XES
zNQ6RiquTip5RLUkeQCoH/O2OfViQa3OqPCKjd95SKxXFaDWKWCU+xkaLUJuz01K
96mEf1XEUZ76XfRDHvBg5U9ldBkX3eo/tbvd6aXcSt33kGJrbdBRcXYZ6mAgu8dS
serB+Ys6IPazcaeCK/KXifR8Nlafsq67c6Xq30qVnxlYWji8nUorCpWbjc4Nu2LR
JtVlwJ2OnVkvUhrmNg6pgvaeg7BoPH5VPD0PoRU7hmTZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:05 2024 by rpki-client on console-fra.rpki-client.org