Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/QhprxYvdZjwi67Mb3W_zGibeP9E.roa
File: QhprxYvdZjwi67Mb3W_zGibeP9E.roa (raw, json)
Hash identifier: B8UMsxTFzLbZcFm9E4OvYNU7vUmNelU96/zyU++WF5E=
Subject key identifier: 42:1A:6B:C5:8B:DD:66:3C:22:EB:B3:1B:DD:6F:F3:1A:26:DE:3F:D1
Certificate issuer: /CN=949ffc318804f72ac11d2be2e2c19f166aed8704
Certificate serial: 018D5EC47D4B63170A78BE07CCF95A18FD88
Authority key identifier: 94:9F:FC:31:88:04:F7:2A:C1:1D:2B:E2:E2:C1:9F:16:6A:ED:87:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/QhprxYvdZjwi67Mb3W_zGibeP9E.roa
Signing time: Wed 31 Jan 2024 09:05:51 +0000
ROA not before: Wed 31 Jan 2024 09:05:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 45.13.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:c4:7d:4b:63:17:0a:78:be:07:cc:f9:5a:18:fd:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=949ffc318804f72ac11d2be2e2c19f166aed8704
Validity
Not Before: Jan 31 09:05:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=421a6bc58bdd663c22ebb31bdd6ff31a26de3fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d9:d1:39:05:95:39:bb:1a:a1:4c:72:9d:e8:
49:a7:16:b0:23:9b:cf:f4:74:50:82:6a:df:5a:26:
b8:ac:76:81:9b:63:68:d8:9a:62:00:18:9e:b0:c2:
c5:79:93:94:ad:af:c2:c6:b8:00:1f:d8:29:96:bc:
d4:76:3f:96:36:b3:67:2d:5d:cf:a6:e1:70:6d:29:
6e:4b:c6:5c:7d:f6:8e:89:4d:68:82:a1:90:51:23:
c6:90:58:e1:db:b9:6d:32:19:ef:34:40:15:43:6b:
70:d2:9c:c7:b9:bd:1a:e7:b9:8a:1c:5e:7a:61:27:
1f:22:7a:87:11:57:ef:df:da:af:bc:d3:34:b1:43:
41:31:d7:cc:b7:3f:63:ee:a6:bf:7a:9f:b2:d1:78:
40:e1:b4:46:a3:35:7c:22:bb:1c:ec:fd:b8:9f:df:
46:de:f3:1c:8f:dc:d5:c3:5e:71:a0:06:67:e6:8c:
4a:31:a0:bd:79:1a:ee:91:55:d0:c2:c3:04:35:5e:
76:ef:df:04:c4:f1:69:c2:b0:f1:ec:8a:de:e4:41:
1f:82:07:97:4a:bd:3f:0d:85:14:33:4f:b0:e1:36:
60:f0:7c:0a:72:24:15:76:07:01:b3:67:00:89:96:
0d:2b:ef:f2:d8:4e:69:a4:7c:7c:79:1f:36:39:fb:
44:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1A:6B:C5:8B:DD:66:3C:22:EB:B3:1B:DD:6F:F3:1A:26:DE:3F:D1
X509v3 Authority Key Identifier:
keyid:94:9F:FC:31:88:04:F7:2A:C1:1D:2B:E2:E2:C1:9F:16:6A:ED:87:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/QhprxYvdZjwi67Mb3W_zGibeP9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/10f538-7844-4e64-9e64-38e4a2ab2072/1/lJ_8MYgE9yrBHSvi4sGfFmrthwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.27.0/24
Signature Algorithm: sha256WithRSAEncryption
15:2b:bb:d9:28:9d:d4:e7:7c:cd:4a:03:de:37:85:c9:77:40:
22:8b:3e:be:33:9d:ac:d8:d6:92:b4:e9:2d:9e:03:28:b7:69:
d0:b4:07:b2:9e:34:7f:f4:2f:4e:df:bf:1f:c0:52:bb:44:f6:
ed:f8:70:ba:52:da:2e:6c:6a:ed:78:86:ca:fe:40:d4:e4:3e:
1f:08:3c:dd:a5:1e:46:b6:29:5d:29:71:f2:b0:dd:3b:3f:00:
87:f8:99:d3:36:14:b7:cc:3c:4f:2f:32:32:92:14:ad:8a:e1:
02:af:7e:23:89:24:79:44:5d:5c:cc:cc:54:24:15:60:0a:6e:
ac:55:4f:ba:0d:8a:b1:59:08:56:34:4e:f9:bd:4f:c2:dc:53:
d1:3f:ef:ff:cc:2a:0f:7a:a2:c4:0b:45:fc:cf:84:ee:f4:85:
59:ae:35:3a:42:6a:02:01:ed:06:d6:2f:a3:37:c3:8c:17:7c:
4e:2b:58:2f:24:72:19:36:71:ad:27:39:7a:d1:6d:d0:c0:fd:
5a:fa:05:d3:3e:0f:bf:3f:ef:dd:80:13:b0:4a:b4:8d:95:a6:
f7:eb:43:e6:51:08:9f:ff:9d:a4:2d:17:ec:28:c7:ae:70:4a:
1c:cc:19:48:8e:26:b4:89:fe:85:ff:3f:f1:9f:78:ba:6c:00:
00:04:25:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1exH1LYxcKeL4HzPlaGP2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OWZmYzMxODgwNGY3MmFjMTFkMmJlMmUyYzE5ZjE2NmFl
ZDg3MDQwHhcNMjQwMTMxMDkwNTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjFhNmJjNThiZGQ2NjNjMjJlYmIzMWJkZDZmZjMxYTI2ZGUzZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtnROQWVObsaoUxynehJpxawI5vP
9HRQgmrfWia4rHaBm2No2JpiABiesMLFeZOUra/CxrgAH9gplrzUdj+WNrNnLV3P
puFwbSluS8ZcffaOiU1ogqGQUSPGkFjh27ltMhnvNEAVQ2tw0pzHub0a57mKHF56
YScfInqHEVfv39qvvNM0sUNBMdfMtz9j7qa/ep+y0XhA4bRGozV8Irsc7P24n99G
3vMcj9zVw15xoAZn5oxKMaC9eRrukVXQwsMENV52798ExPFpwrDx7Ire5EEfggeX
Sr0/DYUUM0+w4TZg8HwKciQVdgcBs2cAiZYNK+/y2E5ppHx8eR82OftEfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIaa8WL3WY8IuuzG91v8xom3j/RMB8GA1UdIwQY
MBaAFJSf/DGIBPcqwR0r4uLBnxZq7YcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpfOE1ZZ0U5eXJCSFN2aTRzR2ZGbXJ0aHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8xMGY1MzgtNzg0NC00ZTY0LTllNjQt
MzhlNGEyYWIyMDcyLzEvUWhwcnhZdmRaandpNjdNYjNXX3pHaWJlUDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8xMGY1MzgtNzg0NC00ZTY0LTllNjQtMzhlNGEyYWIyMDcy
LzEvbEpfOE1ZZ0U5eXJCSFN2aTRzR2ZGbXJ0aHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ0bMA0G
CSqGSIb3DQEBCwUAA4IBAQAVK7vZKJ3U53zNSgPeN4XJd0Aiiz6+M52s2NaStOkt
ngMot2nQtAeynjR/9C9O378fwFK7RPbt+HC6UtoubGrteIbK/kDU5D4fCDzdpR5G
tildKXHysN07PwCH+JnTNhS3zDxPLzIykhStiuECr34jiSR5RF1czMxUJBVgCm6s
VU+6DYqxWQhWNE75vU/C3FPRP+//zCoPeqLEC0X8z4Tu9IVZrjU6QmoCAe0G1i+j
N8OMF3xOK1gvJHIZNnGtJzl60W3QwP1a+gXTPg+/P+/dgBOwSrSNlab360PmUQif
/52kLRfsKMeucEoczBlIjia0if6F/z/xn3i6bAAABCVv
-----END CERTIFICATE-----
Generated at Mon May 20 15:50:05 2024 by rpki-client on console-fra.rpki-client.org