Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QFDwHj-j-y33uDhFUsrE-1OKCE0.roa
File: QFDwHj-j-y33uDhFUsrE-1OKCE0.roa (raw, json)
Hash identifier: zupjnMRcjVnfmgFPyHKsQHldn/aPiQG7UKeQJHmAcy4=
Subject key identifier: 40:50:F0:1E:3F:A3:FB:2D:F7:B8:38:45:52:CA:C4:FB:53:8A:08:4D
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B9479D9036A32AE607761C46615ADF
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QFDwHj-j-y33uDhFUsrE-1OKCE0.roa
Signing time: Mon 01 Jan 2024 20:31:20 +0000
ROA not before: Mon 01 Jan 2024 20:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28099
IP address blocks: 37.235.52.0/24 maxlen: 24
2a03:f80:56::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:47:9d:90:36:a3:2a:e6:07:76:1c:46:61:5a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4050f01e3fa3fb2df7b8384552cac4fb538a084d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:46:4c:71:74:04:0b:62:3f:8b:77:78:38:
ac:db:ef:a8:3e:78:fc:4b:3b:bb:ed:bf:12:4b:45:
2c:ce:cc:87:e7:e4:1b:ce:bb:b7:95:65:ae:70:45:
f6:a4:53:e1:13:2b:c8:79:49:c8:cb:fb:2d:3b:4e:
1a:b8:a7:ba:8d:81:57:19:2a:13:00:0b:df:ab:57:
44:b0:cc:d0:36:38:42:4c:d1:18:10:dc:65:35:b2:
38:e8:a1:1f:ef:d7:a6:7e:d4:af:64:0c:d3:2c:91:
af:e0:4e:04:ee:82:0a:5c:40:e1:a3:6b:95:06:d6:
6b:81:ea:7d:a6:d4:9a:95:96:5e:a0:fb:22:1b:1f:
79:5a:14:74:9d:cb:88:ae:82:1b:de:f0:63:65:7c:
0c:8e:14:fd:c5:bd:7f:ff:f2:ce:e4:e6:b4:ca:83:
6a:9f:43:d6:8e:28:9b:ae:03:e2:5d:4a:ca:90:1c:
a0:9b:f6:33:db:df:39:bc:95:7c:d5:2c:b3:f4:ae:
bb:cb:e3:f7:44:69:8c:c7:99:59:ea:c2:a5:2d:ff:
bf:87:f7:86:d7:d6:28:1c:65:9a:24:3c:42:8b:f0:
57:ec:6f:52:d8:a8:77:4a:41:36:60:54:18:f4:ca:
85:f4:16:13:a1:db:9e:85:1f:3c:67:e9:7d:a3:a8:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:50:F0:1E:3F:A3:FB:2D:F7:B8:38:45:52:CA:C4:FB:53:8A:08:4D
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/QFDwHj-j-y33uDhFUsrE-1OKCE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.52.0/24
IPv6:
2a03:f80:56::/48
Signature Algorithm: sha256WithRSAEncryption
6a:f1:6f:99:c3:9b:b1:c6:48:60:96:be:2c:dd:41:c6:77:31:
71:1f:22:ce:37:ea:22:ae:5f:69:20:82:76:0c:ae:8b:46:f0:
69:ee:d8:07:e3:72:b7:c3:21:73:3c:1d:a0:d4:d3:94:fc:b3:
27:72:c9:f4:6c:3b:f2:37:05:a4:a9:48:74:c2:a2:51:64:29:
c6:7d:b0:a2:d0:60:8a:c1:0c:d4:b7:0b:7e:7a:a5:d9:7b:01:
60:4a:80:cb:1b:86:d1:51:2d:a6:9d:f8:66:18:76:43:40:9c:
38:24:a4:10:a1:a4:1c:b0:e2:e1:d7:60:76:c8:1e:04:b9:cb:
01:5a:80:be:d6:e8:94:32:f6:bb:2a:a5:c7:79:aa:7b:31:4e:
1c:0b:1b:46:c3:00:8f:1c:9f:80:b1:2e:b2:3f:08:f5:b0:6f:
1b:d5:eb:ff:89:0f:42:a6:94:10:a6:c1:b1:60:ef:74:e0:d4:
e2:1e:b9:4f:3e:a1:2f:24:ef:9a:50:1a:f4:bf:3f:dc:34:c6:
3c:51:ef:d1:0e:cd:cb:d6:a2:db:bd:71:8b:1f:ca:05:c9:89:
d7:b3:de:8c:55:27:34:5e:c1:90:6e:9f:ba:c9:69:62:8d:fb:
4b:a8:51:32:1a:62:25:ff:f8:4e:06:6b:ef:6e:be:de:5f:16:
26:4d:dd:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuUedkDajKuYHdhxGYVrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUwZjAxZTNmYTNmYjJkZjdiODM4NDU1MmNhYzRmYjUzOGEwODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKhGTHF0BAtiP4t3eDis2++oPnj8
Szu77b8SS0UszsyH5+Qbzru3lWWucEX2pFPhEyvIeUnIy/stO04auKe6jYFXGSoT
AAvfq1dEsMzQNjhCTNEYENxlNbI46KEf79emftSvZAzTLJGv4E4E7oIKXEDho2uV
BtZrgep9ptSalZZeoPsiGx95WhR0ncuIroIb3vBjZXwMjhT9xb1///LO5Oa0yoNq
n0PWjiibrgPiXUrKkBygm/Yz2985vJV81Syz9K67y+P3RGmMx5lZ6sKlLf+/h/eG
19YoHGWaJDxCi/BX7G9S2Kh3SkE2YFQY9MqF9BYToduehR88Z+l9o6juewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBQ8B4/o/st97g4RVLKxPtTighNMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvUUZEd0hqLWoteTMzdURoRlVzckUtMU9LQ0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAJes0MA8E
AgACMAkDBwAqAw+AAFYwDQYJKoZIhvcNAQELBQADggEBAGrxb5nDm7HGSGCWvizd
QcZ3MXEfIs436iKuX2kggnYMrotG8Gnu2AfjcrfDIXM8HaDU05T8sydyyfRsO/I3
BaSpSHTColFkKcZ9sKLQYIrBDNS3C356pdl7AWBKgMsbhtFRLaad+GYYdkNAnDgk
pBChpByw4uHXYHbIHgS5ywFagL7W6JQy9rsqpcd5qnsxThwLG0bDAI8cn4CxLrI/
CPWwbxvV6/+JD0KmlBCmwbFg73Tg1OIeuU8+oS8k75pQGvS/P9w0xjxR79EOzcvW
otu9cYsfygXJidez3oxVJzRewZBun7rJaWKN+0uoUTIaYiX/+E4Ga+9uvt5fFiZN
3Zc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:06:01 2024 by rpki-client on console-ams.rpki-client.org