Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/QkydehNPVYKnQtfj7bL9xnKq67E.roa
File: QkydehNPVYKnQtfj7bL9xnKq67E.roa (raw, json)
Hash identifier: 0R+3Ibh+YHdvGaQCjfbBuhF1XOFo0uaxO5oDDn0D88E=
Subject key identifier: 42:4C:9D:7A:13:4F:55:82:A7:42:D7:E3:ED:B2:FD:C6:72:AA:EB:B1
Certificate issuer: /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial: 018CC727114179E7A1CEDACFE83585769965
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/QkydehNPVYKnQtfj7bL9xnKq67E.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207139
IP address blocks: 185.169.115.0/24 maxlen: 24
2a01:8787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:11:41:79:e7:a1:ce:da:cf:e8:35:85:76:99:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=424c9d7a134f5582a742d7e3edb2fdc672aaebb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f4:12:8c:f4:54:b1:a2:f8:19:8e:ac:82:09:
e6:be:41:eb:66:59:d2:69:44:60:95:f4:8a:e2:39:
40:16:ad:ba:ea:6e:0e:11:c7:83:3e:77:99:4f:11:
e4:d0:a0:a1:bf:a3:23:79:6d:1f:ae:93:0e:21:30:
9e:f8:fa:40:6f:32:15:0f:35:f1:89:99:ba:4a:8d:
9f:44:da:cc:b6:be:45:77:97:1f:44:68:0c:e9:ac:
f6:c5:d0:4f:5e:b5:77:44:cd:89:cc:a8:66:6b:e5:
f1:8d:53:2d:c7:ba:25:20:4a:fb:5f:25:71:e1:fb:
f5:15:ca:c2:1f:cc:fb:c7:e3:4a:67:18:fc:87:b0:
f2:37:ea:f3:ba:0c:ea:20:fc:50:45:30:a4:35:28:
0b:cc:c2:f0:9d:f3:c4:d2:c5:f1:00:37:65:1a:a9:
6a:a2:03:4e:12:b6:60:8a:1c:a5:39:24:4e:4b:92:
b4:f1:14:0f:61:1a:1d:ef:0a:37:78:e9:6a:51:a8:
ea:ae:07:b6:ac:09:47:65:fe:ab:d9:39:cb:1b:e7:
b8:79:f3:e2:c9:a4:8d:ed:e2:5a:5b:13:00:22:f5:
1e:57:b2:31:0b:8e:ee:3f:ee:22:df:c6:e9:0a:8c:
5d:29:24:44:bb:a6:ab:7b:e2:bf:95:fd:7a:c0:41:
46:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4C:9D:7A:13:4F:55:82:A7:42:D7:E3:ED:B2:FD:C6:72:AA:EB:B1
X509v3 Authority Key Identifier:
keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/QkydehNPVYKnQtfj7bL9xnKq67E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.115.0/24
IPv6:
2a01:8787::/32
Signature Algorithm: sha256WithRSAEncryption
c3:21:19:fd:ef:9f:a8:20:5d:c5:0b:d1:bc:cb:4a:56:48:41:
eb:83:f9:6c:36:25:e2:b2:8b:ea:a4:a0:e6:40:88:ee:f8:96:
72:e7:19:b5:e7:f4:59:fc:c3:75:2c:5e:fd:82:3f:a0:ae:d2:
9b:38:5c:16:3b:7b:56:78:58:88:91:3a:05:e1:18:b1:fd:ff:
65:17:8e:31:ad:fc:c8:5f:c1:dd:83:83:59:15:c6:86:83:84:
3a:6c:8b:52:b5:84:2a:6d:e9:ae:24:6f:2a:f7:99:95:7b:96:
8e:f7:2c:ed:81:31:65:c3:f2:8f:53:ba:de:80:53:da:8b:15:
88:bc:7a:60:ee:95:7f:d4:36:e9:43:20:bc:41:01:bd:7d:62:
1b:de:64:87:c3:f6:75:74:99:7f:91:8a:ca:ec:1e:52:34:a8:
cd:0a:61:07:53:6b:63:c3:c8:3b:d6:39:06:db:a1:58:1d:a0:
30:da:2b:ad:63:ea:20:11:21:68:cb:00:6c:33:af:e3:2b:78:
f0:70:5f:80:a7:ae:a7:92:0a:a6:9a:a4:fc:52:1f:8c:91:8d:
f3:0a:c0:a7:4a:ab:7d:b8:f5:bd:94:24:1e:64:89:0a:fe:c4:
76:a6:ac:10:d7:60:8f:1f:17:9e:ff:d8:02:20:56:30:b7:e6:
d3:05:1f:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJxFBeeehztrP6DWFdpllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRjOWQ3YTEzNGY1NTgyYTc0MmQ3ZTNlZGIyZmRjNjcyYWFlYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvQSjPRUsaL4GY6sggnmvkHrZlnS
aURglfSK4jlAFq266m4OEceDPneZTxHk0KChv6MjeW0frpMOITCe+PpAbzIVDzXx
iZm6So2fRNrMtr5Fd5cfRGgM6az2xdBPXrV3RM2JzKhma+XxjVMtx7olIEr7XyVx
4fv1FcrCH8z7x+NKZxj8h7DyN+rzugzqIPxQRTCkNSgLzMLwnfPE0sXxADdlGqlq
ogNOErZgihylOSROS5K08RQPYRod7wo3eOlqUajqrge2rAlHZf6r2TnLG+e4efPi
yaSN7eJaWxMAIvUeV7IxC47uP+4i38bpCoxdKSREu6are+K/lf16wEFGFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJMnXoTT1WCp0LX4+2y/cZyquuxMB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvUWt5ZGVoTlBWWUtuUXRmajdiTDl4bktxNjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAualzMA0E
AgACMAcDBQAqAYeHMA0GCSqGSIb3DQEBCwUAA4IBAQDDIRn975+oIF3FC9G8y0pW
SEHrg/lsNiXisovqpKDmQIju+JZy5xm15/RZ/MN1LF79gj+grtKbOFwWO3tWeFiI
kToF4Rix/f9lF44xrfzIX8Hdg4NZFcaGg4Q6bItStYQqbemuJG8q95mVe5aO9yzt
gTFlw/KPU7regFPaixWIvHpg7pV/1DbpQyC8QQG9fWIb3mSHw/Z1dJl/kYrK7B5S
NKjNCmEHU2tjw8g71jkG26FYHaAw2iutY+ogESFoywBsM6/jK3jwcF+Ap66nkgqm
mqT8Uh+MkY3zCsCnSqt9uPW9lCQeZIkK/sR2pqwQ12CPHxee/9gCIFYwt+bTBR++
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:47:46 2024 by rpki-client on console-fra.rpki-client.org