Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qbu6b-WTatioUu13xw9-jCDH15Y.roa
File: Qbu6b-WTatioUu13xw9-jCDH15Y.roa (raw, json)
Hash identifier: ddUYogY8naU9m5Jphr/DeOoUxJCcHYTlR+0pjwWM0Cc=
Subject key identifier: 41:BB:BA:6F:E5:93:6A:D8:A8:52:ED:77:C7:0F:7E:8C:20:C7:D7:96
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193122A4D2C099A0EB1E0F7D4250FB73CE8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qbu6b-WTatioUu13xw9-jCDH15Y.roa
Signing time: Sat 09 Nov 2024 18:23:02 +0000
ROA not before: Sat 09 Nov 2024 18:23:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:12:2a:4d:2c:09:9a:0e:b1:e0:f7:d4:25:0f:b7:3c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 9 18:23:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41bbba6fe5936ad8a852ed77c70f7e8c20c7d796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b0:44:21:8c:15:45:ef:f8:14:33:93:44:f2:
28:42:95:58:80:ae:68:fc:6b:01:33:f4:05:1b:6a:
40:77:a9:34:80:ef:1c:06:3e:ba:aa:8f:12:c3:8d:
ad:71:0e:a5:40:87:57:2f:e8:5b:85:48:fa:25:e6:
6e:c4:62:8b:8d:b3:9a:32:57:88:cc:36:06:23:3b:
34:3b:c0:59:f7:65:28:c2:e4:f4:19:a7:57:55:11:
0a:1e:7f:d6:bd:95:d4:7f:4e:07:4f:ea:d7:82:93:
7f:9b:c0:25:39:f4:e9:db:7c:77:65:be:21:7d:7c:
6e:64:f4:8f:d7:b8:82:45:7d:12:91:1d:db:0a:53:
ef:01:39:92:c7:5b:22:1a:70:d0:69:80:ac:d4:d8:
10:8c:31:b7:4e:d0:fd:bb:d1:b2:52:ae:02:dc:eb:
05:c8:55:fb:ac:63:5c:38:da:de:bf:05:a0:0a:ea:
e0:3e:f2:7e:73:c2:d0:85:c7:0e:34:ac:4e:f9:a5:
6e:cc:ca:9f:d6:ef:bb:7d:fd:a8:c9:8d:14:97:bf:
d7:48:32:68:fb:64:9b:3a:68:cd:55:7e:07:05:54:
93:50:e6:e9:47:3c:a5:ab:57:d8:fc:79:37:33:46:
76:48:6b:f3:50:89:46:30:6d:a8:54:69:b2:b3:41:
52:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BB:BA:6F:E5:93:6A:D8:A8:52:ED:77:C7:0F:7E:8C:20:C7:D7:96
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Qbu6b-WTatioUu13xw9-jCDH15Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
84:b7:48:a8:31:72:97:06:4d:f8:35:ef:25:82:05:3e:10:e0:
fc:e8:59:8d:d9:88:a1:56:2b:40:b6:78:88:ee:61:2d:1d:36:
90:ed:73:f1:18:33:3d:6a:c0:a1:2d:77:63:9a:10:b0:92:30:
ed:30:05:76:de:a5:d7:c3:e8:46:d9:a9:b3:a5:b9:27:1e:96:
1c:cc:cd:dd:1e:bd:a0:e3:5c:43:d7:8d:a9:74:7b:fa:b4:33:
41:bb:bd:b0:a9:68:84:cb:85:d0:7a:cd:df:72:9e:00:bd:4e:
46:31:44:cd:61:43:66:9f:a3:56:f2:1f:92:81:71:68:7e:17:
bb:39:4d:fb:b2:cb:73:4e:d1:c8:86:38:9e:0d:4c:86:d6:4d:
b8:95:ad:4a:03:9b:26:bb:48:68:82:eb:bb:05:1c:52:3f:a9:
40:4a:32:09:fc:da:21:9b:bf:71:1a:0e:58:7b:44:28:70:32:
24:36:3c:3c:39:bf:d7:0b:df:00:83:79:75:18:b1:d9:37:53:
ee:c0:d6:af:fa:11:ea:cf:4e:6f:85:99:c3:58:38:de:19:f6:
de:24:33:ac:2c:4a:87:36:8e:31:2e:64:e2:b6:e4:ec:6c:0d:
6e:fd:4c:09:8c:b3:ce:97:4d:6a:28:e2:c2:55:a5:ec:71:6d:
43:58:0a:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZMSKk0sCZoOseD31CUPtzzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA5MTgyMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJiYmE2ZmU1OTM2YWQ4YTg1MmVkNzdjNzBmN2U4YzIwYzdkNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37BEIYwVRe/4FDOTRPIoQpVYgK5o
/GsBM/QFG2pAd6k0gO8cBj66qo8Sw42tcQ6lQIdXL+hbhUj6JeZuxGKLjbOaMleI
zDYGIzs0O8BZ92UowuT0GadXVREKHn/WvZXUf04HT+rXgpN/m8AlOfTp23x3Zb4h
fXxuZPSP17iCRX0SkR3bClPvATmSx1siGnDQaYCs1NgQjDG3TtD9u9GyUq4C3OsF
yFX7rGNcONrevwWgCurgPvJ+c8LQhccONKxO+aVuzMqf1u+7ff2oyY0Ul7/XSDJo
+2SbOmjNVX4HBVSTUObpRzylq1fY/Hk3M0Z2SGvzUIlGMG2oVGmys0FSvwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEG7um/lk2rYqFLtd8cPfowgx9eWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUWJ1NmItV1RhdGlvVXUxM3h3OS1qQ0RIMTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBowXAAwQA
owXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAIS3SKgxcpcGTfg1
7yWCBT4Q4PzoWY3ZiKFWK0C2eIjuYS0dNpDtc/EYMz1qwKEtd2OaELCSMO0wBXbe
pdfD6EbZqbOluScelhzMzd0evaDjXEPXjal0e/q0M0G7vbCpaITLhdB6zd9yngC9
TkYxRM1hQ2afo1byH5KBcWh+F7s5Tfuyy3NO0ciGOJ4NTIbWTbiVrUoDmya7SGiC
67sFHFI/qUBKMgn82iGbv3EaDlh7RChwMiQ2PDw5v9cL3wCDeXUYsdk3U+7A1q/6
EerPTm+FmcNYON4Z9t4kM6wsSoc2jjEuZOK25OxsDW79TAmMs86XTWoo4sJVpexx
bUNYClI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:18 2024 by rpki-client on console-ams.rpki-client.org