Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QpIMChsOvCovU6ZhdE5JQaEcuBQ.roa
File: QpIMChsOvCovU6ZhdE5JQaEcuBQ.roa (raw, json)
Hash identifier: Q0/4DNWTvJEvLzFcxlb1uJdsb691+qyA5+8Jl+3U1mE=
Subject key identifier: 42:92:0C:0A:1B:0E:BC:2A:2F:53:A6:61:74:4E:49:41:A1:1C:B8:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCF787FE0601A89DF5B92E25F2F8F2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QpIMChsOvCovU6ZhdE5JQaEcuBQ.roa
Signing time: Tue 02 Jan 2024 10:34:13 +0000
ROA not before: Tue 02 Jan 2024 10:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200730
IP address blocks: 2a0e:b107:1fc0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f7:87:fe:06:01:a8:9d:f5:b9:2e:25:f2:f8:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42920c0a1b0ebc2a2f53a661744e4941a11cb814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:4c:01:cc:bc:56:18:ad:b8:8b:6d:36:88:
e4:38:c5:3d:71:a8:68:0c:d8:bf:e7:d2:cc:70:6c:
f6:17:15:f9:70:9c:83:34:a6:92:86:df:15:9e:ba:
42:8f:1a:56:57:7a:32:b0:fe:e4:78:ff:81:3f:f6:
3b:57:73:75:24:00:8f:1b:3d:4c:98:34:31:84:7d:
19:39:dc:7a:95:35:5d:e4:da:b7:42:89:27:4d:7d:
dd:96:2a:03:39:a8:90:30:df:0b:fd:98:be:db:6c:
16:15:91:c7:19:ab:3a:f3:1f:f4:58:42:82:6c:de:
be:d2:56:ed:b5:5d:4b:95:7e:46:4c:5d:01:e7:82:
12:c6:58:04:ad:be:14:9a:e7:b2:06:25:92:c6:90:
75:0d:05:00:61:d7:19:b8:a5:88:b0:99:15:ad:cb:
9b:4a:a4:58:2d:48:20:f1:2a:52:4b:f7:ad:c1:61:
44:c1:8a:7f:b0:a9:99:cf:86:4c:ba:be:5b:cf:e1:
5d:cb:01:06:4a:be:78:d6:f7:d5:31:4c:e8:35:b9:
cb:9a:64:dc:86:89:5f:3c:ca:c5:69:e5:65:02:83:
db:b1:06:06:2d:57:3e:63:91:b4:fa:00:84:ea:53:
24:41:1f:b5:52:ef:88:3e:19:b3:d9:d7:55:57:25:
48:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:92:0C:0A:1B:0E:BC:2A:2F:53:A6:61:74:4E:49:41:A1:1C:B8:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QpIMChsOvCovU6ZhdE5JQaEcuBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1fc0::/44
Signature Algorithm: sha256WithRSAEncryption
37:81:f3:77:d6:05:2f:fb:5f:e7:49:47:98:41:8d:3f:f3:72:
69:29:d2:46:35:d6:93:c5:85:e6:4a:5e:5d:57:29:67:29:fe:
e4:34:75:61:30:3f:34:5b:2a:87:0a:c9:ee:cb:1b:77:45:f0:
cc:d2:dc:03:cb:0a:f5:7e:4a:82:e4:9c:50:2a:87:d2:65:c3:
c7:3d:4f:0e:3a:e1:b1:d0:37:d7:c7:02:da:fb:72:93:cb:a7:
61:92:74:94:f6:36:af:f0:1e:f5:3c:51:11:6d:72:bd:da:66:
fc:0d:49:05:dd:ee:be:f0:4b:f4:3d:fc:87:0e:8d:1a:ea:67:
eb:33:88:c7:b8:27:11:c3:75:7d:04:01:3b:88:4b:bc:7c:5d:
de:cd:ac:00:fd:b2:c4:2b:7c:01:ca:99:49:14:a2:d1:7e:1a:
23:65:71:fd:25:45:33:e8:42:70:b8:a3:09:48:fb:50:76:2c:
af:4b:67:e0:1a:eb:3d:d7:52:ca:e4:6d:f4:69:57:a6:b8:cf:
5d:41:33:a9:e9:54:1e:65:17:3a:87:34:62:fb:5f:74:1f:2c:
c9:00:4b:e4:b7:e9:30:07:51:eb:59:35:18:ea:d5:fc:99:d7:
49:f9:a7:25:0e:03:a7:72:b7:e9:5d:54:20:cf:65:ba:d5:d7:
b9:40:57:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvPeH/gYBqJ31uS4l8vjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjkyMGMwYTFiMGViYzJhMmY1M2E2NjE3NDRlNDk0MWExMWNiODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNtMAcy8VhituIttNojkOMU9caho
DNi/59LMcGz2FxX5cJyDNKaSht8VnrpCjxpWV3oysP7keP+BP/Y7V3N1JACPGz1M
mDQxhH0ZOdx6lTVd5Nq3QoknTX3dlioDOaiQMN8L/Zi+22wWFZHHGas68x/0WEKC
bN6+0lbttV1LlX5GTF0B54ISxlgErb4UmueyBiWSxpB1DQUAYdcZuKWIsJkVrcub
SqRYLUgg8SpSS/etwWFEwYp/sKmZz4ZMur5bz+FdywEGSr541vfVMUzoNbnLmmTc
holfPMrFaeVlAoPbsQYGLVc+Y5G0+gCE6lMkQR+1Uu+IPhmz2ddVVyVI+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEKSDAobDrwqL1OmYXROSUGhHLgUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUXBJTUNoc092Q292VTZaaGRFNUpRYUVjdUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBx/A
MA0GCSqGSIb3DQEBCwUAA4IBAQA3gfN31gUv+1/nSUeYQY0/83JpKdJGNdaTxYXm
Sl5dVylnKf7kNHVhMD80WyqHCsnuyxt3RfDM0twDywr1fkqC5JxQKofSZcPHPU8O
OuGx0DfXxwLa+3KTy6dhknSU9jav8B71PFERbXK92mb8DUkF3e6+8Ev0PfyHDo0a
6mfrM4jHuCcRw3V9BAE7iEu8fF3ezawA/bLEK3wByplJFKLRfhojZXH9JUUz6EJw
uKMJSPtQdiyvS2fgGus911LK5G30aVemuM9dQTOp6VQeZRc6hzRi+190HyzJAEvk
t+kwB1HrWTUY6tX8mddJ+aclDgOncrfpXVQgz2W61de5QFdj
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:30 2024 by rpki-client on console-fra.rpki-client.org