Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/QLLFNY9dw_Wy66559QZnqUXKsEo.roa
File: QLLFNY9dw_Wy66559QZnqUXKsEo.roa (raw, json)
Hash identifier: ypLqCNUpoGXNOUyDCtbH2GtiqL/yeTOCS0NW650GdLU=
Subject key identifier: 40:B2:C5:35:8F:5D:C3:F5:B2:EB:AE:79:F5:06:67:A9:45:CA:B0:4A
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0192E7F71202BA30CC3B634E46C0CE90EE1A
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/QLLFNY9dw_Wy66559QZnqUXKsEo.roa
Signing time: Fri 01 Nov 2024 13:43:01 +0000
ROA not before: Fri 01 Nov 2024 13:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211318
IP address blocks: 2a07:4a00::/29 maxlen: 29
2a0b:a280::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:f7:12:02:ba:30:cc:3b:63:4e:46:c0:ce:90:ee:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Nov 1 13:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b2c5358f5dc3f5b2ebae79f50667a945cab04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:69:27:6d:9a:cf:fc:2b:3b:62:ed:a5:cd:72:
ef:d8:09:38:7f:d8:25:f7:2b:ec:b4:e4:f2:c8:01:
7a:b8:db:9f:1f:56:4a:ce:92:d1:d5:a5:fd:16:c9:
cc:cd:18:d1:39:dd:ef:1f:38:e8:30:c0:5a:9e:97:
35:82:7c:a4:a1:02:17:92:b1:10:df:35:23:b3:3a:
aa:3f:38:37:3c:14:4a:6e:86:3d:de:e6:5e:ec:df:
e0:07:b9:a9:43:5a:fb:16:86:e6:5e:dc:16:82:9a:
4d:82:a7:55:f1:5e:87:1f:df:70:f1:f4:67:37:9f:
2c:d4:bc:13:ef:ae:3e:fa:7c:56:62:4a:fa:55:bf:
d6:57:fc:2b:4d:74:12:ee:52:47:b0:f4:38:28:15:
bd:ae:68:15:17:f4:17:7a:44:2e:da:2a:c3:6f:49:
89:58:21:7c:f4:35:91:d4:7c:7a:3a:92:26:5b:72:
fe:b6:2b:28:f6:7d:14:76:06:5f:84:b2:d6:fa:c4:
29:3a:11:ce:ed:6a:9d:05:b6:ad:87:c3:62:b0:01:
97:1b:33:7a:c9:72:f5:f0:94:86:3c:f6:de:e8:6d:
37:92:5d:2d:df:1a:78:c3:56:55:35:b7:ed:80:42:
9b:30:67:5d:28:dc:bb:20:3e:6a:c3:22:82:c2:0a:
c0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B2:C5:35:8F:5D:C3:F5:B2:EB:AE:79:F5:06:67:A9:45:CA:B0:4A
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/QLLFNY9dw_Wy66559QZnqUXKsEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:4a00::/29
2a0b:a280::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
Signature Algorithm: sha256WithRSAEncryption
00:00:8e:da:1a:0e:b4:34:e1:ed:3e:70:41:af:db:d6:90:7d:
43:cb:4b:3d:7e:54:e8:d0:2d:4c:3c:f4:03:f6:6e:36:35:91:
5b:3e:f3:6f:14:0f:17:e5:d9:ae:47:a8:44:d2:b2:48:df:6e:
af:cf:a7:5e:d4:49:db:7b:02:88:38:47:09:68:5f:55:c2:aa:
5f:ed:db:51:9d:92:be:60:f2:a5:73:f1:3d:72:89:39:85:e9:
38:e1:ba:15:c9:32:26:ce:05:af:82:23:dd:15:b9:f6:c7:d0:
cc:f2:04:a9:b2:47:b4:ce:e5:15:eb:ad:f7:4b:9c:00:67:4c:
91:ed:1a:ab:b9:49:18:ef:b9:ed:22:a2:94:8b:95:e0:ad:56:
1f:f6:59:6f:d6:aa:7d:9f:33:21:6d:19:b8:a8:6d:9f:f2:30:
0e:f3:a6:86:91:54:70:5a:49:43:2d:4c:e2:6c:0b:86:40:8d:
61:7c:c5:bd:8c:5b:f9:9b:d4:a3:2f:82:f1:ed:b9:6a:da:ae:
80:51:6c:8a:e0:70:7b:eb:5b:c0:f4:a2:b9:1e:a3:68:30:1e:
d9:76:5a:0e:9e:33:b5:67:5e:c0:eb:06:22:fd:ad:2c:c3:74:
55:c0:e3:93:57:88:21:80:ee:af:51:78:cc:14:28:f5:41:90:
db:5d:5a:4a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZLn9xICujDMO2NORsDOkO4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMTAxMTM0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIyYzUzNThmNWRjM2Y1YjJlYmFlNzlmNTA2NjdhOTQ1Y2FiMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2knbZrP/Cs7Yu2lzXLv2Ak4f9gl
9yvstOTyyAF6uNufH1ZKzpLR1aX9FsnMzRjROd3vHzjoMMBanpc1gnykoQIXkrEQ
3zUjszqqPzg3PBRKboY93uZe7N/gB7mpQ1r7FobmXtwWgppNgqdV8V6HH99w8fRn
N58s1LwT764++nxWYkr6Vb/WV/wrTXQS7lJHsPQ4KBW9rmgVF/QXekQu2irDb0mJ
WCF89DWR1Hx6OpImW3L+tiso9n0UdgZfhLLW+sQpOhHO7WqdBbath8NisAGXGzN6
yXL18JSGPPbe6G03kl0t3xp4w1ZVNbftgEKbMGddKNy7ID5qwyKCwgrA/QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFECyxTWPXcP1suuuefUGZ6lFyrBKMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvUUxMRk5ZOWR3X1d5NjY1NTlRWm5xVVhLc0VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgdKAAMF
AyoLooADBQMqC6MAAwUDKgx0QAMFAyoMdMADBQMqDHVAAwUDKg0swAMFAyoNiMAD
BQMqDxGAAwUDKg8jgDANBgkqhkiG9w0BAQsFAAOCAQEAAACO2hoOtDTh7T5wQa/b
1pB9Q8tLPX5U6NAtTDz0A/ZuNjWRWz7zbxQPF+XZrkeoRNKySN9ur8+nXtRJ23sC
iDhHCWhfVcKqX+3bUZ2SvmDypXPxPXKJOYXpOOG6FckyJs4Fr4Ij3RW59sfQzPIE
qbJHtM7lFeut90ucAGdMke0aq7lJGO+57SKilIuV4K1WH/ZZb9aqfZ8zIW0ZuKht
n/IwDvOmhpFUcFpJQy1M4mwLhkCNYXzFvYxb+ZvUoy+C8e25atqugFFsiuBwe+tb
wPSiuR6jaDAe2XZaDp4ztWdewOsGIv2tLMN0VcDjk1eIIYDur1F4zBQo9UGQ211a
Sg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:33 2024 by rpki-client on console-ams.rpki-client.org