Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QvgrDPP52tirzVaoRRmacqQvfdU.roa
File: QvgrDPP52tirzVaoRRmacqQvfdU.roa (raw, json)
Hash identifier: apzYdHkYAcpeL2ykFi8nbsXg1GaNB7F173ABlB3sb0w=
Subject key identifier: 42:F8:2B:0C:F3:F9:DA:D8:AB:CD:56:A8:45:19:9A:72:A4:2F:7D:D5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3496191FA845BCB3D163282786693C6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QvgrDPP52tirzVaoRRmacqQvfdU.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211373
IP address blocks: 81.168.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Dec 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:61:91:fa:84:5b:cb:3d:16:32:82:78:66:93:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42f82b0cf3f9dad8abcd56a845199a72a42f7dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:36:a9:91:11:b5:08:18:68:84:b5:5b:d8:e6:
de:f3:2d:aa:ec:4f:a1:90:27:48:5f:18:6d:64:a7:
92:d5:8c:f9:bf:14:08:2b:d0:34:19:36:50:64:9b:
6d:d0:95:68:ab:11:71:19:06:c8:4d:f8:f1:44:a1:
54:dc:7a:25:a8:aa:7f:0a:a4:ea:e5:01:02:04:cb:
82:f4:e1:75:37:88:97:d3:52:a4:17:25:89:57:8f:
be:e6:55:02:ab:ca:fa:77:94:6b:97:b8:d9:8d:b8:
65:e6:be:55:ab:b9:d2:77:fe:44:2c:52:0b:b7:fa:
2c:3a:8f:9d:3b:37:d7:6d:38:89:47:71:41:93:19:
98:af:a5:66:ec:99:de:c1:d1:85:2a:cd:90:1e:94:
53:72:5b:88:86:69:8d:f4:91:6f:e9:e4:85:19:0e:
fc:5c:47:61:d1:55:d3:5b:db:2c:d8:f2:d0:e6:1c:
6d:d2:4a:f7:87:ba:7e:c1:c3:4a:22:db:f6:f6:b4:
93:73:8f:a2:64:3a:40:6f:7e:e2:1a:dc:de:90:ac:
6c:a8:79:59:18:69:aa:05:b3:fc:74:af:10:7c:8b:
ae:5d:07:6f:08:35:69:d1:9f:89:3c:f1:8b:97:da:
7e:e3:49:42:15:43:ad:c9:1a:22:98:55:08:73:86:
b5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F8:2B:0C:F3:F9:DA:D8:AB:CD:56:A8:45:19:9A:72:A4:2F:7D:D5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QvgrDPP52tirzVaoRRmacqQvfdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.117.0/24
Signature Algorithm: sha256WithRSAEncryption
36:54:f5:13:07:c9:94:24:ab:fe:ac:c2:45:60:77:f7:35:7d:
b5:68:38:06:17:d8:74:93:e7:49:4c:f9:93:0c:91:cc:68:0d:
6b:62:13:00:ba:14:d3:8b:bb:ea:57:61:48:8e:78:66:8c:21:
a4:f7:e1:f3:b1:21:a4:2d:a2:d5:be:4b:a7:cd:b4:da:81:13:
f8:92:0b:99:f8:08:2f:3a:36:fb:4d:e2:2d:bd:bc:f8:91:a4:
fb:22:23:0a:5c:63:2a:65:24:16:fc:f5:7b:fb:89:f7:6a:f0:
24:86:31:bb:ba:82:c9:3f:53:d5:b9:88:4c:ab:14:02:95:df:
20:48:93:9f:61:6a:60:cc:93:a4:c4:23:6a:db:ad:6f:6d:8f:
e9:ba:0a:dd:c1:cd:89:cd:2a:53:61:ea:9b:ab:3e:7e:bd:51:
be:52:c4:f6:fd:34:dd:6f:c8:ff:d7:a3:c0:0c:b9:cf:1c:bd:
6d:70:7f:d2:f4:49:4d:93:41:53:4a:71:a7:9a:60:5b:a7:b5:
92:d0:82:8f:63:9c:0c:78:e8:6c:b5:4b:f9:c1:53:18:27:0e:
fe:9a:c7:17:a2:16:5b:29:bc:97:5a:00:ae:8d:e8:f8:f4:73:
24:f5:64:3d:57:a8:18:00:32:97:d9:a2:fe:15:69:16:cc:cd:
8a:6d:5b:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWGR+oRbyz0WMoJ4ZpPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY4MmIwY2YzZjlkYWQ4YWJjZDU2YTg0NTE5OWE3MmE0MmY3ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljapkRG1CBhohLVb2Obe8y2q7E+h
kCdIXxhtZKeS1Yz5vxQIK9A0GTZQZJtt0JVoqxFxGQbITfjxRKFU3HolqKp/CqTq
5QECBMuC9OF1N4iX01KkFyWJV4++5lUCq8r6d5Rrl7jZjbhl5r5Vq7nSd/5ELFIL
t/osOo+dOzfXbTiJR3FBkxmYr6Vm7JnewdGFKs2QHpRTcluIhmmN9JFv6eSFGQ78
XEdh0VXTW9ss2PLQ5hxt0kr3h7p+wcNKItv29rSTc4+iZDpAb37iGtzekKxsqHlZ
GGmqBbP8dK8QfIuuXQdvCDVp0Z+JPPGLl9p+40lCFUOtyRoimFUIc4a1XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEL4Kwzz+drYq81WqEUZmnKkL33VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUXZnckRQUDUydGlyelZhb1JSbWFjcVF2ZmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQA2VPUTB8mUJKv+rMJFYHf3NX21aDgGF9h0k+dJTPmT
DJHMaA1rYhMAuhTTi7vqV2FIjnhmjCGk9+HzsSGkLaLVvkunzbTagRP4kguZ+Agv
Ojb7TeItvbz4kaT7IiMKXGMqZSQW/PV7+4n3avAkhjG7uoLJP1PVuYhMqxQCld8g
SJOfYWpgzJOkxCNq261vbY/pugrdwc2JzSpTYeqbqz5+vVG+UsT2/TTdb8j/16PA
DLnPHL1tcH/S9ElNk0FTSnGnmmBbp7WS0IKPY5wMeOhstUv5wVMYJw7+mscXohZb
KbyXWgCujej49HMk9WQ9V6gYADKX2aL+FWkWzM2KbVvo
-----END CERTIFICATE-----
Generated at Fri Dec 13 18:25:21 2024 by rpki-client on console-fra.rpki-client.org