Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/Qa3EgRF0m_us83QixIsOvgHKfqA.roa
File: Qa3EgRF0m_us83QixIsOvgHKfqA.roa (raw, json)
Hash identifier: RiawXyg/f4Y5uV5qKPSu7rcetpZjlM8SZzjKigcoecM=
Subject key identifier: 41:AD:C4:81:11:74:9B:FB:AC:F3:74:22:C4:8B:0E:BE:01:CA:7E:A0
Certificate issuer: /CN=ff2df297db1af0376a5a2a72e698a7eb287af3af
Certificate serial: 018F29EF594E7E1B13B3B5BCE12CAFA4C3F9
Authority key identifier: FF:2D:F2:97:DB:1A:F0:37:6A:5A:2A:72:E6:98:A7:EB:28:7A:F3:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_y3yl9sa8DdqWipy5pin6yh6868.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/Qa3EgRF0m_us83QixIsOvgHKfqA.roa
Signing time: Mon 29 Apr 2024 12:58:22 +0000
ROA not before: Mon 29 Apr 2024 12:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43861
IP address blocks: 45.134.176.0/23 maxlen: 23
45.134.178.0/23 maxlen: 23
91.199.227.0/24 maxlen: 24
2a13:acc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/_y3yl9sa8DdqWipy5pin6yh6868.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/_y3yl9sa8DdqWipy5pin6yh6868.mft
rsync://rpki.ripe.net/repository/DEFAULT/_y3yl9sa8DdqWipy5pin6yh6868.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:ef:59:4e:7e:1b:13:b3:b5:bc:e1:2c:af:a4:c3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff2df297db1af0376a5a2a72e698a7eb287af3af
Validity
Not Before: Apr 29 12:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41adc48111749bfbacf37422c48b0ebe01ca7ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b0:f7:23:45:04:dd:61:0f:83:49:76:7b:3a:
6a:0a:50:70:38:e8:ac:ba:cf:b2:48:bf:40:79:c4:
6b:75:9a:35:a6:ee:36:01:75:02:de:3b:64:c6:dd:
c3:cb:f8:10:7a:af:2a:d8:12:60:87:6f:93:6c:c2:
b4:4f:cf:89:87:29:28:00:57:77:53:e4:24:8a:ef:
42:b4:61:72:2d:4f:6e:f7:30:36:1e:ad:cf:28:c9:
7c:a1:0b:1a:24:c0:ce:3d:8d:20:10:dd:a9:d6:0a:
74:2e:9f:c6:77:d0:f9:b5:97:66:4c:62:a5:37:93:
27:31:36:79:50:eb:fa:f9:45:cf:da:0b:ee:e6:16:
3f:0a:1c:6c:59:73:0a:ba:41:df:98:3a:0e:0e:47:
8c:3f:65:42:13:11:78:09:ab:8a:4a:dc:c1:48:78:
19:14:dc:60:a0:9b:16:d2:dc:46:f3:62:58:2b:f0:
cd:86:44:a5:7b:e2:ab:38:a0:80:47:92:6b:0c:91:
46:5f:f0:7f:35:fb:50:69:41:01:83:e1:e1:f2:8c:
04:fe:96:b4:7a:84:a7:a7:2d:6b:a0:9f:e4:c2:a5:
1a:ab:4d:eb:e7:db:e1:66:8f:eb:9f:7d:fb:07:63:
a7:ba:fc:d2:25:b3:ff:bc:8e:cd:e0:24:8f:24:4d:
47:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AD:C4:81:11:74:9B:FB:AC:F3:74:22:C4:8B:0E:BE:01:CA:7E:A0
X509v3 Authority Key Identifier:
keyid:FF:2D:F2:97:DB:1A:F0:37:6A:5A:2A:72:E6:98:A7:EB:28:7A:F3:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_y3yl9sa8DdqWipy5pin6yh6868.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/Qa3EgRF0m_us83QixIsOvgHKfqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/cd51e8-6594-4a58-bd57-01f28f4d49f6/1/_y3yl9sa8DdqWipy5pin6yh6868.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.176.0/22
91.199.227.0/24
IPv6:
2a13:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:8c:99:7d:64:cb:97:d4:42:fd:a8:e8:4d:5f:ed:9b:db:4b:
aa:05:3f:a9:bd:1a:8b:da:ba:b4:6c:62:45:bf:10:26:2d:6c:
8a:2f:a3:6d:35:fc:92:89:55:39:ab:61:13:6a:7a:4e:c6:df:
ef:39:d2:2b:af:3e:a7:34:ae:8d:c5:4e:b4:b6:3a:c0:54:db:
85:5c:75:17:55:fc:a1:e3:53:9a:eb:57:b5:6d:c7:49:22:80:
0f:bb:8f:af:72:a5:3a:de:87:8e:b0:51:ca:0d:bc:f1:3f:29:
98:95:58:1f:98:f5:a1:06:16:3d:c1:dd:53:c6:8a:4a:a7:dd:
6a:9f:0b:a7:e0:96:a0:d8:ec:ce:5f:f6:46:d2:e1:94:f9:f6:
85:76:d1:31:29:e4:4c:16:db:7c:28:f2:7d:d7:09:82:60:42:
2a:12:66:01:15:8e:fe:26:36:ae:b2:a9:38:33:f2:e1:ef:eb:
bc:2c:e3:e9:52:20:51:c3:07:0c:bf:70:e2:c7:d0:20:02:3e:
7e:c3:3b:ce:c5:b7:a8:ab:57:a2:68:67:04:87:a4:4e:98:d1:
35:a6:98:04:92:07:9a:8f:e5:62:96:40:e3:a2:c8:fc:c7:1c:
98:47:0d:19:44:70:17:60:ab:5b:0c:0b:98:a3:1d:f1:ec:3b:
39:a2:bc:bb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8p71lOfhsTs7W84SyvpMP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmRmMjk3ZGIxYWYwMzc2YTVhMmE3MmU2OThhN2ViMjg3
YWYzYWYwHhcNMjQwNDI5MTI1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWFkYzQ4MTExNzQ5YmZiYWNmMzc0MjJjNDhiMGViZTAxY2E3ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7D3I0UE3WEPg0l2ezpqClBwOOis
us+ySL9AecRrdZo1pu42AXUC3jtkxt3Dy/gQeq8q2BJgh2+TbMK0T8+JhykoAFd3
U+Qkiu9CtGFyLU9u9zA2Hq3PKMl8oQsaJMDOPY0gEN2p1gp0Lp/Gd9D5tZdmTGKl
N5MnMTZ5UOv6+UXP2gvu5hY/ChxsWXMKukHfmDoODkeMP2VCExF4CauKStzBSHgZ
FNxgoJsW0txG82JYK/DNhkSle+KrOKCAR5JrDJFGX/B/NftQaUEBg+Hh8owE/pa0
eoSnpy1roJ/kwqUaq03r59vhZo/rn337B2OnuvzSJbP/vI7N4CSPJE1HxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEGtxIERdJv7rPN0IsSLDr4Byn6gMB8GA1UdIwQY
MBaAFP8t8pfbGvA3aloqcuaYp+soevOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3kzeWw5c2E4RGRxV2lweTVwaW42eWg2ODY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jZDUxZTgtNjU5NC00YTU4LWJkNTct
MDFmMjhmNGQ0OWY2LzEvUWEzRWdSRjBtX3VzODNRaXhJc092Z0hLZnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jZDUxZTgtNjU5NC00YTU4LWJkNTctMDFmMjhmNGQ0OWY2
LzEvX3kzeWw5c2E4RGRxV2lweTVwaW42eWg2ODY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYawAwQA
W8fjMA0EAgACMAcDBQAqE6zAMA0GCSqGSIb3DQEBCwUAA4IBAQBOjJl9ZMuX1EL9
qOhNX+2b20uqBT+pvRqL2rq0bGJFvxAmLWyKL6NtNfySiVU5q2ETanpOxt/vOdIr
rz6nNK6NxU60tjrAVNuFXHUXVfyh41Oa61e1bcdJIoAPu4+vcqU63oeOsFHKDbzx
PymYlVgfmPWhBhY9wd1TxopKp91qnwun4Jag2OzOX/ZG0uGU+faFdtExKeRMFtt8
KPJ91wmCYEIqEmYBFY7+Jjausqk4M/Lh7+u8LOPpUiBRwwcMv3Dix9AgAj5+wzvO
xbeoq1eiaGcEh6ROmNE1ppgEkgeaj+VilkDjosj8xxyYRw0ZRHAXYKtbDAuYox3x
7Ds5ory7
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:17:19 2024 by rpki-client on console-ams.rpki-client.org