Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/1ilr6zYt5I52EZw1RBDC_QnucBI.roa
File: 1ilr6zYt5I52EZw1RBDC_QnucBI.roa (raw, json)
Hash identifier: 8aVTE2OR/NeC5XrRy2OHucb/MxvIRcv9F4MoSRLn0GY=
Subject key identifier: D6:29:6B:EB:36:2D:E4:8E:76:11:9C:35:44:10:C2:FD:09:EE:70:12
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 019428232F63EBF4191CA4829A99CB6ECE17
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/1ilr6zYt5I52EZw1RBDC_QnucBI.roa
Signing time: Thu 02 Jan 2025 17:49:42 +0000
ROA not before: Thu 02 Jan 2025 17:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29076
IP address blocks: 37.202.12.0/24 maxlen: 24
37.202.13.0/24 maxlen: 24
212.113.114.0/23 maxlen: 23
212.113.115.0/24 maxlen: 24
212.113.125.0/24 maxlen: 24
212.113.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:2f:63:eb:f4:19:1c:a4:82:9a:99:cb:6e:ce:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 2 17:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6296beb362de48e76119c354410c2fd09ee7012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:08:95:e7:64:88:37:97:61:57:f0:59:70:
dc:77:7f:e3:5c:57:c5:3b:1b:13:ad:df:27:28:6f:
1e:7e:b5:c1:14:c1:5a:0d:f0:3f:01:50:0c:8d:5a:
28:1f:77:17:b5:e8:58:9f:6e:ff:6f:2a:8e:b4:b7:
65:f5:ff:15:b8:c9:06:39:46:07:86:b3:4c:37:77:
d7:70:c1:53:90:95:a2:44:90:1f:a4:33:e5:f5:e8:
42:f3:d9:0d:84:89:10:e5:91:d6:c7:2c:19:30:37:
6a:01:b5:53:a3:c8:d5:c2:9d:f6:50:92:e7:97:fc:
e3:14:13:a6:b1:a6:86:12:cd:95:45:ca:f5:d6:a2:
fd:53:9d:84:c4:33:8c:7c:9a:85:cf:6a:59:56:a8:
20:04:bf:04:34:81:8f:e4:dc:e5:e0:ed:c3:11:d2:
e9:dc:63:3f:41:2b:5c:23:c1:f2:64:16:ff:c0:9e:
bb:8e:a2:e1:bd:6e:f8:e1:ac:d5:ba:74:47:36:65:
1f:a8:42:72:09:6e:f8:d6:63:49:f0:3e:d7:88:9c:
c7:2b:c9:2d:b5:51:88:a4:9a:cc:e0:69:6e:88:35:
0b:bb:a0:74:76:78:14:44:f8:70:3b:47:ec:ff:03:
df:3b:a6:c9:ca:8b:b4:25:53:86:b8:bf:42:9a:d4:
4b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:29:6B:EB:36:2D:E4:8E:76:11:9C:35:44:10:C2:FD:09:EE:70:12
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/1ilr6zYt5I52EZw1RBDC_QnucBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.12.0/23
212.113.114.0/23
212.113.125.0-212.113.126.255
Signature Algorithm: sha256WithRSAEncryption
2f:12:dc:36:dd:33:19:02:ee:3d:70:d4:e1:10:f6:cd:e7:93:
5b:b7:e8:5c:c2:51:7c:79:ea:63:a4:f3:1c:80:16:6e:fb:e8:
36:03:c2:5b:ec:54:6d:06:4c:d0:f1:b0:57:fe:bf:e2:36:3c:
62:2a:7e:11:4c:0f:37:14:b4:8d:da:31:93:88:4f:7f:50:d9:
b7:18:00:ea:44:68:c3:61:98:c9:41:dc:90:8b:fd:8d:ec:99:
1e:30:9a:1b:c6:61:f0:f7:c9:94:fa:6d:99:39:c4:68:c0:d0:
45:55:a1:45:82:eb:eb:3a:ec:bb:cc:d1:51:f1:15:80:1d:59:
d7:84:85:7e:90:4e:12:52:8c:29:cb:4a:b0:e2:44:9b:ed:f1:
d1:17:fa:b8:bb:7a:4b:00:b4:99:f6:8d:6d:b6:8e:fa:b1:5c:
c8:7a:7f:81:d1:14:c9:55:f3:d9:a1:2f:76:af:7e:6a:f0:ce:
0a:45:f1:56:10:a9:0c:98:15:91:6f:ca:f5:e8:ea:3a:3b:41:
80:a8:de:4e:47:b7:74:22:f3:2d:a2:45:43:a2:0b:68:ee:a1:
8f:52:ad:bc:c8:4e:20:af:7a:bd:8e:25:20:fa:12:39:23:e2:
b0:78:50:18:7e:bf:6a:04:c4:a0:29:37:af:2e:58:e4:49:e1:
3e:02:d8:c0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQoIy9j6/QZHKSCmpnLbs4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjUwMTAyMTc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjI5NmJlYjM2MmRlNDhlNzYxMTljMzU0NDEwYzJmZDA5ZWU3MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+YIledkiDeXYVfwWXDcd3/jXFfF
OxsTrd8nKG8efrXBFMFaDfA/AVAMjVooH3cXtehYn27/byqOtLdl9f8VuMkGOUYH
hrNMN3fXcMFTkJWiRJAfpDPl9ehC89kNhIkQ5ZHWxywZMDdqAbVTo8jVwp32UJLn
l/zjFBOmsaaGEs2VRcr11qL9U52ExDOMfJqFz2pZVqggBL8ENIGP5Nzl4O3DEdLp
3GM/QStcI8HyZBb/wJ67jqLhvW744azVunRHNmUfqEJyCW741mNJ8D7XiJzHK8kt
tVGIpJrM4GluiDULu6B0dngURPhwO0fs/wPfO6bJyou0JVOGuL9CmtRLVQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNYpa+s2LeSOdhGcNUQQwv0J7nASMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvMWlscjZ6WXQ1STUyRVp3MVJCRENfUW51Y0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBJcoMAwQB
1HFyMAwDBADUcX0DBADUcX4wDQYJKoZIhvcNAQELBQADggEBAC8S3DbdMxkC7j1w
1OEQ9s3nk1u36FzCUXx56mOk8xyAFm776DYDwlvsVG0GTNDxsFf+v+I2PGIqfhFM
DzcUtI3aMZOIT39Q2bcYAOpEaMNhmMlB3JCL/Y3smR4wmhvGYfD3yZT6bZk5xGjA
0EVVoUWC6+s67LvM0VHxFYAdWdeEhX6QThJSjCnLSrDiRJvt8dEX+ri7eksAtJn2
jW22jvqxXMh6f4HRFMlV89mhL3avfmrwzgpF8VYQqQyYFZFvyvXo6jo7QYCo3k5H
t3Qi8y2iRUOiC2juoY9SrbzITiCver2OJSD6Ejkj4rB4UBh+v2oExKApN68uWORJ
4T4C2MA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:52 2025 by rpki-client