Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/Q_jJvKdVKYdETQOtgfVI8kaDxBY.roa
File: Q_jJvKdVKYdETQOtgfVI8kaDxBY.roa (raw, json)
Hash identifier: gcRyeULCo6372CJdBpTY/d8gFseO+qZsVD5j24anMME=
Subject key identifier: 43:F8:C9:BC:A7:55:29:87:44:4D:03:AD:81:F5:48:F2:46:83:C4:16
Certificate issuer: /CN=83bce35561f541bda97e777e6879a1d704e7b42f
Certificate serial: 018CC349089B12B411053EBDE64329285EF7
Authority key identifier: 83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/Q_jJvKdVKYdETQOtgfVI8kaDxBY.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44527
IP address blocks: 31.44.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:08:9b:12:b4:11:05:3e:bd:e6:43:29:28:5e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bce35561f541bda97e777e6879a1d704e7b42f
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43f8c9bca7552987444d03ad81f548f24683c416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b5:72:e4:a7:c6:29:f3:98:e5:bb:4c:74:fb:
bd:b1:31:34:6b:30:d4:cf:0c:9e:76:8f:92:59:02:
8d:d9:c5:cd:9c:1f:f0:6e:bc:54:fd:f5:bb:49:91:
8b:6d:74:06:fa:1c:91:e6:18:d6:27:50:82:0e:9f:
07:70:73:5d:19:5d:b1:ed:f5:05:83:fc:d8:67:13:
06:27:02:05:6b:f3:ce:4e:a1:3c:86:7e:2b:25:06:
4b:14:53:e2:a7:16:64:b0:15:85:49:c2:a3:98:7e:
2a:b7:e0:c1:94:59:7e:78:94:3e:68:7d:0a:c8:6d:
1b:49:d0:7a:25:94:1d:22:3d:83:b9:d9:a3:c2:c3:
7f:be:78:12:d0:00:9b:e3:56:3c:69:ab:f9:f1:28:
33:9a:25:53:ef:f4:85:9f:bf:88:09:af:91:17:83:
c8:b0:86:0d:37:15:cf:2c:bd:d9:0a:1b:37:45:74:
42:54:e4:5d:0b:8a:a9:bc:b7:8b:de:2e:63:33:4c:
92:d9:7e:88:dd:5e:58:6d:4e:54:40:e6:47:42:91:
17:00:88:7a:2e:a5:07:85:a3:5d:69:23:b0:2f:a9:
0a:7c:6c:b7:81:09:bf:74:9b:25:d2:02:7a:85:e9:
92:46:dc:70:8c:4e:31:b7:60:75:21:9f:8f:8f:8e:
cc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F8:C9:BC:A7:55:29:87:44:4D:03:AD:81:F5:48:F2:46:83:C4:16
X509v3 Authority Key Identifier:
keyid:83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/Q_jJvKdVKYdETQOtgfVI8kaDxBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.214.0/23
Signature Algorithm: sha256WithRSAEncryption
60:da:0d:52:38:14:a2:5a:d7:93:3d:1c:28:80:2e:39:74:2a:
69:a0:e3:5b:9f:e2:eb:c5:67:f0:ed:50:a3:45:58:a5:73:1d:
0c:e3:fb:b6:8f:b2:88:eb:14:10:b5:e9:64:bd:1b:72:f4:61:
ad:f5:22:a3:fe:53:3d:7e:62:6f:b8:8b:9c:40:93:6f:56:ef:
31:ef:e4:e5:96:15:b8:8c:80:44:bf:a6:89:c2:35:1e:d5:9d:
17:b0:d9:80:b5:0b:48:21:6b:89:4b:99:26:d4:7d:d3:90:4e:
8b:f4:2d:e3:10:28:4c:1f:6c:14:56:27:13:f7:84:aa:f4:77:
6a:74:6b:bd:53:2b:7a:eb:b2:2e:24:90:e0:80:13:1e:e2:e3:
1b:3c:13:a3:d5:e9:31:45:07:02:81:4b:b2:10:67:4c:ad:eb:
eb:f4:18:2c:ce:f2:ef:c6:c4:37:27:0a:59:00:66:14:f5:1c:
65:49:fe:81:d4:80:df:d0:e1:a3:01:5e:a3:29:5f:f0:09:8a:
22:bd:c7:4c:5d:7f:f0:11:de:a1:04:12:8e:b3:1c:85:0c:ec:
83:d2:cd:46:36:47:28:58:4c:3a:01:6d:61:23:8d:20:57:6f:
6a:f9:ae:66:81:dc:eb:39:1f:ed:fb:fb:fa:bd:91:33:50:be:
bb:97:d9:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSQibErQRBT695kMpKF73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmNlMzU1NjFmNTQxYmRhOTdlNzc3ZTY4NzlhMWQ3MDRl
N2I0MmYwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y4YzliY2E3NTUyOTg3NDQ0ZDAzYWQ4MWY1NDhmMjQ2ODNjNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rVy5KfGKfOY5btMdPu9sTE0azDU
zwyedo+SWQKN2cXNnB/wbrxU/fW7SZGLbXQG+hyR5hjWJ1CCDp8HcHNdGV2x7fUF
g/zYZxMGJwIFa/POTqE8hn4rJQZLFFPipxZksBWFScKjmH4qt+DBlFl+eJQ+aH0K
yG0bSdB6JZQdIj2DudmjwsN/vngS0ACb41Y8aav58SgzmiVT7/SFn7+ICa+RF4PI
sIYNNxXPLL3ZChs3RXRCVORdC4qpvLeL3i5jM0yS2X6I3V5YbU5UQOZHQpEXAIh6
LqUHhaNdaSOwL6kKfGy3gQm/dJsl0gJ6hemSRtxwjE4xt2B1IZ+Pj47MgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEP4ybynVSmHRE0DrYH1SPJGg8QWMB8GA1UdIwQY
MBaAFIO841Vh9UG9qX53fmh5odcE57QvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMt
ZmQ4NjYwYzRmZDZlLzEvUV9qSnZLZFZLWWRFVFFPdGdmVkk4a2FEeEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMtZmQ4NjYwYzRmZDZl
LzEvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBHyzWMA0G
CSqGSIb3DQEBCwUAA4IBAQBg2g1SOBSiWteTPRwogC45dCppoONbn+LrxWfw7VCj
RVilcx0M4/u2j7KI6xQQtelkvRty9GGt9SKj/lM9fmJvuIucQJNvVu8x7+TllhW4
jIBEv6aJwjUe1Z0XsNmAtQtIIWuJS5km1H3TkE6L9C3jEChMH2wUVicT94Sq9Hdq
dGu9Uyt667IuJJDggBMe4uMbPBOj1ekxRQcCgUuyEGdMrevr9BgszvLvxsQ3JwpZ
AGYU9RxlSf6B1IDf0OGjAV6jKV/wCYoivcdMXX/wEd6hBBKOsxyFDOyD0s1GNkco
WEw6AW1hI40gV29q+a5mgdzrOR/t+/v6vZEzUL67l9lw
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:15:36 2024 by rpki-client on console-ams.rpki-client.org