Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/qhPIbbUgAp2t3sZLyeQFZNfMIKc.roa
File: qhPIbbUgAp2t3sZLyeQFZNfMIKc.roa (raw, json)
Hash identifier: hub9VYkPngiw/LL78GqMieXRCOIsfQnHnMIoDp5DmFw=
Subject key identifier: AA:13:C8:6D:B5:20:02:9D:AD:DE:C6:4B:C9:E4:05:64:D7:CC:20:A7
Certificate issuer: /CN=5871720a8884167fef82a49267661fb346d7561a
Certificate serial: 0191A41013591B6532B23056E0E59C9311F9
Authority key identifier: 58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/qhPIbbUgAp2t3sZLyeQFZNfMIKc.roa
Signing time: Fri 30 Aug 2024 16:13:22 +0000
ROA not before: Fri 30 Aug 2024 16:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208070
IP address blocks: 45.159.168.0/24 maxlen: 24
45.159.169.0/24 maxlen: 24
45.159.170.0/24 maxlen: 24
45.159.171.0/24 maxlen: 24
2a01:fc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.mft
rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:10:13:59:1b:65:32:b2:30:56:e0:e5:9c:93:11:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5871720a8884167fef82a49267661fb346d7561a
Validity
Not Before: Aug 30 16:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa13c86db520029daddec64bc9e40564d7cc20a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e4:c9:45:9c:bd:7a:70:28:1f:bc:aa:58:3f:
ab:29:e1:e9:23:dd:7e:f1:71:58:48:81:67:b5:95:
b5:ef:57:c2:51:fc:0e:5d:42:0b:9d:fd:f2:29:f5:
ae:a2:1b:71:f3:d1:f3:66:80:4d:5b:26:83:38:57:
4a:45:87:f1:d5:28:af:6a:39:5f:5f:a3:a5:3f:e9:
38:60:bd:53:16:fc:6e:64:44:97:4c:b0:e9:81:9b:
bc:4c:1f:08:d5:09:29:c1:ce:53:a5:21:62:e2:ad:
7d:50:98:e9:c9:d8:a6:de:99:41:61:ad:21:58:3f:
ee:8d:7f:95:4d:34:01:d4:60:a9:c8:14:34:14:b0:
77:b0:1b:cf:0f:ae:33:fa:02:28:88:b2:96:4b:d3:
2a:79:b0:16:ca:e5:35:15:29:ab:4e:a0:4a:05:4d:
03:7f:09:ef:39:21:89:42:4c:14:99:06:24:04:bb:
70:07:61:ec:95:be:bc:6a:36:92:fb:87:2f:6f:0f:
90:72:d6:b5:9f:d1:61:bc:f9:fc:4f:63:6e:8c:15:
dd:97:c4:7a:b6:6d:e3:75:27:a8:28:fc:19:ed:ce:
08:21:00:28:f7:ce:2a:c7:f3:b6:28:6e:3e:78:59:
63:50:17:e9:b5:ec:cf:40:33:4f:28:b6:b7:91:ec:
59:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:13:C8:6D:B5:20:02:9D:AD:DE:C6:4B:C9:E4:05:64:D7:CC:20:A7
X509v3 Authority Key Identifier:
keyid:58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/qhPIbbUgAp2t3sZLyeQFZNfMIKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.168.0/22
IPv6:
2a01:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
04:f2:dc:69:a2:e2:1d:9d:7a:34:ab:11:93:b9:2a:4b:e7:81:
98:dd:3f:aa:07:8c:cb:7b:3b:71:08:a7:0c:1a:bf:bc:83:70:
b6:b5:13:a4:db:91:47:11:7e:0f:12:9b:88:7e:0d:e6:06:3d:
6a:78:39:2b:fb:16:14:ef:57:d3:55:c4:0f:14:32:d4:29:c8:
e5:0c:df:36:5e:8a:3f:57:c3:94:7d:05:5d:c5:14:ef:b3:92:
39:d8:a7:57:92:06:eb:a7:a1:fd:02:9e:4b:6d:dc:3f:20:bb:
fb:1d:3e:cc:ed:68:c3:dd:9f:77:30:f9:fd:97:ec:f2:b7:32:
b3:57:29:93:a7:0a:24:92:d3:31:bf:9c:29:43:0e:21:3b:b7:
75:ca:c9:4d:68:64:2d:04:1e:7f:90:2e:cc:02:6b:13:d4:97:
7d:28:29:23:1a:2e:95:93:f2:22:4a:fe:87:68:c5:32:15:93:
9f:9b:55:1e:f4:ba:0c:9c:cc:48:5e:03:9f:4f:89:1d:54:ff:
9c:3b:bd:0c:86:d7:eb:7c:7b:60:0a:bd:2b:f3:ce:7e:80:21:
0d:d8:9c:85:51:1e:f2:7d:01:5b:65:04:3c:8c:58:df:57:cf:
4a:a2:ca:a0:36:96:3f:fa:ef:69:d7:ad:61:08:b6:ac:08:99:
2e:4f:2e:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGkEBNZG2UysjBW4OWckxH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NzE3MjBhODg4NDE2N2ZlZjgyYTQ5MjY3NjYxZmIzNDZk
NzU2MWEwHhcNMjQwODMwMTYxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTEzYzg2ZGI1MjAwMjlkYWRkZWM2NGJjOWU0MDU2NGQ3Y2MyMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+TJRZy9enAoH7yqWD+rKeHpI91+
8XFYSIFntZW171fCUfwOXUILnf3yKfWuohtx89HzZoBNWyaDOFdKRYfx1Sivajlf
X6OlP+k4YL1TFvxuZESXTLDpgZu8TB8I1Qkpwc5TpSFi4q19UJjpydim3plBYa0h
WD/ujX+VTTQB1GCpyBQ0FLB3sBvPD64z+gIoiLKWS9MqebAWyuU1FSmrTqBKBU0D
fwnvOSGJQkwUmQYkBLtwB2Hslb68ajaS+4cvbw+Qcta1n9FhvPn8T2NujBXdl8R6
tm3jdSeoKPwZ7c4IIQAo984qx/O2KG4+eFljUBfptezPQDNPKLa3kexZ9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoTyG21IAKdrd7GS8nkBWTXzCCnMB8GA1UdIwQY
MBaAFFhxcgqIhBZ/74KkkmdmH7NG11YaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0hGeUNvaUVGbl92Z3FTU1oyWWZzMGJYVmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZmE2MDItZjZiOC00N2FlLWJmMDYt
N2RhODljZGE5ZjcxLzEvcWhQSWJiVWdBcDJ0M3NaTHllUUZaTmZNSUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZmE2MDItZjZiOC00N2FlLWJmMDYtN2RhODljZGE5Zjcx
LzEvV0hGeUNvaUVGbl92Z3FTU1oyWWZzMGJYVmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ+oMA0E
AgACMAcDBQMqAfwAMA0GCSqGSIb3DQEBCwUAA4IBAQAE8txpouIdnXo0qxGTuSpL
54GY3T+qB4zLeztxCKcMGr+8g3C2tROk25FHEX4PEpuIfg3mBj1qeDkr+xYU71fT
VcQPFDLUKcjlDN82Xoo/V8OUfQVdxRTvs5I52KdXkgbrp6H9Ap5Lbdw/ILv7HT7M
7WjD3Z93MPn9l+zytzKzVymTpwokktMxv5wpQw4hO7d1yslNaGQtBB5/kC7MAmsT
1Jd9KCkjGi6Vk/IiSv6HaMUyFZOfm1Ue9LoMnMxIXgOfT4kdVP+cO70MhtfrfHtg
Cr0r885+gCEN2JyFUR7yfQFbZQQ8jFjfV89KosqgNpY/+u9p161hCLasCJkuTy5B
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:49 2024 by rpki-client on console-fra.rpki-client.org