Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/QaPuRMvXJV--Fw9AVsI5ZPkc8hY.roa
File: QaPuRMvXJV--Fw9AVsI5ZPkc8hY.roa (raw, json)
Hash identifier: TYXifRDvYSCNyCSvzG/CTgQtlnVhQgEvsEV2BNAGxx0=
Subject key identifier: 41:A3:EE:44:CB:D7:25:5F:BE:17:0F:40:56:C2:39:64:F9:1C:F2:16
Certificate issuer: /CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Certificate serial: 018CC348A2AC88C8ACEAA1B70E636FBDD990
Authority key identifier: 68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/QaPuRMvXJV--Fw9AVsI5ZPkc8hY.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 2001:67c:4f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 01:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a2:ac:88:c8:ac:ea:a1:b7:0e:63:6f:bd:d9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a3ee44cbd7255fbe170f4056c23964f91cf216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:4b:49:de:b4:84:15:f1:2d:5a:32:db:f5:
91:32:b6:03:ec:b0:41:52:e3:d0:45:ce:bb:36:70:
f6:87:b3:90:28:de:63:48:d3:a8:e4:e5:90:53:56:
82:8d:6a:8b:21:91:38:3e:42:f9:fb:81:e7:6e:01:
ff:bf:af:3e:e2:a5:fb:bc:df:02:68:16:ad:4f:dc:
cf:c9:af:f0:12:31:88:32:b2:f9:50:f9:e4:46:72:
ea:de:ae:bf:d1:31:7f:27:f4:2e:3f:3e:fb:35:b4:
2e:63:e2:39:1a:04:25:22:63:f3:02:59:8a:61:e9:
8b:38:b9:d1:c5:d0:d3:3c:9f:ba:c3:50:79:be:03:
31:d3:f3:43:07:29:51:99:24:9d:d1:7e:4c:f4:75:
cc:dc:58:59:ac:04:a0:13:32:d0:d5:f0:f7:b6:2c:
db:d6:f0:90:21:e8:0d:9d:0b:cb:77:68:bd:37:6d:
e4:1c:c5:e7:ad:8d:cc:00:e2:4f:45:d5:31:3d:a3:
2e:7c:23:cf:68:2b:fe:34:cd:29:a9:bf:14:e6:8e:
18:a7:08:58:5f:94:92:35:01:78:19:02:98:24:35:
83:b9:87:82:22:ba:05:2b:17:e7:46:c5:84:30:11:
fa:5a:6d:95:48:ec:cb:d9:9d:c3:27:ea:ec:c7:9b:
9d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A3:EE:44:CB:D7:25:5F:BE:17:0F:40:56:C2:39:64:F9:1C:F2:16
X509v3 Authority Key Identifier:
keyid:68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/QaPuRMvXJV--Fw9AVsI5ZPkc8hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:4f0::/48
Signature Algorithm: sha256WithRSAEncryption
5b:86:3c:65:b4:d6:10:4a:37:a0:05:22:21:a5:cb:74:70:4f:
48:7a:cf:82:2e:64:e2:35:08:94:6f:ce:b0:af:b3:53:36:3d:
64:92:20:b0:7a:b3:82:72:8c:9f:14:67:cf:01:73:e8:14:b4:
64:15:7a:c0:0c:5e:75:1f:02:00:85:4a:a7:aa:c2:71:e7:0d:
75:bd:fb:2a:e9:ba:e0:77:ed:4b:f5:86:b2:60:52:4c:78:92:
c9:61:51:dd:3d:97:a0:82:13:fa:74:8a:e5:9b:19:c9:d7:0b:
43:ed:53:4d:c5:01:93:a1:9b:8b:bc:a8:44:0a:f4:59:4d:49:
91:f0:bf:95:f0:71:e6:c9:5a:50:1e:a1:66:fc:af:d5:ff:bf:
69:2f:c6:4c:ad:bf:26:41:6a:94:0a:95:44:15:5c:f0:2e:5b:
98:75:87:30:fa:61:fb:cb:9a:81:34:b3:b3:92:97:a6:3a:4b:
04:c4:bb:5e:0e:81:45:f7:62:1e:cd:92:6f:09:14:d4:57:35:
2d:fc:fa:8d:ca:7f:f8:68:40:9f:2e:95:2e:3d:42:53:df:b2:
65:50:d8:12:76:c6:71:aa:4a:b1:c1:39:c4:02:18:9e:35:5c:
d4:73:47:7c:78:37:27:32:33:7b:54:e6:d8:4b:5e:13:18:26:
d6:4c:89:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSKKsiMis6qG3DmNvvdmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NzcyNmQzOGZjZjJhN2ZiYmI3YmZjMjhkNjNmZTM1Nzll
ZDIxMWQwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWEzZWU0NGNiZDcyNTVmYmUxNzBmNDA1NmMyMzk2NGY5MWNmMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveBLSd60hBXxLVoy2/WRMrYD7LBB
UuPQRc67NnD2h7OQKN5jSNOo5OWQU1aCjWqLIZE4PkL5+4HnbgH/v68+4qX7vN8C
aBatT9zPya/wEjGIMrL5UPnkRnLq3q6/0TF/J/QuPz77NbQuY+I5GgQlImPzAlmK
YemLOLnRxdDTPJ+6w1B5vgMx0/NDBylRmSSd0X5M9HXM3FhZrASgEzLQ1fD3tizb
1vCQIegNnQvLd2i9N23kHMXnrY3MAOJPRdUxPaMufCPPaCv+NM0pqb8U5o4YpwhY
X5SSNQF4GQKYJDWDuYeCIroFKxfnRsWEMBH6Wm2VSOzL2Z3DJ+rsx5udWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEGj7kTL1yVfvhcPQFbCOWT5HPIWMB8GA1UdIwQY
MBaAFGh3JtOPzyp/u7e/wo1j/jV57SEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAt
NGIyZGExOTdhN2U2LzEvUWFQdVJNdlhKVi0tRnc5QVZzSTVaUGtjOGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAtNGIyZGExOTdhN2U2
LzEvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfATw
MA0GCSqGSIb3DQEBCwUAA4IBAQBbhjxltNYQSjegBSIhpct0cE9Ies+CLmTiNQiU
b86wr7NTNj1kkiCwerOCcoyfFGfPAXPoFLRkFXrADF51HwIAhUqnqsJx5w11vfsq
6brgd+1L9YayYFJMeJLJYVHdPZegghP6dIrlmxnJ1wtD7VNNxQGToZuLvKhECvRZ
TUmR8L+V8HHmyVpQHqFm/K/V/79pL8ZMrb8mQWqUCpVEFVzwLluYdYcw+mH7y5qB
NLOzkpemOksExLteDoFF92IezZJvCRTUVzUt/PqNyn/4aECfLpUuPUJT37JlUNgS
dsZxqkqxwTnEAhieNVzUc0d8eDcnMjN7VObYS14TGCbWTIl1
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:21:45 2024 by rpki-client on console-fra.rpki-client.org