Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/Q1oBj9lpLdELhsPLLB3Fi_bq978.roa
File: Q1oBj9lpLdELhsPLLB3Fi_bq978.roa (raw, json)
Hash identifier: 4wlmZzWfXWsnZiGKzGQlPhz2a3Zs9wBvYfGI1O+WJyE=
Subject key identifier: 43:5A:01:8F:D9:69:2D:D1:0B:86:C3:CB:2C:1D:C5:8B:F6:EA:F7:BF
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018CC649F48180F8840FFB1C489072EF8679
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/Q1oBj9lpLdELhsPLLB3Fi_bq978.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52091
IP address blocks: 31.133.42.0/24 maxlen: 24
31.133.40.0/24 maxlen: 24
31.133.40.0/23 maxlen: 24
31.133.41.0/24 maxlen: 24
2a0d:df80::/31 maxlen: 31
2a0d:df80::/29 maxlen: 29
2a0d:df80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f4:81:80:f8:84:0f:fb:1c:48:90:72:ef:86:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=435a018fd9692dd10b86c3cb2c1dc58bf6eaf7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:49:bf:54:78:0f:30:d0:9d:ea:8a:d8:6d:
22:73:21:ce:42:87:43:0f:46:85:92:ba:fc:b2:5d:
18:08:01:16:76:66:2f:ca:af:e6:4e:a5:88:58:44:
db:1d:fa:76:12:ec:ef:dc:e0:4c:4a:f0:a9:2a:37:
3c:90:94:ca:fb:93:d0:6f:64:77:48:5c:86:3c:66:
d5:f3:e4:be:56:6f:02:69:02:33:db:1b:32:79:9a:
f3:72:b8:07:f0:11:50:a6:50:29:da:fd:5f:fc:d6:
8d:54:f2:da:71:ef:74:20:fa:2e:a1:7c:47:4f:6a:
02:2c:ad:3c:17:fa:1c:4b:3d:8c:ec:a8:83:ce:4e:
22:44:59:64:97:1d:0d:06:1f:6e:d9:80:7f:b2:ce:
a2:f8:02:94:11:e1:49:a4:99:e7:3d:3a:6c:55:5a:
02:18:16:49:2e:5b:40:fc:74:7c:da:34:e5:cb:36:
0a:83:df:f0:c8:45:cd:2c:07:72:ac:92:19:ff:57:
3a:24:ba:24:04:9b:c7:dc:d4:c9:b6:be:0d:db:31:
af:a9:04:81:c7:26:de:7c:10:f4:8b:7c:d5:21:c9:
f4:34:03:ab:4f:cc:34:71:90:73:08:2e:a9:75:8c:
22:68:6e:ca:67:90:c3:e0:02:81:26:94:8c:a0:0d:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5A:01:8F:D9:69:2D:D1:0B:86:C3:CB:2C:1D:C5:8B:F6:EA:F7:BF
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/Q1oBj9lpLdELhsPLLB3Fi_bq978.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.40.0-31.133.42.255
IPv6:
2a0d:df80::/29
Signature Algorithm: sha256WithRSAEncryption
3c:74:22:05:94:56:ba:6a:8e:e0:4e:06:4c:1e:03:99:2b:9a:
45:85:a3:2b:6d:1f:76:ee:05:87:55:2d:b5:ee:e7:10:95:ef:
f5:1a:61:eb:08:05:66:3c:4e:27:a4:13:f6:fd:47:5f:54:27:
ac:7a:39:e0:55:22:7f:df:c9:2b:bd:82:a3:bb:df:9e:e6:26:
72:32:8e:ea:1c:3e:87:94:4d:2c:de:37:13:fc:6b:4d:6a:2f:
15:92:cd:8e:41:eb:5a:ae:ce:35:45:3e:67:5c:67:ec:c8:49:
59:17:c6:5f:5a:26:46:56:20:ff:68:dc:4c:27:b4:50:bf:6e:
3f:2d:5a:20:66:d9:df:6b:84:c7:e3:2d:bd:80:ab:94:f2:99:
be:27:f7:bb:59:a5:81:ed:90:b4:0d:4d:9f:1e:e4:cf:8c:e1:
f2:88:62:ff:c4:ce:2c:e7:bb:66:d7:8f:50:bd:6c:aa:86:93:
4a:b1:04:61:18:ef:32:b7:5f:94:cd:e0:3a:b4:c0:56:25:71:
6d:b1:2a:8d:0a:7c:cd:0c:87:82:aa:c9:e2:26:78:88:66:98:
85:83:75:e7:c4:14:7f:af:66:5d:72:68:a6:fb:19:b2:05:ff:
2d:0a:0a:d8:b6:f2:25:d6:5b:6c:fb:af:30:8c:8e:69:da:8c:
3f:cc:92:8c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSfSBgPiED/scSJBy74Z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVhMDE4ZmQ5NjkyZGQxMGI4NmMzY2IyYzFkYzU4YmY2ZWFmN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUVJv1R4DzDQneqK2G0icyHOQodD
D0aFkrr8sl0YCAEWdmYvyq/mTqWIWETbHfp2Euzv3OBMSvCpKjc8kJTK+5PQb2R3
SFyGPGbV8+S+Vm8CaQIz2xsyeZrzcrgH8BFQplAp2v1f/NaNVPLace90IPouoXxH
T2oCLK08F/ocSz2M7KiDzk4iRFlklx0NBh9u2YB/ss6i+AKUEeFJpJnnPTpsVVoC
GBZJLltA/HR82jTlyzYKg9/wyEXNLAdyrJIZ/1c6JLokBJvH3NTJtr4N2zGvqQSB
xybefBD0i3zVIcn0NAOrT8w0cZBzCC6pdYwiaG7KZ5DD4AKBJpSMoA1eVwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFENaAY/ZaS3RC4bDyywdxYv26ve/MB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvUTFvQmo5bHBMZEVMaHNQTExCM0ZpX2JxOTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMfhSgD
BAAfhSowDQQCAAIwBwMFAyoN34AwDQYJKoZIhvcNAQELBQADggEBADx0IgWUVrpq
juBOBkweA5krmkWFoyttH3buBYdVLbXu5xCV7/UaYesIBWY8TiekE/b9R19UJ6x6
OeBVIn/fySu9gqO7357mJnIyjuocPoeUTSzeNxP8a01qLxWSzY5B61quzjVFPmdc
Z+zISVkXxl9aJkZWIP9o3EwntFC/bj8tWiBm2d9rhMfjLb2Aq5Tymb4n97tZpYHt
kLQNTZ8e5M+M4fKIYv/Eziznu2bXj1C9bKqGk0qxBGEY7zK3X5TN4Dq0wFYlcW2x
Ko0KfM0Mh4KqyeImeIhmmIWDdefEFH+vZl1yaKb7GbIF/y0KCti28iXWW2z7rzCM
jmnajD/Mkow=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:09 2024 by rpki-client on console-ams.rpki-client.org