Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/QBkLdfLsnaDtJqiyjI5r5yaRleQ.roa
File: QBkLdfLsnaDtJqiyjI5r5yaRleQ.roa (raw, json)
Hash identifier: zIe2+DX9wxRUgAMY+H2/NGTJruISHbKLGYs2lOTA5YY=
Subject key identifier: 40:19:0B:75:F2:EC:9D:A0:ED:26:A8:B2:8C:8E:6B:E7:26:91:95:E4
Certificate issuer: /CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Certificate serial: 018CC8030DFB248931CB2EE06594ED70DD09
Authority key identifier: A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/QBkLdfLsnaDtJqiyjI5r5yaRleQ.roa
Signing time: Tue 02 Jan 2024 02:31:32 +0000
ROA not before: Tue 02 Jan 2024 02:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208246
IP address blocks: 45.150.88.0/22 maxlen: 22
45.150.88.0/23 maxlen: 23
45.150.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:0d:fb:24:89:31:cb:2e:e0:65:94:ed:70:dd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Validity
Not Before: Jan 2 02:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40190b75f2ec9da0ed26a8b28c8e6be7269195e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:5a:b7:8e:c5:c4:6a:03:34:44:f4:f6:7b:
89:4d:50:2f:79:e9:db:00:a6:77:94:db:aa:c7:65:
8e:fd:97:d4:aa:68:31:0a:bc:c0:7a:9f:6d:1f:ae:
ea:cd:2e:68:e5:e0:3a:28:bd:9f:ec:ff:df:b4:09:
0a:2a:f2:11:2f:d4:f2:de:0d:c6:cd:5d:4d:2f:4b:
aa:dc:e4:03:c2:c7:c7:d7:46:5c:d7:fe:95:be:fa:
f1:d4:c5:9f:84:39:50:3f:8b:af:c5:4e:6d:7d:95:
3f:b7:dc:22:13:2e:3e:91:a7:79:ff:3f:6d:e5:04:
40:46:21:76:b2:33:86:4d:68:f2:e2:dc:df:4b:86:
05:77:18:4c:8d:d3:1a:23:ca:7f:b9:69:3e:f6:59:
c6:f8:44:ec:70:88:bc:ea:76:0d:00:ea:9e:ae:14:
aa:d0:b4:e1:b7:55:3d:c2:e3:27:48:b5:24:44:af:
f7:2c:c6:91:a6:ff:5c:ff:49:ba:f7:e4:86:78:39:
ab:20:db:6a:d9:8b:41:af:38:41:61:ff:89:c7:54:
d4:71:15:56:64:99:3b:a1:af:4d:03:b1:64:10:80:
2f:96:e1:1d:ef:df:ea:8e:31:50:c0:94:62:5f:bd:
61:86:87:ad:98:fd:b3:26:f9:2b:60:8c:fe:4e:56:
7d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:19:0B:75:F2:EC:9D:A0:ED:26:A8:B2:8C:8E:6B:E7:26:91:95:E4
X509v3 Authority Key Identifier:
keyid:A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/QBkLdfLsnaDtJqiyjI5r5yaRleQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.88.0/22
Signature Algorithm: sha256WithRSAEncryption
06:e6:46:0f:4f:ae:65:2c:65:74:41:94:b5:49:9a:af:ee:b8:
70:f1:67:b2:0f:41:9a:a7:a2:4b:90:d7:a3:82:aa:9f:59:df:
24:c0:c3:d5:a4:1e:25:98:24:7d:e9:7d:8b:b3:14:95:64:fb:
1a:26:da:c4:e3:9f:da:06:c1:63:1b:5d:3b:69:96:b2:2a:69:
a4:cb:fd:89:88:d6:dd:f1:f6:4b:63:54:c5:36:a0:8b:1e:27:
0e:d6:be:ab:cf:fa:e2:e2:2a:ed:c0:97:14:7c:bd:60:3a:eb:
a7:3b:ff:75:ac:00:55:9f:6d:21:c3:27:5f:fd:72:0a:0d:bd:
bf:34:a9:40:df:83:b4:b4:73:aa:f7:5d:88:ae:06:b7:96:e2:
cc:f6:7a:7f:b9:e9:56:3e:cc:25:e9:08:fb:86:bf:23:59:bc:
d9:04:27:4d:c6:d4:90:9d:88:a6:e8:ae:a5:f8:69:f3:bc:0c:
41:da:d3:50:15:bb:cb:02:ce:a1:a3:bc:eb:cb:25:2d:1c:d7:
68:ce:e0:4f:62:fc:06:77:32:a7:c5:cc:1b:92:8d:ea:e0:1d:
f3:66:84:92:43:dc:e4:6e:00:bc:78:8c:9b:cd:f0:6c:6a:7e:
71:1a:14:81:df:66:eb:20:9f:6e:2c:a8:30:56:40:c4:a0:d6:
c4:4f:f4:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAw37JIkxyy7gZZTtcN0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YWE5YmNkMDZlYTZjNTY1ZGQ5MDdjYTA0ZTUwNzdkNjhj
MDY2NGYwHhcNMjQwMTAyMDIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE5MGI3NWYyZWM5ZGEwZWQyNmE4YjI4YzhlNmJlNzI2OTE5NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrNat47FxGoDNET09nuJTVAveenb
AKZ3lNuqx2WO/ZfUqmgxCrzAep9tH67qzS5o5eA6KL2f7P/ftAkKKvIRL9Ty3g3G
zV1NL0uq3OQDwsfH10Zc1/6Vvvrx1MWfhDlQP4uvxU5tfZU/t9wiEy4+kad5/z9t
5QRARiF2sjOGTWjy4tzfS4YFdxhMjdMaI8p/uWk+9lnG+ETscIi86nYNAOqerhSq
0LTht1U9wuMnSLUkRK/3LMaRpv9c/0m69+SGeDmrINtq2YtBrzhBYf+Jx1TUcRVW
ZJk7oa9NA7FkEIAvluEd79/qjjFQwJRiX71hhoetmP2zJvkrYIz+TlZ9CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAZC3Xy7J2g7SaosoyOa+cmkZXkMB8GA1UdIwQY
MBaAFKSqm80G6mxWXdkHygTlB31owGZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQt
MGFiOGRkOWViYWIxLzEvUUJrTGRmTHNuYUR0SnFpeWpJNXI1eWFSbGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQtMGFiOGRkOWViYWIx
LzEvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZZYMA0G
CSqGSIb3DQEBCwUAA4IBAQAG5kYPT65lLGV0QZS1SZqv7rhw8WeyD0Gap6JLkNej
gqqfWd8kwMPVpB4lmCR96X2LsxSVZPsaJtrE45/aBsFjG107aZayKmmky/2JiNbd
8fZLY1TFNqCLHicO1r6rz/ri4irtwJcUfL1gOuunO/91rABVn20hwydf/XIKDb2/
NKlA34O0tHOq912Irga3luLM9np/uelWPswl6Qj7hr8jWbzZBCdNxtSQnYim6K6l
+GnzvAxB2tNQFbvLAs6ho7zryyUtHNdozuBPYvwGdzKnxcwbko3q4B3zZoSSQ9zk
bgC8eIybzfBsan5xGhSB32brIJ9uLKgwVkDEoNbET/TV
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:51 2024 by rpki-client on console-fra.rpki-client.org