Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/QloZAPU3OFL0OoEPx5mTr2H2oE8.roa
File: QloZAPU3OFL0OoEPx5mTr2H2oE8.roa (raw, json)
Hash identifier: RCRJtD2d6sKtDvWx1IImSAX447IWzgeNAC9HbsBE+YY=
Subject key identifier: 42:5A:19:00:F5:37:38:52:F4:3A:81:0F:C7:99:93:AF:61:F6:A0:4F
Certificate issuer: /CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Certificate serial: 018EAD9D58F526CDCBE0F4092539C260D669
Authority key identifier: BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/QloZAPU3OFL0OoEPx5mTr2H2oE8.roa
Signing time: Fri 05 Apr 2024 09:35:54 +0000
ROA not before: Fri 05 Apr 2024 09:35:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25248
IP address blocks: 82.99.128.0/18 maxlen: 18
84.244.64.0/18 maxlen: 18
85.207.0.0/16 maxlen: 16
85.207.220.0/22 maxlen: 22
212.158.128.0/19 maxlen: 19
2a02:a40::/32 maxlen: 32
2a02:a41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:9d:58:f5:26:cd:cb:e0:f4:09:25:39:c2:60:d6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Validity
Not Before: Apr 5 09:35:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=425a1900f5373852f43a810fc79993af61f6a04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:14:b0:d1:b7:b5:49:2c:81:c4:92:b3:aa:
d0:73:ea:49:09:e4:5a:c0:81:06:0a:2d:db:c3:6c:
d5:36:25:32:90:6f:f0:59:ad:12:24:0d:60:9f:78:
fa:3c:f2:a6:4e:02:9b:a3:b1:87:cb:72:63:5a:42:
f7:35:14:77:bb:56:3c:2a:a5:f7:17:84:2c:c6:ed:
52:a7:85:ff:23:89:fc:5b:f3:4c:f6:09:d9:bc:f3:
2f:26:6c:3b:6c:ff:10:15:c4:8c:ac:0f:1c:f1:15:
b5:02:3b:9d:6e:8c:8a:fd:f7:db:2a:3c:a6:04:4b:
d6:6f:15:49:57:6c:e2:b3:8a:33:ca:47:3f:64:85:
d3:2f:c4:d0:7a:05:19:ef:14:07:3c:b6:9f:ad:eb:
03:b9:1a:5c:54:e0:8b:cb:50:79:8e:3b:01:f9:41:
cf:96:5e:c5:55:2f:4a:9c:47:78:ea:11:5a:1f:db:
ed:e2:f2:cc:09:3f:94:03:d6:ed:3d:b5:01:86:17:
65:e0:88:aa:7c:e0:3e:76:ed:4d:f4:bf:12:63:40:
7d:eb:84:75:d2:94:c6:69:e9:b7:8f:bc:8c:21:68:
7c:67:39:a9:e3:6c:eb:e8:b7:77:b7:2b:21:7b:a7:
9b:19:27:a3:71:77:ca:69:c2:88:ee:cc:f3:c2:ac:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5A:19:00:F5:37:38:52:F4:3A:81:0F:C7:99:93:AF:61:F6:A0:4F
X509v3 Authority Key Identifier:
keyid:BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/QloZAPU3OFL0OoEPx5mTr2H2oE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.99.128.0/18
84.244.64.0/18
85.207.0.0/16
212.158.128.0/19
IPv6:
2a02:a40::/31
Signature Algorithm: sha256WithRSAEncryption
a6:5d:cd:ed:6a:21:ec:8d:d4:e8:29:58:d9:f2:41:a2:cb:b5:
e0:71:82:22:f3:c3:d4:d5:7f:3b:dc:57:4c:73:79:6a:f8:9c:
50:8a:07:23:b2:71:67:4e:b0:6f:8c:bb:4c:c8:c6:f8:b0:72:
b2:4a:9a:07:d7:e7:9a:f3:a2:bb:a1:1e:60:57:1f:24:bd:f6:
95:0a:59:c3:16:f5:94:09:cf:1c:69:71:f1:79:7e:ad:df:93:
83:cc:a9:50:0d:22:81:7d:d2:31:a1:e6:c2:c5:29:18:e3:5d:
e0:13:c2:1d:9b:63:88:99:11:66:26:b5:7e:80:84:30:c4:ff:
c7:35:eb:fb:38:ca:18:a4:fd:a0:5e:74:e5:60:f3:82:c1:15:
40:ad:96:72:1b:cd:5b:2f:55:ca:02:b4:b6:fe:49:7e:d0:bf:
05:23:a4:89:6d:df:61:3c:b7:9d:18:cb:56:96:2f:bf:fd:f2:
91:48:a0:35:6f:62:ec:dd:6c:fd:73:9b:f4:88:ea:69:69:c2:
30:a3:6e:63:67:f7:55:cd:30:cd:b3:65:b5:c9:71:db:56:b3:
98:7e:b0:30:f4:15:81:ec:03:29:0f:c9:5f:0c:a0:bb:7e:a9:
50:79:62:9b:19:c6:d5:04:fd:8f:c6:7b:6f:5e:3f:fc:49:1d:
93:c1:f6:b8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY6tnVj1Js3L4PQJJTnCYNZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjUyNTJjY2FjM2Y2ZGMxNDI2YjU1M2YyYzFjNzIzM2Fj
Yzg5NGIwHhcNMjQwNDA1MDkzNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVhMTkwMGY1MzczODUyZjQzYTgxMGZjNzk5OTNhZjYxZjZhMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvsUsNG3tUksgcSSs6rQc+pJCeRa
wIEGCi3bw2zVNiUykG/wWa0SJA1gn3j6PPKmTgKbo7GHy3JjWkL3NRR3u1Y8KqX3
F4Qsxu1Sp4X/I4n8W/NM9gnZvPMvJmw7bP8QFcSMrA8c8RW1AjudboyK/ffbKjym
BEvWbxVJV2zis4ozykc/ZIXTL8TQegUZ7xQHPLafresDuRpcVOCLy1B5jjsB+UHP
ll7FVS9KnEd46hFaH9vt4vLMCT+UA9btPbUBhhdl4IiqfOA+du1N9L8SY0B964R1
0pTGaem3j7yMIWh8Zzmp42zr6Ld3tyshe6ebGSejcXfKacKI7szzwqxnJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEJaGQD1NzhS9DqBD8eZk69h9qBPMB8GA1UdIwQY
MBaAFL71JSzKw/bcFCa1U/LBxyM6zIlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmIt
MTFlNWY2ZDEyZWYxLzEvUWxvWkFQVTNPRkwwT29FUHg1bVRyMkgyb0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmItMTFlNWY2ZDEyZWYx
LzEvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGUmOAAwQG
VPRAAwMAVc8DBAXUnoAwDQQCAAIwBwMFASoCCkAwDQYJKoZIhvcNAQELBQADggEB
AKZdze1qIeyN1OgpWNnyQaLLteBxgiLzw9TVfzvcV0xzeWr4nFCKByOycWdOsG+M
u0zIxviwcrJKmgfX55rzoruhHmBXHyS99pUKWcMW9ZQJzxxpcfF5fq3fk4PMqVAN
IoF90jGh5sLFKRjjXeATwh2bY4iZEWYmtX6AhDDE/8c16/s4yhik/aBedOVg84LB
FUCtlnIbzVsvVcoCtLb+SX7QvwUjpIlt32E8t50Yy1aWL7/98pFIoDVvYuzdbP1z
m/SI6mlpwjCjbmNn91XNMM2zZbXJcdtWs5h+sDD0FYHsAykPyV8MoLt+qVB5YpsZ
xtUE/Y/Ge29eP/xJHZPB9rg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:49 2024 by rpki-client on console-ams.rpki-client.org