Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/QAQ5_RGz1X5KZrlialFNFcggi1Q.roa
File: QAQ5_RGz1X5KZrlialFNFcggi1Q.roa (raw, json)
Hash identifier: kT9laftQXMcFk99lX+Cy5bgXGCm8Q0VZPR1ILjg33bk=
Subject key identifier: 40:04:39:FD:11:B3:D5:7E:4A:66:B9:62:6A:51:4D:15:C8:20:8B:54
Certificate issuer: /CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
Certificate serial: 018CC94CFE9F3C64AF68269D430765BC84F8
Authority key identifier: 1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/QAQ5_RGz1X5KZrlialFNFcggi1Q.roa
Signing time: Tue 02 Jan 2024 08:31:55 +0000
ROA not before: Tue 02 Jan 2024 08:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208333
IP address blocks: 2001:4d78:f200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:fe:9f:3c:64:af:68:26:9d:43:07:65:bc:84:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c864813c0862e6b4756f8dfda8957c6aeac6654
Validity
Not Before: Jan 2 08:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=400439fd11b3d57e4a66b9626a514d15c8208b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:42:ef:89:24:b0:72:50:e5:0c:7c:83:97:
0e:df:9a:d9:74:82:b2:e7:75:1c:70:d0:78:f4:33:
ac:a9:b1:47:a2:2e:e5:23:67:e7:94:26:e9:6e:a3:
be:05:32:1e:e2:81:3c:fb:bd:a1:34:13:9c:81:e2:
a5:48:0c:9c:f5:f3:5f:cc:b4:38:b8:26:4b:a1:34:
53:d3:94:0b:23:d4:0f:e9:a3:c4:09:ef:62:50:1f:
f9:67:da:45:f3:3b:80:16:50:25:e0:08:18:2c:7e:
07:6e:c3:9c:f9:b2:fd:e5:89:e4:dc:25:0d:dc:35:
82:59:81:9b:98:fd:e9:69:14:29:73:2c:4f:8c:87:
d7:61:b8:d9:16:75:b8:28:86:6e:97:59:9c:de:fb:
f2:95:7b:40:e3:fe:36:e3:c8:90:c2:d0:79:76:9c:
40:a0:bb:40:7b:67:df:3f:0b:12:86:60:65:f6:64:
55:12:bf:f2:8f:be:3a:08:8d:c9:73:8a:80:18:c7:
1d:8f:2e:d8:a5:ec:8b:75:bc:39:f8:63:ef:d9:46:
66:ba:d8:c6:ae:1a:79:7a:c5:35:ed:5d:59:c8:44:
7d:63:ab:dd:ba:44:a4:bd:83:65:a8:e6:d1:13:c5:
e0:28:0d:6b:03:b2:d5:6e:d4:b2:3e:74:61:d4:01:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:04:39:FD:11:B3:D5:7E:4A:66:B9:62:6A:51:4D:15:C8:20:8B:54
X509v3 Authority Key Identifier:
keyid:1C:86:48:13:C0:86:2E:6B:47:56:F8:DF:DA:89:57:C6:AE:AC:66:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIZIE8CGLmtHVvjf2olXxq6sZlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/QAQ5_RGz1X5KZrlialFNFcggi1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/10393d-a030-4af5-8995-8f2d6684c814/1/HIZIE8CGLmtHVvjf2olXxq6sZlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4d78:f200::/40
Signature Algorithm: sha256WithRSAEncryption
8f:db:3f:3e:48:8f:19:31:65:ab:bd:ba:85:13:90:8f:b6:89:
19:15:0d:e3:93:77:64:b0:ee:49:da:d8:e1:8f:d5:96:2b:2b:
d9:9f:93:aa:1c:56:2e:dc:f9:b1:3a:57:84:9d:8e:0b:66:31:
06:24:b6:33:a0:1f:73:cb:91:57:6d:d8:97:1f:c3:46:26:16:
27:8c:13:87:67:7e:34:a3:e0:50:17:88:26:05:d6:bc:bc:d8:
62:92:0f:b6:99:80:09:f1:02:cf:0c:17:9b:b0:9f:98:1a:b6:
18:0c:fe:57:cb:ab:e3:7e:61:fc:38:ec:80:1d:55:e3:26:dc:
35:40:a1:3d:f3:e9:dc:3f:5b:e5:80:0c:6e:df:3d:75:bb:a2:
b6:09:66:54:33:71:db:c0:f9:78:87:7a:73:07:66:b6:60:93:
09:4e:02:af:ef:ff:fc:7b:e6:5a:d1:bf:e9:9b:ac:07:6f:a3:
8d:02:57:e0:ab:cc:bc:e1:cf:c5:71:6e:ab:0b:fd:66:5e:1b:
06:39:6a:7e:a9:8b:31:f0:d1:e4:ba:e6:33:42:24:47:b6:50:
09:90:16:83:25:90:08:2d:90:95:ea:ba:9d:ae:dc:04:c5:38:
95:fa:45:2d:46:cf:ca:3f:28:77:ff:d2:19:01:44:1f:16:c6:
71:db:b4:38
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTP6fPGSvaCadQwdlvIT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODY0ODEzYzA4NjJlNmI0NzU2ZjhkZmRhODk1N2M2YWVh
YzY2NTQwHhcNMjQwMTAyMDgzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA0MzlmZDExYjNkNTdlNGE2NmI5NjI2YTUxNGQxNWM4MjA4YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApThC74kksHJQ5Qx8g5cO35rZdIKy
53UccNB49DOsqbFHoi7lI2fnlCbpbqO+BTIe4oE8+72hNBOcgeKlSAyc9fNfzLQ4
uCZLoTRT05QLI9QP6aPECe9iUB/5Z9pF8zuAFlAl4AgYLH4HbsOc+bL95Ynk3CUN
3DWCWYGbmP3paRQpcyxPjIfXYbjZFnW4KIZul1mc3vvylXtA4/4248iQwtB5dpxA
oLtAe2ffPwsShmBl9mRVEr/yj746CI3Jc4qAGMcdjy7YpeyLdbw5+GPv2UZmutjG
rhp5esU17V1ZyER9Y6vdukSkvYNlqObRE8XgKA1rA7LVbtSyPnRh1AHClwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEAEOf0Rs9V+Sma5YmpRTRXIIItUMB8GA1UdIwQY
MBaAFByGSBPAhi5rR1b439qJV8aurGZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUt
OGYyZDY2ODRjODE0LzEvUUFRNV9SR3oxWDVLWnJsaWFsRk5GY2dnaTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xMDM5M2QtYTAzMC00YWY1LTg5OTUtOGYyZDY2ODRjODE0
LzEvSElaSUU4Q0dMbXRIVnZqZjJvbFh4cTZzWmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAIAFNePIw
DQYJKoZIhvcNAQELBQADggEBAI/bPz5IjxkxZau9uoUTkI+2iRkVDeOTd2Sw7kna
2OGP1ZYrK9mfk6ocVi7c+bE6V4SdjgtmMQYktjOgH3PLkVdt2Jcfw0YmFieME4dn
fjSj4FAXiCYF1ry82GKSD7aZgAnxAs8MF5uwn5gathgM/lfLq+N+Yfw47IAdVeMm
3DVAoT3z6dw/W+WADG7fPXW7orYJZlQzcdvA+XiHenMHZrZgkwlOAq/v//x75lrR
v+mbrAdvo40CV+CrzLzhz8VxbqsL/WZeGwY5an6pizHw0eS65jNCJEe2UAmQFoMl
kAgtkJXqup2u3ATFOJX6RS1Gz8o/KHf/0hkBRB8WxnHbtDg=
-----END CERTIFICATE-----
Generated at Sun Jun 2 14:53:23 2024 by rpki-client on console-fra.rpki-client.org