Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/qDbtLpk6UejzhXP-ZFQmJ3h9p7o.roa
File: qDbtLpk6UejzhXP-ZFQmJ3h9p7o.roa (raw, json)
Hash identifier: faJ/HsPjnbat0bBSJvZK5tWvTJgytu3X2RXRauVcUng=
Subject key identifier: A8:36:ED:2E:99:3A:51:E8:F3:85:73:FE:64:54:26:27:78:7D:A7:BA
Certificate issuer: /CN=63926fcff81bb91a6a71ae5e8935ab4daae53744
Certificate serial: 018CC50115109EE7C1863FDEA2E3CDC28032
Authority key identifier: 63:92:6F:CF:F8:1B:B9:1A:6A:71:AE:5E:89:35:AB:4D:AA:E5:37:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/qDbtLpk6UejzhXP-ZFQmJ3h9p7o.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41853
IP address blocks: 91.102.152.0/21 maxlen: 24
91.102.158.0/24 maxlen: 24
91.102.155.0/24 maxlen: 24
91.102.154.0/24 maxlen: 24
93.189.40.0/21 maxlen: 24
2a00:5820::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:15:10:9e:e7:c1:86:3f:de:a2:e3:cd:c2:80:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63926fcff81bb91a6a71ae5e8935ab4daae53744
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a836ed2e993a51e8f38573fe64542627787da7ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:b5:b0:d8:bf:b5:fb:10:8a:71:3e:58:f7:
59:c8:fe:ed:78:40:d1:db:82:d3:dc:a2:e3:a5:46:
d1:ec:66:20:bd:f6:0b:90:6f:ea:66:6b:2c:aa:93:
09:ee:4c:a1:e4:72:73:9a:f5:21:40:94:7c:41:a9:
e2:97:5d:e2:81:af:f6:30:c7:83:fc:e5:5e:37:db:
1c:9c:82:ec:10:e9:33:ac:5f:ba:99:7d:bb:22:f8:
1b:77:6c:6c:f7:3a:ae:e6:c3:13:5a:39:48:06:2b:
cd:97:b7:61:0e:c9:79:64:d5:8e:6a:b9:8f:fa:10:
1c:e5:8f:6b:79:bf:ed:8c:41:52:cf:e3:fb:2c:fb:
85:47:d8:a2:7d:dd:0f:90:63:e5:d2:6c:cb:c5:22:
8c:2e:30:5b:b3:e7:c7:30:42:6f:15:e7:bc:ab:cb:
4c:e1:51:20:26:d4:c2:b0:b3:93:c8:4c:0f:fe:fa:
59:54:13:4a:0d:b6:37:6d:78:7e:49:cc:83:0f:15:
8b:f5:40:ef:4c:4f:0b:f4:88:8b:07:1c:53:74:0d:
e5:05:75:df:96:fc:6d:8d:db:25:03:7c:4f:ba:f7:
dc:2b:2b:46:16:d1:30:f4:79:3d:25:ad:8f:f9:c3:
f5:66:ef:a3:7b:92:68:ab:4e:14:a3:fa:f6:fc:58:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:36:ED:2E:99:3A:51:E8:F3:85:73:FE:64:54:26:27:78:7D:A7:BA
X509v3 Authority Key Identifier:
keyid:63:92:6F:CF:F8:1B:B9:1A:6A:71:AE:5E:89:35:AB:4D:AA:E5:37:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/qDbtLpk6UejzhXP-ZFQmJ3h9p7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.152.0/21
93.189.40.0/21
IPv6:
2a00:5820::/32
Signature Algorithm: sha256WithRSAEncryption
2a:86:7b:f9:70:69:bd:b3:1f:a4:db:97:5f:6a:de:82:76:2c:
84:53:db:bc:d5:78:41:42:c5:ca:35:11:72:14:91:01:7c:83:
26:1e:a5:8e:52:d9:85:10:ef:34:6b:0c:10:10:5d:9b:ab:a9:
0c:a9:c5:f1:7b:7c:8a:14:e4:84:18:f8:ee:8d:72:7b:d0:61:
d5:61:a8:5e:85:40:a0:4b:81:6c:e0:48:c8:3f:f6:50:aa:cc:
3f:62:e9:42:d0:1f:43:ce:cf:cf:70:f8:ee:7a:7e:d3:f0:62:
2a:f2:15:70:5e:46:6f:59:8c:f5:be:aa:b9:f3:88:cf:d5:90:
c1:61:b4:94:2d:93:1c:cf:41:e1:cd:70:22:1c:5a:e7:24:1a:
af:99:ea:ba:00:fa:82:3b:64:d9:4d:2f:1c:2c:16:13:5e:46:
6f:b1:14:ce:df:e7:51:30:60:a4:aa:51:1a:99:48:b5:75:6b:
1a:de:e5:48:fc:ed:ed:47:54:d8:9e:a1:39:17:35:96:55:6d:
7e:05:08:ae:5a:33:cd:75:c3:08:9c:b3:9d:6e:62:a2:72:c0:
1f:11:8e:e9:c1:17:e3:c7:6d:7d:28:a0:89:62:df:60:52:16:
f6:29:6c:6b:56:33:f1:cb:85:da:ac:b1:5d:88:ab:91:22:15:
19:fd:fb:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFARUQnufBhj/eouPNwoAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOTI2ZmNmZjgxYmI5MWE2YTcxYWU1ZTg5MzVhYjRkYWFl
NTM3NDQwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM2ZWQyZTk5M2E1MWU4ZjM4NTczZmU2NDU0MjYyNzc4N2RhN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr661sNi/tfsQinE+WPdZyP7teEDR
24LT3KLjpUbR7GYgvfYLkG/qZmssqpMJ7kyh5HJzmvUhQJR8Qanil13iga/2MMeD
/OVeN9scnILsEOkzrF+6mX27Ivgbd2xs9zqu5sMTWjlIBivNl7dhDsl5ZNWOarmP
+hAc5Y9reb/tjEFSz+P7LPuFR9iifd0PkGPl0mzLxSKMLjBbs+fHMEJvFee8q8tM
4VEgJtTCsLOTyEwP/vpZVBNKDbY3bXh+ScyDDxWL9UDvTE8L9IiLBxxTdA3lBXXf
lvxtjdslA3xPuvfcKytGFtEw9Hk9Ja2P+cP1Zu+je5Joq04Uo/r2/FhqrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKg27S6ZOlHo84Vz/mRUJid4fae6MB8GA1UdIwQY
MBaAFGOSb8/4G7kaanGuXok1q02q5TdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTVKdnpfZ2J1UnBxY2E1ZWlUV3JUYXJsTjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lMDRmYzQtMmM2ZS00YWY3LTkzOWUt
MDQ4MzkxZjhkYjljLzEvcURidExwazZVZWp6aFhQLVpGUW1KM2g5cDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lMDRmYzQtMmM2ZS00YWY3LTkzOWUtMDQ4MzkxZjhkYjlj
LzEvWTVKdnpfZ2J1UnBxY2E1ZWlUV3JUYXJsTjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW2aYAwQD
Xb0oMA0EAgACMAcDBQAqAFggMA0GCSqGSIb3DQEBCwUAA4IBAQAqhnv5cGm9sx+k
25dfat6CdiyEU9u81XhBQsXKNRFyFJEBfIMmHqWOUtmFEO80awwQEF2bq6kMqcXx
e3yKFOSEGPjujXJ70GHVYahehUCgS4Fs4EjIP/ZQqsw/YulC0B9Dzs/PcPjuen7T
8GIq8hVwXkZvWYz1vqq584jP1ZDBYbSULZMcz0HhzXAiHFrnJBqvmeq6APqCO2TZ
TS8cLBYTXkZvsRTO3+dRMGCkqlEamUi1dWsa3uVI/O3tR1TYnqE5FzWWVW1+BQiu
WjPNdcMInLOdbmKicsAfEY7pwRfjx219KKCJYt9gUhb2KWxrVjPxy4XarLFdiKuR
IhUZ/fso
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:46:08 2024 by rpki-client on console-ams.rpki-client.org