Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/QkLyjSan_Ah_fesckd4LqSyPgfk.roa
File: QkLyjSan_Ah_fesckd4LqSyPgfk.roa (raw, json)
Hash identifier: ymTIWKGFTWO+20GWHBiAGFGeKKHl13LireTe8tZ6XD4=
Subject key identifier: 42:42:F2:8D:26:A7:FC:08:7F:7D:EB:1C:91:DE:0B:A9:2C:8F:81:F9
Certificate issuer: /CN=d999e5d64e44b1733c61737337ce82b4a6943a46
Certificate serial: 01901C1063896A3E916335CEC17348BCB36E
Authority key identifier: D9:99:E5:D6:4E:44:B1:73:3C:61:73:73:37:CE:82:B4:A6:94:3A:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Znl1k5EsXM8YXNzN86CtKaUOkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/QkLyjSan_Ah_fesckd4LqSyPgfk.roa
Signing time: Sat 15 Jun 2024 13:22:34 +0000
ROA not before: Sat 15 Jun 2024 13:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35760
IP address blocks: 87.101.16.0/20 maxlen: 21
87.101.16.0/21 maxlen: 21
87.101.24.0/21 maxlen: 21
91.196.12.0/23 maxlen: 24
91.196.12.0/24 maxlen: 24
91.196.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/2Znl1k5EsXM8YXNzN86CtKaUOkY.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/2Znl1k5EsXM8YXNzN86CtKaUOkY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Znl1k5EsXM8YXNzN86CtKaUOkY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:10:63:89:6a:3e:91:63:35:ce:c1:73:48:bc:b3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d999e5d64e44b1733c61737337ce82b4a6943a46
Validity
Not Before: Jun 15 13:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4242f28d26a7fc087f7deb1c91de0ba92c8f81f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:59:2a:45:e7:fd:04:0b:85:36:86:59:52:
c2:7c:09:25:90:be:80:45:50:4e:88:34:4c:d5:b0:
00:b3:2f:0d:ca:b6:ba:12:f3:29:8e:c9:2d:a1:e8:
9c:6d:b9:97:81:fb:12:0b:1c:2a:d3:48:84:45:93:
80:09:e8:bc:89:d8:08:0e:c2:e4:20:e5:38:1c:13:
e0:df:01:19:e7:85:ac:9a:0b:c7:de:c5:1a:0b:0b:
a6:1b:05:ec:24:42:99:c7:81:73:64:6c:7d:47:6c:
72:ce:04:27:cb:8b:08:d8:54:6a:c0:4a:87:3c:89:
97:6a:9a:ff:25:64:af:f0:b5:5d:c8:37:1a:53:f1:
ef:34:71:cc:84:5a:e5:35:13:ce:3d:db:5c:fa:9a:
41:49:7b:d6:cc:18:06:0e:c5:5f:b1:8b:2b:8f:e7:
61:dd:0b:b4:f7:9c:ab:d0:f8:e6:9d:ab:81:6b:f4:
d9:86:21:32:91:e1:fe:91:38:df:b2:d7:ad:48:c8:
81:03:02:2b:a9:a2:10:2a:41:df:7a:cd:0d:98:93:
5f:f7:50:12:88:bc:84:34:4c:bf:08:a9:9c:0a:86:
f1:27:38:c1:5d:95:0d:21:f1:31:eb:ba:9d:65:94:
a0:51:53:91:68:9f:04:ea:b4:68:16:74:a9:60:0c:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:42:F2:8D:26:A7:FC:08:7F:7D:EB:1C:91:DE:0B:A9:2C:8F:81:F9
X509v3 Authority Key Identifier:
keyid:D9:99:E5:D6:4E:44:B1:73:3C:61:73:73:37:CE:82:B4:A6:94:3A:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Znl1k5EsXM8YXNzN86CtKaUOkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/QkLyjSan_Ah_fesckd4LqSyPgfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f01f99-bc01-4b39-9362-9f47c7410d41/1/2Znl1k5EsXM8YXNzN86CtKaUOkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.101.16.0/20
91.196.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:41:7f:82:97:a3:1e:53:28:fc:3d:d2:91:5b:22:5b:2c:4a:
9d:be:2f:bf:15:07:07:9c:f6:39:06:cc:33:a7:79:89:3a:42:
b0:c9:c4:60:34:13:cc:fa:f9:5a:83:3c:2f:8c:6c:55:f2:d9:
09:de:12:ee:e1:3e:d0:39:8c:91:4b:bd:50:60:75:aa:4f:3e:
b5:53:ab:a1:31:de:b4:9b:8b:7e:a3:b4:00:18:b2:da:3a:ac:
34:7b:09:43:0f:0e:80:3b:a8:39:fb:bc:65:20:fe:82:45:93:
a4:3e:fb:e9:57:27:67:0e:4a:15:f7:29:f6:09:91:9b:55:35:
34:1e:83:84:73:15:07:bc:ed:45:f6:f1:d6:0b:0c:93:2c:a0:
14:47:72:9a:79:55:57:b6:a4:d3:d5:a4:45:f4:9f:d6:26:5f:
ef:85:2b:b7:47:a5:08:5e:26:f9:bd:bd:2d:55:ea:a1:6c:ca:
68:91:2f:7c:bb:e8:a9:9f:b6:a9:62:49:ac:a4:52:cf:6b:44:
ba:6b:5d:99:ea:47:da:ee:b5:9b:f7:84:b5:a7:45:cc:c8:21:
fd:9b:0d:11:95:bc:56:e1:1a:a4:54:b9:c3:9d:b5:84:d8:3f:
85:31:9e:35:5a:6c:12:3a:e1:80:d0:0a:f9:7f:68:d7:f5:2d:
61:61:c4:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAcEGOJaj6RYzXOwXNIvLNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTllNWQ2NGU0NGIxNzMzYzYxNzM3MzM3Y2U4MmI0YTY5
NDNhNDYwHhcNMjQwNjE1MTMyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQyZjI4ZDI2YTdmYzA4N2Y3ZGViMWM5MWRlMGJhOTJjOGY4MWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrNZKkXn/QQLhTaGWVLCfAklkL6A
RVBOiDRM1bAAsy8Nyra6EvMpjsktoeicbbmXgfsSCxwq00iERZOACei8idgIDsLk
IOU4HBPg3wEZ54WsmgvH3sUaCwumGwXsJEKZx4FzZGx9R2xyzgQny4sI2FRqwEqH
PImXapr/JWSv8LVdyDcaU/HvNHHMhFrlNRPOPdtc+ppBSXvWzBgGDsVfsYsrj+dh
3Qu095yr0PjmnauBa/TZhiEykeH+kTjfstetSMiBAwIrqaIQKkHfes0NmJNf91AS
iLyENEy/CKmcCobxJzjBXZUNIfEx67qdZZSgUVORaJ8E6rRoFnSpYAx0hwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEJC8o0mp/wIf33rHJHeC6ksj4H5MB8GA1UdIwQY
MBaAFNmZ5dZORLFzPGFzczfOgrSmlDpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpubDFrNUVzWE04WVhOek44NkN0S2FVT2tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMDFmOTktYmMwMS00YjM5LTkzNjIt
OWY0N2M3NDEwZDQxLzEvUWtMeWpTYW5fQWhfZmVzY2tkNExxU3lQZ2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMDFmOTktYmMwMS00YjM5LTkzNjItOWY0N2M3NDEwZDQx
LzEvMlpubDFrNUVzWE04WVhOek44NkN0S2FVT2tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEV2UQAwQB
W8QMMA0GCSqGSIb3DQEBCwUAA4IBAQAbQX+Cl6MeUyj8PdKRWyJbLEqdvi+/FQcH
nPY5Bswzp3mJOkKwycRgNBPM+vlagzwvjGxV8tkJ3hLu4T7QOYyRS71QYHWqTz61
U6uhMd60m4t+o7QAGLLaOqw0ewlDDw6AO6g5+7xlIP6CRZOkPvvpVydnDkoV9yn2
CZGbVTU0HoOEcxUHvO1F9vHWCwyTLKAUR3KaeVVXtqTT1aRF9J/WJl/vhSu3R6UI
Xib5vb0tVeqhbMpokS98u+ipn7apYkmspFLPa0S6a12Z6kfa7rWb94S1p0XMyCH9
mw0RlbxW4RqkVLnDnbWE2D+FMZ41WmwSOuGA0Ar5f2jX9S1hYcQj
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:35 2024 by rpki-client on console-fra.rpki-client.org