Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/QfwDngGIs_IdurRodzcuFmQn-D0.roa
File: QfwDngGIs_IdurRodzcuFmQn-D0.roa (raw, json)
Hash identifier: NIlgQITEz7KpmVXjb06feTcRExSKkCH7TWnEOwG95iA=
Subject key identifier: 41:FC:03:9E:01:88:B3:F2:1D:BA:B4:68:77:37:2E:16:64:27:F8:3D
Certificate issuer: /CN=9fb6d4d987d004a00fa297e69c268eb75f3d9a40
Certificate serial: 018CCA2B4104C958E85C74FA17482766F155
Authority key identifier: 9F:B6:D4:D9:87:D0:04:A0:0F:A2:97:E6:9C:26:8E:B7:5F:3D:9A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7bU2YfQBKAPopfmnCaOt189mkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/QfwDngGIs_IdurRodzcuFmQn-D0.roa
Signing time: Tue 02 Jan 2024 12:34:41 +0000
ROA not before: Tue 02 Jan 2024 12:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210418
IP address blocks: 94.143.227.0/24 maxlen: 24
2a12:a780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/n7bU2YfQBKAPopfmnCaOt189mkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/n7bU2YfQBKAPopfmnCaOt189mkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/n7bU2YfQBKAPopfmnCaOt189mkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:41:04:c9:58:e8:5c:74:fa:17:48:27:66:f1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb6d4d987d004a00fa297e69c268eb75f3d9a40
Validity
Not Before: Jan 2 12:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41fc039e0188b3f21dbab46877372e166427f83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:15:c1:fc:e4:cb:2e:67:98:04:8a:c6:22:
3c:a5:64:f0:56:57:f2:ec:4a:b2:50:be:8c:e9:cf:
85:4b:7f:2f:dd:1b:51:cc:eb:31:85:54:49:28:93:
41:00:95:7c:58:75:df:f1:c5:bf:6e:97:e1:0f:f6:
9c:07:18:3d:b9:11:89:a3:23:15:be:b5:26:4d:72:
4f:20:c9:3d:37:86:e5:07:15:20:7a:3b:4d:4b:a4:
b2:8d:9e:17:b7:32:b3:ce:32:e1:4e:d8:2a:5b:70:
a5:34:d3:25:93:41:96:fa:5e:03:5e:77:a7:cd:d9:
c7:48:01:aa:0c:eb:14:b6:05:05:8f:3f:e9:ef:50:
24:fe:93:b7:28:c6:62:39:d9:0d:0a:7c:b4:b2:fc:
f8:22:d4:7b:0d:dd:c9:d2:6f:3c:71:99:26:d0:4e:
f4:57:19:a9:ba:11:93:98:9f:d4:e7:47:3a:42:23:
06:ef:69:d6:59:6c:ea:89:63:44:ba:73:56:12:8b:
3f:b8:7e:f6:b2:98:9a:a0:3f:87:5d:c8:6b:a8:8e:
ee:a2:6c:0b:4d:a7:11:0c:d0:b0:03:77:49:a3:e6:
1b:bf:d6:57:c3:88:ac:1f:f6:49:a5:d5:32:09:24:
b9:83:b5:4a:26:51:d3:f2:1d:12:95:e2:e7:a0:ba:
17:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FC:03:9E:01:88:B3:F2:1D:BA:B4:68:77:37:2E:16:64:27:F8:3D
X509v3 Authority Key Identifier:
keyid:9F:B6:D4:D9:87:D0:04:A0:0F:A2:97:E6:9C:26:8E:B7:5F:3D:9A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7bU2YfQBKAPopfmnCaOt189mkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/QfwDngGIs_IdurRodzcuFmQn-D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/n7bU2YfQBKAPopfmnCaOt189mkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.227.0/24
IPv6:
2a12:a780::/32
Signature Algorithm: sha256WithRSAEncryption
1e:06:ea:6f:ae:6f:98:fa:db:0a:a6:5b:da:46:75:fc:4f:82:
ee:8e:63:5f:4d:29:e7:e2:ae:aa:cf:2f:31:6d:ea:55:b9:67:
bc:66:28:57:12:a1:e3:7a:21:fb:a5:f8:6b:44:a5:71:79:59:
c9:60:fe:a1:05:82:20:8e:14:06:39:2b:e7:db:f8:0b:22:f6:
7e:ae:55:dd:1f:50:ce:cb:6f:d7:b6:c6:1e:27:4b:bd:ed:c9:
05:34:60:a1:d7:8c:c5:0f:ae:2b:02:b5:40:e0:a8:3c:4c:be:
6d:e6:34:be:cb:8d:d9:87:56:89:01:d2:a3:f1:1f:af:66:05:
f9:66:34:09:2f:13:9b:77:13:b6:0e:b8:1d:3d:76:fe:00:3b:
9b:23:a2:d4:6b:b8:da:9e:b6:a9:c3:22:dc:92:34:df:0d:63:
fe:58:c9:b1:f0:64:69:9f:9c:1b:82:c2:70:eb:d3:5d:c4:03:
04:cc:17:dd:e0:c4:7a:2d:88:d5:60:f5:cc:cb:78:49:69:cf:
29:0a:46:fa:ab:cf:d1:38:8b:63:8b:5c:7d:fe:8e:35:b2:a0:
21:11:7c:5c:b9:e1:52:53:83:24:6c:ac:c6:fb:5c:6a:ff:b2:
c8:f4:94:d4:91:6e:d5:63:09:a7:4d:03:09:27:08:51:59:d9:
25:a4:c1:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKK0EEyVjoXHT6F0gnZvFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjZkNGQ5ODdkMDA0YTAwZmEyOTdlNjljMjY4ZWI3NWYz
ZDlhNDAwHhcNMjQwMTAyMTIzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZjMDM5ZTAxODhiM2YyMWRiYWI0Njg3NzM3MmUxNjY0MjdmODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7sVwfzkyy5nmASKxiI8pWTwVlfy
7EqyUL6M6c+FS38v3RtRzOsxhVRJKJNBAJV8WHXf8cW/bpfhD/acBxg9uRGJoyMV
vrUmTXJPIMk9N4blBxUgejtNS6SyjZ4XtzKzzjLhTtgqW3ClNNMlk0GW+l4DXnen
zdnHSAGqDOsUtgUFjz/p71Ak/pO3KMZiOdkNCny0svz4ItR7Dd3J0m88cZkm0E70
VxmpuhGTmJ/U50c6QiMG72nWWWzqiWNEunNWEos/uH72spiaoD+HXchrqI7uomwL
TacRDNCwA3dJo+Ybv9ZXw4isH/ZJpdUyCSS5g7VKJlHT8h0SleLnoLoX9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEH8A54BiLPyHbq0aHc3LhZkJ/g9MB8GA1UdIwQY
MBaAFJ+21NmH0ASgD6KX5pwmjrdfPZpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdiVTJZZlFCS0FQb3BmbW5DYU90MTg5bWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMjQwMGYtNzgwMi00NGU3LTg1Mjct
OGIyOTFlMjZkMWQ5LzEvUWZ3RG5nR0lzX0lkdXJSb2R6Y3VGbVFuLUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMjQwMGYtNzgwMi00NGU3LTg1MjctOGIyOTFlMjZkMWQ5
LzEvbjdiVTJZZlFCS0FQb3BmbW5DYU90MTg5bWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXo/jMA0E
AgACMAcDBQAqEqeAMA0GCSqGSIb3DQEBCwUAA4IBAQAeBupvrm+Y+tsKplvaRnX8
T4LujmNfTSnn4q6qzy8xbepVuWe8ZihXEqHjeiH7pfhrRKVxeVnJYP6hBYIgjhQG
OSvn2/gLIvZ+rlXdH1DOy2/XtsYeJ0u97ckFNGCh14zFD64rArVA4Kg8TL5t5jS+
y43Zh1aJAdKj8R+vZgX5ZjQJLxObdxO2DrgdPXb+ADubI6LUa7janrapwyLckjTf
DWP+WMmx8GRpn5wbgsJw69NdxAMEzBfd4MR6LYjVYPXMy3hJac8pCkb6q8/ROItj
i1x9/o41sqAhEXxcueFSU4MkbKzG+1xq/7LI9JTUkW7VYwmnTQMJJwhRWdklpMHc
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:32:16 2024 by rpki-client on console-ams.rpki-client.org