Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/qbahbC-G6iKoOuig33XM1KYRJ0I.roa
File: qbahbC-G6iKoOuig33XM1KYRJ0I.roa (raw, json)
Hash identifier: qlfY/jG+a8BExzCqvzmPbWvmpJdCXEBtVkSbjV3RNvI=
Subject key identifier: A9:B6:A1:6C:2F:86:EA:22:A8:3A:E8:A0:DF:75:CC:D4:A6:11:27:42
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 01904B3A5E89FC81E1A6EAF64E1DC9689E05
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/qbahbC-G6iKoOuig33XM1KYRJ0I.roa
Signing time: Mon 24 Jun 2024 17:10:34 +0000
ROA not before: Mon 24 Jun 2024 17:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a0f:4bc0::/29 maxlen: 29
2a0f:5080::/29 maxlen: 29
2a0f:e100::/29 maxlen: 29
2a11:1780::/29 maxlen: 29
2a11:2540::/29 maxlen: 29
2a11:3e40::/29 maxlen: 29
2a11:4100::/29 maxlen: 29
2a11:5480::/29 maxlen: 29
2a11:6640::/29 maxlen: 29
2a12:19c0::/29 maxlen: 29
2a12:2bc0::/29 maxlen: 29
2a12:3940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:3a:5e:89:fc:81:e1:a6:ea:f6:4e:1d:c9:68:9e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Jun 24 17:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9b6a16c2f86ea22a83ae8a0df75ccd4a6112742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:a0:9b:d1:d2:41:38:9f:8b:a5:b8:47:78:
17:2e:0a:28:6f:9e:ce:c2:cc:ef:79:56:bf:63:56:
bf:36:47:9d:0c:70:a9:2a:96:38:76:a2:b2:00:9d:
5f:7c:05:fd:8f:bb:bb:56:62:3c:f8:ad:1e:08:44:
94:65:6d:2b:6c:12:d2:40:8b:74:1c:ce:74:76:30:
fe:d4:65:8d:c7:b2:ea:67:17:d7:db:93:ee:6b:84:
d7:98:94:4c:56:64:e3:1b:f1:df:bf:0c:2c:9a:5e:
91:38:18:7a:3c:41:16:55:33:da:5d:03:dc:28:e3:
5f:8e:04:da:4c:83:0e:14:16:67:49:0f:b7:d2:25:
81:44:e2:5e:e6:84:3a:bf:c4:74:d4:27:6f:0d:00:
07:6d:10:90:51:16:d3:84:93:c9:cf:1d:5c:fe:cd:
46:40:e4:fb:bb:29:ea:d4:98:3b:1c:f0:84:46:e4:
d8:d8:b4:37:b4:ea:2a:9c:0f:0e:a1:c0:80:9a:5f:
e0:1e:3a:2b:65:e5:a9:93:e3:99:ed:11:05:4d:02:
5c:f6:48:f7:07:73:27:d0:bc:a2:c7:a1:87:fe:9c:
13:ac:d4:c4:8c:59:83:83:c5:fb:2f:a7:63:b5:28:
30:8f:1d:5d:44:e5:87:95:7a:7b:66:67:76:e6:b4:
35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B6:A1:6C:2F:86:EA:22:A8:3A:E8:A0:DF:75:CC:D4:A6:11:27:42
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/qbahbC-G6iKoOuig33XM1KYRJ0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4bc0::/29
2a0f:5080::/29
2a0f:e100::/29
2a11:1780::/29
2a11:2540::/29
2a11:3e40::/29
2a11:4100::/29
2a11:5480::/29
2a11:6640::/29
2a12:19c0::/29
2a12:2bc0::/29
2a12:3940::/29
Signature Algorithm: sha256WithRSAEncryption
80:60:38:0a:49:06:01:0a:4c:3f:89:1c:2e:3d:dc:68:2c:98:
9b:1c:c6:2e:9f:44:97:ab:85:f7:ba:7f:60:eb:99:41:12:59:
f7:7a:1b:01:ea:6e:de:ea:1e:88:76:3d:78:b1:6f:c0:c2:d8:
f5:ee:e7:53:16:db:2b:84:b5:6f:6e:a8:2a:a8:c9:0d:9d:0c:
aa:c1:47:c5:57:47:e5:70:cc:d1:89:6c:97:88:41:9f:3a:30:
9f:10:ad:72:6c:1d:a8:82:01:fc:33:1b:ad:91:b3:54:5e:5b:
c3:1c:3d:46:d3:e9:94:6b:a0:da:d9:05:29:51:89:36:89:05:
f3:4f:af:3a:02:98:4f:dd:6f:b4:52:1b:13:e9:6d:ab:5f:09:
4d:a7:b8:2e:c2:69:f0:57:70:b9:73:34:07:0d:98:ed:bb:ff:
85:44:14:27:26:d4:c9:4c:9a:cc:65:1e:01:a2:67:04:65:19:
35:26:8e:15:cf:05:1f:c0:72:47:e2:fd:70:14:39:ec:f7:d7:
cd:fe:ea:3f:f8:5c:a1:3c:27:3f:20:3b:98:ce:ae:73:3d:80:
4f:39:4c:d1:8c:44:e9:84:6c:72:a1:08:4b:5e:63:b9:79:7e:
a5:e0:e9:94:41:29:72:0a:10:4a:90:1d:97:49:2f:3d:4e:3b:
2b:26:c3:14
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZBLOl6J/IHhpur2Th3JaJ4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjQwNjI0MTcxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWI2YTE2YzJmODZlYTIyYTgzYWU4YTBkZjc1Y2NkNGE2MTEyNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWmgm9HSQTifi6W4R3gXLgoob57O
wszveVa/Y1a/NkedDHCpKpY4dqKyAJ1ffAX9j7u7VmI8+K0eCESUZW0rbBLSQIt0
HM50djD+1GWNx7LqZxfX25Pua4TXmJRMVmTjG/Hfvwwsml6ROBh6PEEWVTPaXQPc
KONfjgTaTIMOFBZnSQ+30iWBROJe5oQ6v8R01CdvDQAHbRCQURbThJPJzx1c/s1G
QOT7uynq1Jg7HPCERuTY2LQ3tOoqnA8OocCAml/gHjorZeWpk+OZ7REFTQJc9kj3
B3Mn0Lyix6GH/pwTrNTEjFmDg8X7L6djtSgwjx1dROWHlXp7Zmd25rQ13QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKm2oWwvhuoiqDrooN91zNSmESdCMB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvcWJhaGJDLUc2aUtvT3VpZzMzWE0xS1lSSjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUDKg9LwAMF
AyoPUIADBQMqD+EAAwUDKhEXgAMFAyoRJUADBQMqET5AAwUDKhFBAAMFAyoRVIAD
BQMqEWZAAwUDKhIZwAMFAyoSK8ADBQMqEjlAMA0GCSqGSIb3DQEBCwUAA4IBAQCA
YDgKSQYBCkw/iRwuPdxoLJibHMYun0SXq4X3un9g65lBEln3ehsB6m7e6h6Idj14
sW/Awtj17udTFtsrhLVvbqgqqMkNnQyqwUfFV0flcMzRiWyXiEGfOjCfEK1ybB2o
ggH8MxutkbNUXlvDHD1G0+mUa6Da2QUpUYk2iQXzT686AphP3W+0UhsT6W2rXwlN
p7guwmnwV3C5czQHDZjtu/+FRBQnJtTJTJrMZR4BomcEZRk1Jo4VzwUfwHJH4v1w
FDns99fN/uo/+FyhPCc/IDuYzq5zPYBPOUzRjETphGxyoQhLXmO5eX6l4OmUQSly
ChBKkB2XSS89TjsrJsMU
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:31 2024 by rpki-client on console-ams.rpki-client.org