Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qnjqXU3AEWVW4mhjV2EqzmtpHfs.roa
File: qnjqXU3AEWVW4mhjV2EqzmtpHfs.roa (raw, json)
Hash identifier: Paul4EGZJNUGtvTxFVFiT2kxcEf9J1Dux1xR7ZYBLPA=
Subject key identifier: AA:78:EA:5D:4D:C0:11:65:56:E2:68:63:57:61:2A:CE:6B:69:1D:FB
Certificate issuer: /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial: 01927A6E748E8669AACFA50BA2571F70DCEA
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qnjqXU3AEWVW4mhjV2EqzmtpHfs.roa
Signing time: Fri 11 Oct 2024 07:15:12 +0000
ROA not before: Fri 11 Oct 2024 07:15:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 194.182.152.0/23 maxlen: 23
194.182.152.0/24 maxlen: 24
194.182.153.0/24 maxlen: 24
2a10:cf80:1001::/48 maxlen: 48
2a10:cf80:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:6e:74:8e:86:69:aa:cf:a5:0b:a2:57:1f:70:dc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
Validity
Not Before: Oct 11 07:15:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa78ea5d4dc0116556e2686357612ace6b691dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5d:59:7b:ee:3a:11:1e:e6:7f:09:48:d3:91:
f4:14:57:4e:42:d8:fa:f9:01:ea:4d:d7:b5:a1:6b:
03:96:7d:24:82:ad:db:77:b7:be:90:c3:b0:b8:59:
40:af:1b:30:1d:90:e6:07:50:10:4a:18:1a:17:bf:
cf:fb:8e:b9:cc:44:90:18:d9:67:41:0e:74:4f:87:
bf:01:e8:02:e7:f4:c8:c0:f9:15:85:d1:8e:b2:98:
6a:c0:8c:f9:88:e7:4d:ac:f9:32:c8:59:1c:3f:9b:
88:6e:51:9e:f8:96:11:8e:2c:26:8c:0a:f4:f3:4d:
de:8d:13:3f:af:15:14:03:43:92:42:75:e0:ed:3c:
34:d4:04:e4:52:80:dd:4c:85:6e:dd:9a:e0:eb:e0:
00:a7:33:c3:6a:03:98:cb:39:86:94:71:1b:79:dd:
c8:a6:5c:ec:37:a1:38:05:9b:23:0e:30:37:3d:0a:
31:62:48:f8:88:1c:ce:5b:80:a5:3d:b0:eb:56:2a:
73:e8:34:fa:cf:9b:b6:e9:5e:76:ca:8e:b3:56:67:
19:7c:c6:03:21:2e:06:4f:71:a9:3e:6b:83:f4:98:
c8:4a:0b:43:72:56:d0:aa:4e:53:f2:c2:4b:ff:99:
32:bf:8b:34:63:0e:43:dd:ff:58:6d:5d:26:a4:2b:
20:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:78:EA:5D:4D:C0:11:65:56:E2:68:63:57:61:2A:CE:6B:69:1D:FB
X509v3 Authority Key Identifier:
keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qnjqXU3AEWVW4mhjV2EqzmtpHfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.182.152.0/23
IPv6:
2a10:cf80:1001::/48
2a10:cf80:2001::/48
Signature Algorithm: sha256WithRSAEncryption
7e:38:f0:94:2f:cf:08:e3:c8:8f:84:7a:78:22:f2:c2:06:e3:
e1:6c:85:5f:b4:dd:31:9a:25:3e:c4:b1:5d:d8:ac:b5:11:5b:
56:20:51:2c:65:b2:df:50:10:d7:6f:8f:14:ff:01:1f:0a:24:
f7:6a:48:4e:20:d7:d0:b8:99:d1:1d:59:f7:5b:45:a8:68:30:
22:5b:e6:ba:6a:4f:e5:d5:01:4e:75:6c:d0:32:8b:07:5f:36:
32:b8:2f:4c:c4:04:be:aa:16:ae:c6:7a:ff:80:8e:a9:36:81:
dc:2c:e6:fb:23:ca:df:df:93:80:35:b7:42:1f:f2:4f:10:03:
2e:c7:ef:b0:b5:57:bd:ca:a5:c0:ac:50:ad:3d:dd:7a:d5:d0:
6e:e0:db:71:5c:36:93:57:68:c8:27:0b:d9:59:e6:cb:2a:bc:
97:3e:bc:40:75:7c:12:fa:56:7b:f0:89:41:3c:13:5a:c8:b5:
1b:b4:8a:7c:fa:76:25:1e:15:a9:1a:86:16:bf:04:4a:0a:4d:
1e:56:69:3c:e6:e2:53:eb:1c:2b:73:e5:89:72:e4:d7:3e:54:
2b:4a:04:da:45:63:91:8c:d7:0b:4d:94:93:54:b4:0c:62:7b:
1f:ae:ac:f1:b4:03:76:fa:42:5a:4e:ce:27:e2:03:89:72:0b:
14:87:e0:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJ6bnSOhmmqz6ULolcfcNzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjQxMDExMDcxNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc4ZWE1ZDRkYzAxMTY1NTZlMjY4NjM1NzYxMmFjZTZiNjkxZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV1Ze+46ER7mfwlI05H0FFdOQtj6
+QHqTde1oWsDln0kgq3bd7e+kMOwuFlArxswHZDmB1AQShgaF7/P+465zESQGNln
QQ50T4e/AegC5/TIwPkVhdGOsphqwIz5iOdNrPkyyFkcP5uIblGe+JYRjiwmjAr0
803ejRM/rxUUA0OSQnXg7Tw01ATkUoDdTIVu3Zrg6+AApzPDagOYyzmGlHEbed3I
plzsN6E4BZsjDjA3PQoxYkj4iBzOW4ClPbDrVipz6DT6z5u26V52yo6zVmcZfMYD
IS4GT3GpPmuD9JjISgtDclbQqk5T8sJL/5kyv4s0Yw5D3f9YbV0mpCsgwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKp46l1NwBFlVuJoY1dhKs5raR37MB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvcW5qcVhVM0FFV1ZXNG1oalYyRXF6bXRwSGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwraYMBgE
AgACMBIDBwAqEM+AEAEDBwAqEM+AIAEwDQYJKoZIhvcNAQELBQADggEBAH448JQv
zwjjyI+Eengi8sIG4+FshV+03TGaJT7EsV3YrLURW1YgUSxlst9QENdvjxT/AR8K
JPdqSE4g19C4mdEdWfdbRahoMCJb5rpqT+XVAU51bNAyiwdfNjK4L0zEBL6qFq7G
ev+Ajqk2gdws5vsjyt/fk4A1t0If8k8QAy7H77C1V73KpcCsUK093XrV0G7g23Fc
NpNXaMgnC9lZ5ssqvJc+vEB1fBL6VnvwiUE8E1rItRu0inz6diUeFakahha/BEoK
TR5WaTzm4lPrHCtz5Yly5Nc+VCtKBNpFY5GM1wtNlJNUtAxiex+urPG0A3b6QlpO
zifiA4lyCxSH4AQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:20 2024 by rpki-client on console-fra.rpki-client.org