Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/ql3We4QVrTrcgYEhzy2kg-DIxvk.roa
File: ql3We4QVrTrcgYEhzy2kg-DIxvk.roa (raw, json)
Hash identifier: +2S1iCIA3tqYmwDDO+fJRilI+hUr6M1vkn4uOvn1UyY=
Subject key identifier: AA:5D:D6:7B:84:15:AD:3A:DC:81:81:21:CF:2D:A4:83:E0:C8:C6:F9
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 018CC3B6A6BBDF7185D1F85B65CE6705C895
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/ql3We4QVrTrcgYEhzy2kg-DIxvk.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56781
IP address blocks: 2a10:ba87:ffc0::/44 maxlen: 44
2a10:ba87:ffe0::/44 maxlen: 44
2a10:ba87:ffa0::/44 maxlen: 44
2a10:ba87:ff80::/44 maxlen: 44
2a10:ba87:ff60::/44 maxlen: 44
2a10:ba87:ff40::/44 maxlen: 44
2a10:ba87:ff20::/44 maxlen: 44
2a10:ba87:ff00::/44 maxlen: 44
2a10:ba87:fff0::/44 maxlen: 44
2a10:ba87:ffd0::/44 maxlen: 44
2a10:ba87:ffb0::/44 maxlen: 44
2a10:ba87:ff90::/44 maxlen: 44
2a10:ba87:ff70::/44 maxlen: 44
2a10:ba87:ff50::/44 maxlen: 44
2a10:ba87:ff30::/44 maxlen: 44
2a10:ba87:ff10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a6:bb:df:71:85:d1:f8:5b:65:ce:67:05:c8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa5dd67b8415ad3adc818121cf2da483e0c8c6f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:39:a2:10:17:0d:c5:fd:8a:8f:ca:1e:73:69:
2f:af:6b:53:fc:c8:93:b8:87:84:2f:51:0d:11:1c:
3b:6c:4c:75:8f:25:89:b7:16:12:b7:61:4c:d4:99:
4e:69:14:50:dd:d9:21:12:a3:98:be:7c:3c:e3:26:
18:84:17:01:de:2f:88:e6:fe:45:a4:e6:66:3b:cd:
a5:c3:84:00:9b:43:28:f8:7b:78:3d:76:64:ac:20:
0c:7d:cb:4e:e5:5e:68:dd:4a:50:3b:1d:0c:01:19:
f1:cd:f9:fb:bf:68:a7:04:cc:77:c5:a2:bb:02:43:
c8:f6:f9:52:8d:ca:0f:70:8e:03:32:63:bd:00:37:
58:82:ab:e2:65:ad:fb:9e:ba:99:46:54:86:3b:34:
44:76:07:6a:c2:a4:5b:03:d7:a8:48:0e:3a:74:f6:
1a:09:bf:e1:14:c6:e1:c9:d0:07:36:74:f1:66:2e:
1c:56:86:f8:3f:ab:e0:b2:41:72:50:b7:94:fe:d5:
e2:ae:b6:90:f8:15:24:a1:34:ec:62:09:79:88:c1:
d5:91:a8:94:03:58:50:a7:c7:15:a6:6c:00:c8:03:
0c:68:97:ae:b9:74:e8:0b:47:ca:23:a0:39:70:84:
e1:6f:80:ad:73:10:76:77:ee:60:e2:c1:fb:65:db:
d1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5D:D6:7B:84:15:AD:3A:DC:81:81:21:CF:2D:A4:83:E0:C8:C6:F9
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/ql3We4QVrTrcgYEhzy2kg-DIxvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
78:7a:9e:d3:08:86:aa:c1:62:f7:4a:43:7f:68:25:78:54:6f:
99:81:69:3e:82:90:4e:6e:42:d8:a0:e2:84:1e:63:c6:c0:c7:
ec:eb:5b:a0:e9:63:6d:7d:b4:f6:f1:d1:6a:44:45:6c:35:31:
e0:78:79:9a:77:b7:9f:1c:5e:23:ca:4a:47:22:ff:15:59:84:
18:d3:51:78:33:d8:2f:b1:ec:49:8d:63:0e:8e:b6:dd:fc:2d:
b7:a5:43:44:e7:6f:c9:f9:6e:bb:f8:a8:67:fd:49:82:07:16:
92:d7:17:b6:71:e4:e7:46:1f:5e:3e:04:f8:e1:96:73:cc:22:
d8:6f:05:a3:71:2a:6f:e6:9c:63:48:df:e5:b2:4d:e0:a2:c6:
a1:37:b1:10:0b:7b:c9:bb:76:9b:bf:14:a6:19:f5:72:84:41:
67:99:72:29:8a:c1:6e:bc:31:5b:34:d0:f7:fc:1e:06:8b:65:
22:8b:be:3a:3a:68:db:f2:b7:04:a4:1b:af:6f:f9:7b:7d:08:
c6:93:15:ff:42:38:a6:c3:b3:09:e9:8c:2a:f8:07:fb:e7:66:
18:44:bb:63:f5:8f:df:dd:a9:88:20:c5:e4:61:94:e4:dd:94:
a3:f1:62:15:74:9c:eb:10:06:17:86:10:a0:de:e1:94:d8:d9:
41:a5:4c:de
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDtqa733GF0fhbZc5nBciVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVkZDY3Yjg0MTVhZDNhZGM4MTgxMjFjZjJkYTQ4M2UwYzhjNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjmiEBcNxf2Kj8oec2kvr2tT/MiT
uIeEL1ENERw7bEx1jyWJtxYSt2FM1JlOaRRQ3dkhEqOYvnw84yYYhBcB3i+I5v5F
pOZmO82lw4QAm0Mo+Ht4PXZkrCAMfctO5V5o3UpQOx0MARnxzfn7v2inBMx3xaK7
AkPI9vlSjcoPcI4DMmO9ADdYgqviZa37nrqZRlSGOzREdgdqwqRbA9eoSA46dPYa
Cb/hFMbhydAHNnTxZi4cVob4P6vgskFyULeU/tXirraQ+BUkoTTsYgl5iMHVkaiU
A1hQp8cVpmwAyAMMaJeuuXToC0fKI6A5cIThb4CtcxB2d+5g4sH7ZdvRXQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKpd1nuEFa063IGBIc8tpIPgyMb5MB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvcWwzV2U0UVZyVHJjZ1lFaHp5MmtnLURJeHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhC6h/8w
DQYJKoZIhvcNAQELBQADggEBAHh6ntMIhqrBYvdKQ39oJXhUb5mBaT6CkE5uQtig
4oQeY8bAx+zrW6DpY219tPbx0WpERWw1MeB4eZp3t58cXiPKSkci/xVZhBjTUXgz
2C+x7EmNYw6Ott38LbelQ0Tnb8n5brv4qGf9SYIHFpLXF7Zx5OdGH14+BPjhlnPM
IthvBaNxKm/mnGNI3+WyTeCixqE3sRALe8m7dpu/FKYZ9XKEQWeZcimKwW68MVs0
0Pf8HgaLZSKLvjo6aNvytwSkG69v+Xt9CMaTFf9COKbDswnpjCr4B/vnZhhEu2P1
j9/dqYggxeRhlOTdlKPxYhV0nOsQBheGEKDe4ZTY2UGlTN4=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:30:47 2024 by rpki-client on console-fra.rpki-client.org