Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa
File: Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa (raw, json)
Hash identifier: x6hO3IbptkDGbM90w3ad3ys+qDsZsUpUFgPkvJqehhY=
Subject key identifier: 41:AD:6D:9A:8A:8B:F1:21:58:FC:01:BC:25:E4:F2:0A:FD:39:44:EA
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E9EEC3935EC4A5BE1B0FE53B8E452D02A
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa
Signing time: Tue 02 Apr 2024 13:07:45 +0000
ROA not before: Tue 02 Apr 2024 13:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.131.162.0/24 maxlen: 24
45.131.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:ec:39:35:ec:4a:5b:e1:b0:fe:53:b8:e4:52:d0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 2 13:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41ad6d9a8a8bf12158fc01bc25e4f20afd3944ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:66:29:b1:68:84:81:2c:62:11:0a:98:90:
9f:f3:4f:49:13:47:4b:0c:e9:eb:7d:bc:48:1d:57:
9e:f5:e3:f5:36:e7:68:37:9d:83:fd:9f:a5:69:c0:
44:a4:bd:93:31:da:93:8c:3e:44:c5:61:ef:1b:81:
11:97:31:32:70:70:28:0e:85:24:31:1f:55:27:89:
9a:06:64:15:82:5f:5f:fb:6c:e2:f5:bd:22:0c:d5:
bd:07:12:d3:1a:66:e4:9f:fc:47:b5:84:02:df:72:
5e:7c:bf:d2:4b:42:17:c9:12:5f:25:dd:53:d7:c0:
19:15:61:c4:42:3a:cf:3c:00:e8:fe:23:2e:b8:c8:
60:ed:c6:4d:ab:ab:67:e4:f0:a4:de:36:e2:58:fb:
77:93:d6:9b:da:41:c2:7d:22:58:20:18:1f:56:fe:
d5:26:50:af:e7:82:10:74:f1:37:79:a4:d8:31:8c:
f0:f1:39:72:70:3a:fb:b3:f9:81:94:4b:8f:86:0d:
2a:4d:6d:db:fc:32:38:f2:45:8b:af:d3:8a:54:dd:
a0:37:73:87:1c:e3:9d:33:5f:3e:ad:b6:ec:d1:3e:
68:6c:5b:c1:d3:0e:96:8b:64:d2:a3:36:bd:d8:e1:
95:15:06:85:c8:45:8b:40:28:b1:93:58:c4:c3:03:
47:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AD:6D:9A:8A:8B:F1:21:58:FC:01:BC:25:E4:F2:0A:FD:39:44:EA
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qa1tmoqL8SFY_AG8JeTyCv05ROo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.162.0/23
Signature Algorithm: sha256WithRSAEncryption
70:8e:be:72:8a:29:6a:53:00:c3:d7:d5:94:8b:1e:f1:79:8c:
a8:0e:2e:45:41:21:22:b5:a1:df:0a:03:e5:72:a8:16:c2:1f:
10:71:8f:ab:9a:55:8e:73:ef:72:a8:cd:fd:05:6b:dd:f4:7a:
e4:34:e2:92:12:d0:4e:fc:47:a2:2b:c0:f7:bd:40:ce:d0:e0:
26:6d:1e:d5:c0:66:77:f8:ca:b5:8e:3c:98:fb:33:e4:f4:71:
4a:1f:2e:64:6f:df:87:b0:cf:42:fc:78:a4:84:8d:1f:aa:a9:
ca:68:20:ff:ab:60:10:02:0b:0e:6d:03:3f:be:c4:37:b5:de:
ff:6d:59:38:60:62:69:6a:14:b5:25:25:2d:68:c9:5f:db:1a:
92:25:83:23:22:08:cc:81:b3:78:79:d5:21:4d:59:0a:a8:f3:
69:95:57:0c:3c:19:af:60:ad:6a:a1:ed:48:63:2a:57:c8:94:
48:e9:b3:69:42:a6:1a:25:a4:05:ea:3d:b2:20:98:74:1b:91:
d1:e5:06:11:18:67:66:be:3d:8d:1c:e3:d4:da:54:52:1d:c2:
f1:95:5f:7f:b7:46:84:01:64:7a:d5:66:5e:cc:b2:98:a8:a1:
de:e7:c2:e1:4e:a4:3c:e8:69:60:9e:46:ac:d0:51:5d:a7:74:
8e:8e:bf:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6e7Dk17Epb4bD+U7jkUtAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTMwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFkNmQ5YThhOGJmMTIxNThmYzAxYmMyNWU0ZjIwYWZkMzk0NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXxmKbFohIEsYhEKmJCf809JE0dL
DOnrfbxIHVee9eP1NudoN52D/Z+lacBEpL2TMdqTjD5ExWHvG4ERlzEycHAoDoUk
MR9VJ4maBmQVgl9f+2zi9b0iDNW9BxLTGmbkn/xHtYQC33JefL/SS0IXyRJfJd1T
18AZFWHEQjrPPADo/iMuuMhg7cZNq6tn5PCk3jbiWPt3k9ab2kHCfSJYIBgfVv7V
JlCv54IQdPE3eaTYMYzw8TlycDr7s/mBlEuPhg0qTW3b/DI48kWLr9OKVN2gN3OH
HOOdM18+rbbs0T5obFvB0w6Wi2TSoza92OGVFQaFyEWLQCixk1jEwwNH/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGtbZqKi/EhWPwBvCXk8gr9OUTqMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUWExdG1vcUw4U0ZZX0FHOEplVHlDdjA1Uk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYOiMA0G
CSqGSIb3DQEBCwUAA4IBAQBwjr5yiilqUwDD19WUix7xeYyoDi5FQSEitaHfCgPl
cqgWwh8QcY+rmlWOc+9yqM39BWvd9HrkNOKSEtBO/EeiK8D3vUDO0OAmbR7VwGZ3
+Mq1jjyY+zPk9HFKHy5kb9+HsM9C/HikhI0fqqnKaCD/q2AQAgsObQM/vsQ3td7/
bVk4YGJpahS1JSUtaMlf2xqSJYMjIgjMgbN4edUhTVkKqPNplVcMPBmvYK1qoe1I
YypXyJRI6bNpQqYaJaQF6j2yIJh0G5HR5QYRGGdmvj2NHOPU2lRSHcLxlV9/t0aE
AWR61WZezLKYqKHe58LhTqQ86Glgnkas0FFdp3SOjr8F
-----END CERTIFICATE-----
Generated at Mon May 6 13:07:31 2024 by rpki-client on console-ams.rpki-client.org