Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QVijdz-El_MFQHWeBGwjSzLAbI8.roa
File: QVijdz-El_MFQHWeBGwjSzLAbI8.roa (raw, json)
Hash identifier: 6Tm56acgV+WDslvWEdP5J/HPoi20Ee254ygUhHitkmE=
Subject key identifier: 41:58:A3:77:3F:84:97:F3:05:40:75:9E:04:6C:23:4B:32:C0:6C:8F
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0192B8A8B5372F215C27383BB0DC649B05BD
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QVijdz-El_MFQHWeBGwjSzLAbI8.roa
Signing time: Wed 23 Oct 2024 09:15:16 +0000
ROA not before: Wed 23 Oct 2024 09:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 2a0e:d781::/32 maxlen: 32
2a0e:d782::/32 maxlen: 32
2a0e:d783::/32 maxlen: 32
2a11:f883::/32 maxlen: 48
2a11:f884::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:a8:b5:37:2f:21:5c:27:38:3b:b0:dc:64:9b:05:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 23 09:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4158a3773f8497f30540759e046c234b32c06c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4f:e4:50:08:17:5c:37:f4:e6:be:82:12:e8:
08:f5:87:f4:fa:82:2d:0c:90:83:fe:c5:1a:c2:9a:
ee:e0:d2:fe:68:d6:b8:4b:0b:7d:3b:79:a9:95:ac:
21:b3:4a:80:29:d5:de:b1:34:9a:92:de:02:68:43:
01:37:d7:e9:e0:48:6e:02:4c:0b:4a:27:a6:c7:27:
20:92:d7:a8:f6:20:e8:14:68:db:1a:59:07:56:ad:
cd:09:29:7a:31:2f:7b:94:01:55:94:a7:69:8a:48:
24:e5:06:83:6c:eb:5b:e6:38:15:4d:42:4b:8b:90:
ce:64:76:33:c7:36:0e:8c:02:d6:24:3a:a2:68:31:
48:84:ea:bf:63:c5:19:e9:c8:ac:33:02:ef:ee:06:
6f:bb:e9:82:b7:e8:a5:52:7a:30:33:75:d8:96:a5:
8f:9c:1c:8c:cf:6a:98:06:e3:02:38:78:ea:00:1f:
e1:da:9e:b6:fb:c2:95:e4:1d:d8:74:0e:93:a2:93:
36:89:fb:4d:bb:d2:c4:fe:0d:1e:6f:a7:13:0a:fb:
1a:e1:bc:42:e4:ec:bb:cd:31:f7:c8:96:b9:7e:8f:
5b:11:5d:f3:f3:00:d1:ad:1f:ac:52:2c:5e:b7:af:
61:d8:86:22:25:02:bb:bd:81:18:0c:db:da:3f:33:
e3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:58:A3:77:3F:84:97:F3:05:40:75:9E:04:6C:23:4B:32:C0:6C:8F
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/QVijdz-El_MFQHWeBGwjSzLAbI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff
2a11:f883::-2a11:f884:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:c1:bf:6d:43:8d:19:e2:74:26:c4:aa:b1:91:b6:70:a8:6f:
a2:91:68:2d:89:aa:4d:55:53:1a:80:c1:1e:47:60:6f:0e:9a:
08:56:5f:fd:75:f9:70:37:77:ea:9c:65:3b:5b:e8:ab:03:e8:
7b:3c:d2:9d:cb:2a:87:37:cf:96:9a:bd:ab:9d:bb:85:eb:11:
29:18:f7:16:a9:ab:25:94:e5:90:4f:6d:02:da:dc:82:4d:59:
8d:80:ed:78:28:ec:36:39:51:f0:cf:b6:46:4c:bb:8b:4c:69:
ae:da:51:31:99:14:34:ea:c5:26:e6:6a:13:9d:1e:f5:5e:74:
ad:15:6e:20:06:12:e0:b9:1b:f2:f6:84:49:dc:61:13:9b:4d:
f6:77:19:10:00:8e:90:75:81:2d:33:66:b4:13:ba:49:04:25:
e7:d8:ff:ee:cc:f0:21:a7:96:2a:75:d3:2d:f5:c9:db:41:d8:
6f:7a:b1:23:6b:fe:e7:c3:ac:e4:12:48:84:e3:ca:10:f7:6d:
50:e8:2b:83:3e:da:ac:4b:d6:4f:8e:28:55:d8:1b:dc:5e:ec:
e8:72:32:8c:13:5c:cd:f9:4c:f0:3f:65:16:04:b4:5d:3b:13:
b7:e0:12:85:9a:f7:3d:de:72:f3:59:97:40:93:6e:b0:bb:87:
3b:b6:7d:47
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZK4qLU3LyFcJzg7sNxkmwW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQxMDIzMDkxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU4YTM3NzNmODQ5N2YzMDU0MDc1OWUwNDZjMjM0YjMyYzA2YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7k/kUAgXXDf05r6CEugI9Yf0+oIt
DJCD/sUawpru4NL+aNa4Swt9O3mplawhs0qAKdXesTSakt4CaEMBN9fp4EhuAkwL
Siemxycgkteo9iDoFGjbGlkHVq3NCSl6MS97lAFVlKdpikgk5QaDbOtb5jgVTUJL
i5DOZHYzxzYOjALWJDqiaDFIhOq/Y8UZ6cisMwLv7gZvu+mCt+ilUnowM3XYlqWP
nByMz2qYBuMCOHjqAB/h2p62+8KV5B3YdA6TopM2iftNu9LE/g0eb6cTCvsa4bxC
5Oy7zTH3yJa5fo9bEV3z8wDRrR+sUixet69h2IYiJQK7vYEYDNvaPzPjrQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEFYo3c/hJfzBUB1ngRsI0sywGyPMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUVZpamR6LUVsX01GUUhXZUJHd2pTekxBYkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteB
AwUCKg7XgDAOAwUAKhH4gwMFACoR+IQwDQYJKoZIhvcNAQELBQADggEBAFfBv21D
jRnidCbEqrGRtnCob6KRaC2Jqk1VUxqAwR5HYG8OmghWX/11+XA3d+qcZTtb6KsD
6Hs80p3LKoc3z5aavaudu4XrESkY9xapqyWU5ZBPbQLa3IJNWY2A7Xgo7DY5UfDP
tkZMu4tMaa7aUTGZFDTqxSbmahOdHvVedK0VbiAGEuC5G/L2hEncYRObTfZ3GRAA
jpB1gS0zZrQTukkEJefY/+7M8CGnlip10y31ydtB2G96sSNr/ufDrOQSSITjyhD3
bVDoK4M+2qxL1k+OKFXYG9xe7OhyMowTXM35TPA/ZRYEtF07E7fgEoWa9z3ecvNZ
l0CTbrC7hzu2fUc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:52 2024 by rpki-client on console-ams.rpki-client.org