Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/QSVQ0y2jDLaqAKTE9Ai4LrH-7Zw.roa
File: QSVQ0y2jDLaqAKTE9Ai4LrH-7Zw.roa (raw, json)
Hash identifier: QKG1F1KHuwm99MjmUMGahcZ70GaHwUqq7WeR7g69OjQ=
Subject key identifier: 41:25:50:D3:2D:A3:0C:B6:AA:00:A4:C4:F4:08:B8:2E:B1:FE:ED:9C
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0191D8915504C3CC4185ECF17408FE662C3C
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/QSVQ0y2jDLaqAKTE9Ai4LrH-7Zw.roa
Signing time: Mon 09 Sep 2024 20:54:48 +0000
ROA not before: Mon 09 Sep 2024 20:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 02:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:91:55:04:c3:cc:41:85:ec:f1:74:08:fe:66:2c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Sep 9 20:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=412550d32da30cb6aa00a4c4f408b82eb1feed9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:b5:74:f2:88:09:54:8e:bb:f7:b3:ac:d4:
91:2b:83:f1:14:78:29:d3:ed:dd:d5:53:ee:0c:7c:
52:a8:16:ea:3c:4f:ac:1e:5c:92:70:e0:0c:b0:ee:
bf:d4:ff:a5:c8:bc:ba:15:ee:c7:1f:45:5e:33:03:
d2:b4:ab:10:78:42:5b:d1:01:c8:b1:90:57:6c:77:
62:32:8c:e8:04:d0:76:d7:e2:34:80:ba:88:2d:48:
bf:1d:72:0a:f2:76:3b:06:d1:b5:12:9e:f0:2e:f6:
29:af:3b:02:65:20:89:f3:f0:00:00:c1:75:6a:24:
16:91:82:bb:79:fb:d1:35:69:ec:5b:7b:2a:80:2a:
32:9e:4e:f9:5d:1c:f3:7c:31:ca:37:de:73:d8:2d:
e8:2a:f9:a1:c6:fe:2f:cf:5a:58:1a:7a:ea:17:17:
de:50:34:2a:8d:df:c4:0d:47:b8:b6:93:d7:90:0d:
3c:5b:a6:0b:2b:45:8e:d7:42:aa:6b:dd:d5:d5:88:
72:6b:3c:ab:28:fa:24:92:53:1c:47:e3:64:d8:18:
27:e1:88:e8:6a:9f:a7:9b:32:b2:a7:4b:b7:7d:27:
3a:7c:db:39:c6:e8:85:76:59:52:aa:67:d3:f0:df:
5b:2a:64:b0:bb:97:52:0a:5a:89:37:9a:e5:7d:07:
e5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:25:50:D3:2D:A3:0C:B6:AA:00:A4:C4:F4:08:B8:2E:B1:FE:ED:9C
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/QSVQ0y2jDLaqAKTE9Ai4LrH-7Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
Signature Algorithm: sha256WithRSAEncryption
3e:c5:4a:30:c4:1d:cd:a9:56:75:b4:b6:9c:9a:6d:5e:10:d8:
cb:1e:aa:7b:b1:bd:de:64:c2:1c:70:e2:d5:5e:2d:3b:be:25:
df:e8:30:31:f2:6f:fd:ef:e4:fc:ba:3c:11:e7:c7:f6:d2:d0:
60:b1:73:d9:5f:cd:c5:c5:55:59:90:b5:93:d0:fa:47:e1:8f:
cd:f6:1c:26:29:8c:e6:04:c6:f5:3b:ae:87:1e:ba:af:98:fa:
08:5d:4b:02:87:27:b9:fa:e5:5c:1c:46:a6:c3:8e:65:8d:c5:
e6:d1:53:16:e7:dc:8d:fa:73:ef:1a:3d:1c:94:ff:bd:b5:48:
4e:99:7a:96:89:1e:85:7d:07:18:40:5b:50:d0:98:58:28:5c:
34:23:c0:4b:a5:6f:98:7d:92:74:83:93:b6:89:98:26:2c:b3:
c0:4b:11:1b:92:89:e7:35:2a:a5:a4:22:08:e8:39:b0:86:e0:
6e:15:78:f9:66:42:27:b4:bf:65:97:11:f3:48:56:67:58:ea:
23:07:6c:c3:e6:a5:00:eb:84:6e:2f:aa:90:24:e3:74:f6:7a:
55:6e:8e:fc:88:36:31:bc:b6:95:80:26:90:3a:c4:ad:5a:aa:
ea:cb:1d:4b:8d:a1:e9:39:59:ef:4a:63:ab:23:79:88:2b:97:
61:0c:b4:6b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHYkVUEw8xBhezxdAj+Ziw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwOTA5MjA1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI1NTBkMzJkYTMwY2I2YWEwMGE0YzRmNDA4YjgyZWIxZmVlZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG21dPKICVSOu/ezrNSRK4PxFHgp
0+3d1VPuDHxSqBbqPE+sHlyScOAMsO6/1P+lyLy6Fe7HH0VeMwPStKsQeEJb0QHI
sZBXbHdiMozoBNB21+I0gLqILUi/HXIK8nY7BtG1Ep7wLvYprzsCZSCJ8/AAAMF1
aiQWkYK7efvRNWnsW3sqgCoynk75XRzzfDHKN95z2C3oKvmhxv4vz1pYGnrqFxfe
UDQqjd/EDUe4tpPXkA08W6YLK0WO10Kqa93V1YhyazyrKPokklMcR+Nk2Bgn4Yjo
ap+nmzKyp0u3fSc6fNs5xuiFdllSqmfT8N9bKmSwu5dSClqJN5rlfQfl9QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEElUNMtowy2qgCkxPQIuC6x/u2cMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvUVNWUTB5MmpETGFxQUtURTlBaTRMckgtN1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhJnQAMF
AyoSjsADBQMqEszAAwUDKhLTwAMFAyoS4kAwDQYJKoZIhvcNAQELBQADggEBAD7F
SjDEHc2pVnW0tpyabV4Q2Mseqnuxvd5kwhxw4tVeLTu+Jd/oMDHyb/3v5Py6PBHn
x/bS0GCxc9lfzcXFVVmQtZPQ+kfhj832HCYpjOYExvU7roceuq+Y+ghdSwKHJ7n6
5VwcRqbDjmWNxebRUxbn3I36c+8aPRyU/721SE6ZepaJHoV9BxhAW1DQmFgoXDQj
wEulb5h9knSDk7aJmCYss8BLERuSiec1KqWkIgjoObCG4G4VePlmQie0v2WXEfNI
VmdY6iMHbMPmpQDrhG4vqpAk43T2elVujvyINjG8tpWAJpA6xK1aqurLHUuNoek5
We9KY6sjeYgrl2EMtGs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:35:34 2024 by rpki-client on console-fra.rpki-client.org