Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/QVk_LN6gv-o7QfSKnCyfLLtiaZs.roa
File: QVk_LN6gv-o7QfSKnCyfLLtiaZs.roa (raw, json)
Hash identifier: Sj+pN8zUtaKazY74RUkIadFUCLg8epZygO6Vxt6sivY=
Subject key identifier: 41:59:3F:2C:DE:A0:BF:EA:3B:41:F4:8A:9C:2C:9F:2C:BB:62:69:9B
Certificate issuer: /CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Certificate serial: 018D8CA1927DC8BE88CEDA57C9A56868F9C4
Authority key identifier: CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/QVk_LN6gv-o7QfSKnCyfLLtiaZs.roa
Signing time: Fri 09 Feb 2024 06:50:15 +0000
ROA not before: Fri 09 Feb 2024 06:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51553
IP address blocks: 85.91.49.0/24 maxlen: 24
85.91.50.0/24 maxlen: 24
85.91.51.0/24 maxlen: 24
85.91.52.0/24 maxlen: 24
85.91.53.0/24 maxlen: 24
85.91.54.0/24 maxlen: 24
85.91.55.0/24 maxlen: 24
85.91.56.0/24 maxlen: 24
85.91.57.0/24 maxlen: 24
91.217.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.mft
rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:a1:92:7d:c8:be:88:ce:da:57:c9:a5:68:68:f9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Validity
Not Before: Feb 9 06:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41593f2cdea0bfea3b41f48a9c2c9f2cbb62699b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f2:12:39:ab:2a:c1:6c:b1:a7:24:9e:7d:df:
10:cb:c0:38:aa:4d:88:59:4d:53:18:89:43:d7:1d:
d4:68:2a:73:32:bf:82:12:4c:53:a2:0b:39:44:4d:
0c:5e:15:34:2b:00:92:1e:37:b9:cb:06:0c:85:fa:
83:95:76:ae:02:fa:7d:01:28:9c:da:c2:6b:3c:44:
70:b5:b6:5d:37:78:84:e5:ca:c3:75:c8:8d:14:1f:
d6:42:53:cf:f9:51:c9:8d:37:44:95:46:0f:ec:ff:
86:d1:87:ae:28:40:6e:ea:c8:0f:1a:e4:4f:c0:7f:
c2:57:bf:6d:46:f7:04:dc:81:02:11:aa:df:fd:34:
fa:69:12:94:3c:13:f1:31:3f:e0:23:52:d9:ea:9a:
7f:c5:bf:2e:c9:16:19:b5:b0:27:e2:4f:f1:42:0e:
63:6d:7a:02:49:ba:91:1e:89:d8:89:77:f2:aa:47:
17:c3:6c:73:87:cb:91:7e:34:f3:49:0b:3f:6b:3c:
c3:c6:72:87:92:d8:50:19:dd:56:69:90:d4:ed:84:
ac:df:cd:5b:ed:1e:5b:52:ab:34:e5:5a:f5:55:27:
e2:38:47:3f:61:99:32:49:73:0b:ef:99:2b:8d:f0:
1f:4e:c2:ea:59:6b:d6:a0:ba:c6:5b:e9:f5:fe:1e:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:59:3F:2C:DE:A0:BF:EA:3B:41:F4:8A:9C:2C:9F:2C:BB:62:69:9B
X509v3 Authority Key Identifier:
keyid:CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/QVk_LN6gv-o7QfSKnCyfLLtiaZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.49.0-85.91.57.255
91.217.237.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ea:20:3e:e7:f0:9f:28:e4:44:99:c0:03:df:97:93:9a:05:
97:99:ac:96:e7:16:59:97:e0:8f:85:8c:ab:c6:58:a3:a7:bb:
f4:91:63:84:c3:1f:32:5e:00:3a:52:a0:2d:fb:15:6c:92:d0:
e9:e5:75:45:bc:0e:c3:db:91:c8:2c:8b:3e:8d:ed:a7:07:f8:
6d:ca:71:66:69:dc:8b:1b:eb:d7:6f:bb:ca:56:1a:ba:6a:8f:
98:8e:1f:1e:b2:41:74:99:93:19:79:90:68:66:44:c5:80:3a:
2b:f3:4a:39:5f:d1:12:d1:ce:93:36:8d:a5:b1:b6:c5:35:34:
4e:98:7f:bf:5e:b1:fa:f2:f9:c5:21:43:46:a0:50:79:ed:66:
d2:7d:92:67:ee:e1:33:aa:33:fe:97:9a:68:73:7a:e0:50:fc:
41:42:bc:9e:0b:a7:b2:7f:f3:c2:20:8d:48:8f:38:d6:49:7e:
b5:93:5b:5c:bc:f6:ad:20:8e:47:f3:22:9e:98:a0:01:a1:25:
15:4f:e1:af:ca:c6:d9:d5:0c:42:72:30:98:c7:56:64:74:64:
5b:a4:51:60:7f:0e:06:2b:6f:4c:ff:80:6c:4f:03:9e:56:e9:
c4:7f:67:c1:8a:85:49:8d:9a:b7:ab:2e:bb:88:11:32:de:7b:
bc:60:ba:a9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY2MoZJ9yL6IztpXyaVoaPnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODM3NWMzMjFkZWY5MjY1OTgzZTIxOTRkNDBiYTk3YWZl
N2YxY2MwHhcNMjQwMjA5MDY1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU5M2YyY2RlYTBiZmVhM2I0MWY0OGE5YzJjOWYyY2JiNjI2OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPISOasqwWyxpySefd8Qy8A4qk2I
WU1TGIlD1x3UaCpzMr+CEkxTogs5RE0MXhU0KwCSHje5ywYMhfqDlXauAvp9ASic
2sJrPERwtbZdN3iE5crDdciNFB/WQlPP+VHJjTdElUYP7P+G0YeuKEBu6sgPGuRP
wH/CV79tRvcE3IECEarf/TT6aRKUPBPxMT/gI1LZ6pp/xb8uyRYZtbAn4k/xQg5j
bXoCSbqRHonYiXfyqkcXw2xzh8uRfjTzSQs/azzDxnKHkthQGd1WaZDU7YSs381b
7R5bUqs05Vr1VSfiOEc/YZkySXML75krjfAfTsLqWWvWoLrGW+n1/h47LwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEFZPyzeoL/qO0H0ipwsnyy7YmmbMB8GA1UdIwQY
MBaAFM+DdcMh3vkmWYPiGU1Aupev5/HMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUt
ZTBjN2I5NmI1N2YyLzEvUVZrX0xONmd2LW83UWZTS25DeWZMTHRpYVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUtZTBjN2I5NmI1N2Yy
LzEvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVWzED
BAFVWzgDBABb2e0wDQYJKoZIhvcNAQELBQADggEBADLqID7n8J8o5ESZwAPfl5Oa
BZeZrJbnFlmX4I+FjKvGWKOnu/SRY4TDHzJeADpSoC37FWyS0OnldUW8DsPbkcgs
iz6N7acH+G3KcWZp3Isb69dvu8pWGrpqj5iOHx6yQXSZkxl5kGhmRMWAOivzSjlf
0RLRzpM2jaWxtsU1NE6Yf79esfry+cUhQ0agUHntZtJ9kmfu4TOqM/6XmmhzeuBQ
/EFCvJ4Lp7J/88IgjUiPONZJfrWTW1y89q0gjkfzIp6YoAGhJRVP4a/KxtnVDEJy
MJjHVmR0ZFukUWB/DgYrb0z/gGxPA55W6cR/Z8GKhUmNmrerLruIETLee7xguqk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:49:09 2024 by rpki-client on console-ams.rpki-client.org