Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q_ZmpDwtjZmC_Fn-ovfVro2pM90.roa
File: q_ZmpDwtjZmC_Fn-ovfVro2pM90.roa (raw, json)
Hash identifier: 8MsN0k4U3Qva1FppUGyxWwRIBavmNPQGlQM1IiJViNI=
Subject key identifier: AB:F6:66:A4:3C:2D:8D:99:82:FC:59:FE:A2:F7:D5:AE:8D:A9:33:DD
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 01929C168E94E77096F6BA2EFE55DF6E0F62
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q_ZmpDwtjZmC_Fn-ovfVro2pM90.roa
Signing time: Thu 17 Oct 2024 20:06:16 +0000
ROA not before: Thu 17 Oct 2024 20:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:1380::/29 maxlen: 29
2a11:15c0::/29 maxlen: 29
2a11:34c0::/29 maxlen: 29
2a12:2740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:16:8e:94:e7:70:96:f6:ba:2e:fe:55:df:6e:0f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Oct 17 20:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abf666a43c2d8d9982fc59fea2f7d5ae8da933dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:f1:f5:d9:85:02:16:18:d2:99:04:2f:44:
25:74:b7:14:25:b9:16:bc:e4:8e:d1:30:e2:09:c4:
be:0d:da:aa:ff:f5:15:a6:ac:89:20:0f:2c:ad:cf:
b1:1a:b6:93:b5:6a:8e:53:aa:a6:65:69:66:48:c0:
ef:66:01:34:6c:f0:b9:18:6e:ac:dc:60:11:83:21:
33:da:4e:91:b6:b8:1d:20:89:33:3e:69:cb:c3:c2:
f1:cf:92:d0:71:72:83:93:8d:f4:c7:3e:db:56:67:
79:6b:2e:2b:4e:fb:d5:85:df:2b:8f:e9:39:20:91:
bd:77:16:11:16:85:62:a4:fe:a5:c9:f4:88:d1:fd:
2d:5b:2c:6c:86:db:e1:e1:8e:90:9a:fe:ac:a8:5c:
fb:9b:c1:cc:33:19:dd:b8:ad:1e:64:2d:88:c9:aa:
71:d0:fb:7e:2c:11:f4:bc:58:bf:3f:5a:2b:53:1f:
d7:59:39:b0:d9:45:84:6a:d7:dd:1c:34:d4:7c:fa:
c0:e6:ce:e3:02:45:00:bf:e9:4a:6f:43:35:6d:99:
93:0b:f4:7f:8f:f6:f3:3d:d6:9b:66:67:45:a4:7d:
ec:f8:f5:93:09:c4:a8:61:94:9f:52:56:33:af:da:
68:b4:ab:bb:43:13:00:80:23:a8:3a:e1:50:bb:05:
cf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F6:66:A4:3C:2D:8D:99:82:FC:59:FE:A2:F7:D5:AE:8D:A9:33:DD
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q_ZmpDwtjZmC_Fn-ovfVro2pM90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1380::/29
2a11:15c0::/29
2a11:34c0::/29
2a12:2740::/29
Signature Algorithm: sha256WithRSAEncryption
72:07:44:f2:6e:fa:b9:23:0e:79:ec:64:a2:d5:be:ba:1a:86:
16:2f:92:4e:5b:b8:ae:15:73:fa:eb:0a:c6:3a:24:52:b0:81:
f5:24:d0:18:d1:72:d9:1d:ea:de:ec:ef:a2:13:2b:d4:c1:03:
39:f6:be:80:38:c8:41:ef:24:87:01:d9:e2:58:36:c2:57:0e:
a4:56:5b:dd:96:3a:66:cd:17:96:7b:93:99:3b:9e:03:bc:cd:
cc:8c:3b:93:1a:a5:62:8d:dd:ed:c0:e9:62:ca:5b:cf:b8:c5:
ed:1b:99:3d:00:7f:ae:aa:d7:c6:79:22:81:b8:79:58:0d:14:
a9:02:fc:1d:19:14:4b:45:3f:be:a1:bf:0b:b7:4b:52:cc:3d:
29:57:78:83:a5:9c:07:be:03:2f:4d:5e:00:b4:b5:dd:fa:7e:
d6:3e:9b:65:67:00:c2:85:d3:61:08:00:4f:48:cf:05:cc:b3:
4f:43:cc:c6:06:3a:67:5e:a7:92:9a:d6:25:9d:9b:f5:80:5e:
f0:84:09:da:5e:22:35:ec:6b:c7:36:15:90:5e:a2:d6:52:a8:
16:0f:d7:42:7b:3e:ee:1b:22:9e:20:1b:86:23:1d:bb:75:87:
21:2b:6f:02:ce:6e:eb:a5:6d:9f:fd:6d:10:94:b2:14:c8:24:
7a:ea:eb:3e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKcFo6U53CW9rou/lXfbg9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQxMDE3MjAwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY2NjZhNDNjMmQ4ZDk5ODJmYzU5ZmVhMmY3ZDVhZThkYTkzM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCTx9dmFAhYY0pkEL0QldLcUJbkW
vOSO0TDiCcS+Ddqq//UVpqyJIA8src+xGraTtWqOU6qmZWlmSMDvZgE0bPC5GG6s
3GARgyEz2k6RtrgdIIkzPmnLw8Lxz5LQcXKDk430xz7bVmd5ay4rTvvVhd8rj+k5
IJG9dxYRFoVipP6lyfSI0f0tWyxshtvh4Y6Qmv6sqFz7m8HMMxnduK0eZC2Iyapx
0Pt+LBH0vFi/P1orUx/XWTmw2UWEatfdHDTUfPrA5s7jAkUAv+lKb0M1bZmTC/R/
j/bzPdabZmdFpH3s+PWTCcSoYZSfUlYzr9potKu7QxMAgCOoOuFQuwXPFQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKv2ZqQ8LY2ZgvxZ/qL31a6NqTPdMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvcV9abXBEd3RqWm1DX0ZuLW92ZlZybzJwTTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhETgAMF
AyoRFcADBQMqETTAAwUDKhInQDANBgkqhkiG9w0BAQsFAAOCAQEAcgdE8m76uSMO
eexkotW+uhqGFi+STlu4rhVz+usKxjokUrCB9STQGNFy2R3q3uzvohMr1MEDOfa+
gDjIQe8khwHZ4lg2wlcOpFZb3ZY6Zs0XlnuTmTueA7zNzIw7kxqlYo3d7cDpYspb
z7jF7RuZPQB/rqrXxnkigbh5WA0UqQL8HRkUS0U/vqG/C7dLUsw9KVd4g6WcB74D
L01eALS13fp+1j6bZWcAwoXTYQgAT0jPBcyzT0PMxgY6Z16nkprWJZ2b9YBe8IQJ
2l4iNexrxzYVkF6i1lKoFg/XQns+7hsiniAbhiMdu3WHIStvAs5u66Vtn/1tEJSy
FMgkeurrPg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:22:26 2024 by rpki-client on console-ams.rpki-client.org