Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QL0F5_AYdvgZwCJ4OeiweRRbIf4.roa
File: QL0F5_AYdvgZwCJ4OeiweRRbIf4.roa (raw, json)
Hash identifier: u2D0yc0FcfItnZVOMtgDZMuEou/fmakcCM9sgRtQUCc=
Subject key identifier: 40:BD:05:E7:F0:18:76:F8:19:C0:22:78:39:E8:B0:79:14:5B:21:FE
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018FD2AA00E78F04B1EE9E983A9E15AA0D59
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QL0F5_AYdvgZwCJ4OeiweRRbIf4.roa
Signing time: Sat 01 Jun 2024 07:18:27 +0000
ROA not before: Sat 01 Jun 2024 07:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 45.91.21.0/24 maxlen: 24
45.92.228.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:aa:00:e7:8f:04:b1:ee:9e:98:3a:9e:15:aa:0d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 1 07:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40bd05e7f01876f819c0227839e8b079145b21fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c3:a1:2d:94:27:5a:90:cf:05:b7:7b:7b:d5:
8c:cb:0d:d1:ab:3e:cc:a5:0c:ef:b6:86:95:21:83:
a4:34:a9:f6:94:89:36:a4:8f:23:93:17:fc:4a:45:
eb:53:ca:fa:24:6a:cd:68:40:b1:a6:da:2b:f8:5b:
2c:27:ce:a5:8f:5a:8d:43:50:d7:b3:e1:1a:50:0a:
20:c4:07:94:c2:cf:8e:d8:37:ca:c9:52:7e:ff:99:
26:1b:55:55:92:e3:e7:28:00:44:ef:b6:38:fc:45:
2c:32:74:6d:69:58:6d:c3:3a:fc:fd:ad:0e:a0:dc:
33:e8:8c:ea:34:d2:80:8a:38:4e:25:85:ed:eb:c6:
50:3d:4d:4f:67:f0:29:c4:1e:9d:bb:7d:f0:79:4f:
27:9a:ac:4a:67:f3:16:57:92:bf:f0:c2:34:97:65:
7d:d0:aa:b1:87:cf:27:88:af:af:e1:36:fa:b6:54:
3e:a3:f8:9a:3d:78:04:41:1f:a1:a1:c2:13:12:dd:
76:58:f8:90:1d:39:7d:f1:62:a2:83:36:2d:07:9a:
a3:b6:59:3f:71:73:64:6f:f3:c4:0e:09:ca:aa:14:
1f:ef:9b:18:33:43:8b:be:2d:fc:81:f3:8f:6c:14:
fd:e7:88:70:25:a5:ec:22:90:12:65:25:8b:de:d8:
66:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BD:05:E7:F0:18:76:F8:19:C0:22:78:39:E8:B0:79:14:5B:21:FE
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/QL0F5_AYdvgZwCJ4OeiweRRbIf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.21.0/24
45.92.228.0/24
45.150.93.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d4:69:d5:43:51:fc:51:c2:c5:33:e9:97:4a:fb:6e:e1:30:
7f:77:db:f0:b4:f2:07:f0:26:4a:60:62:df:4b:5b:7d:41:9f:
b1:19:72:ba:96:ce:1c:8d:6c:98:c9:d2:ac:f5:80:8e:14:9d:
75:03:f7:69:1d:79:3e:dc:99:30:38:b1:e0:8b:33:2d:5f:83:
21:d9:23:28:16:84:91:1d:3c:a6:51:b8:2b:47:4b:85:7f:66:
4a:88:29:b1:be:e7:2e:d5:ad:47:a0:fa:85:bd:95:c3:5d:18:
29:2b:e3:64:f3:6e:5b:b0:9b:85:55:73:c3:fb:1d:e2:ab:41:
a1:3e:31:e4:7d:b4:a0:e6:78:f8:79:33:54:0d:e7:6b:f9:83:
8c:8a:db:da:a9:76:59:06:09:ef:ca:34:bd:77:fb:0b:fb:8c:
08:f1:1e:16:0c:38:49:2b:93:25:31:8a:64:d3:7b:77:78:42:
bd:92:96:25:15:72:58:fd:2e:b7:2f:76:7a:05:42:b6:dc:1e:
ab:6b:f7:19:dc:f8:95:d3:e8:02:6b:9a:88:5c:98:af:45:e6:
47:63:ed:6c:f5:ff:17:62:d2:85:b6:7c:34:f5:15:01:9f:2c:
9d:87:e8:82:55:64:42:9c:5a:65:a0:2b:1e:36:a8:56:f3:b1:
d4:2f:fe:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/SqgDnjwSx7p6YOp4Vqg1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNjAxMDcxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJkMDVlN2YwMTg3NmY4MTljMDIyNzgzOWU4YjA3OTE0NWIyMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscOhLZQnWpDPBbd7e9WMyw3Rqz7M
pQzvtoaVIYOkNKn2lIk2pI8jkxf8SkXrU8r6JGrNaECxptor+FssJ86lj1qNQ1DX
s+EaUAogxAeUws+O2DfKyVJ+/5kmG1VVkuPnKABE77Y4/EUsMnRtaVhtwzr8/a0O
oNwz6IzqNNKAijhOJYXt68ZQPU1PZ/ApxB6du33weU8nmqxKZ/MWV5K/8MI0l2V9
0Kqxh88niK+v4Tb6tlQ+o/iaPXgEQR+hocITEt12WPiQHTl98WKigzYtB5qjtlk/
cXNkb/PEDgnKqhQf75sYM0OLvi38gfOPbBT954hwJaXsIpASZSWL3thmKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEC9BefwGHb4GcAieDnosHkUWyH+MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUUwwRjVfQVlkdmdad0NKNE9laXdlUlJiSWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVsVAwQA
LVzkAwQALZZdMA0GCSqGSIb3DQEBCwUAA4IBAQAt1GnVQ1H8UcLFM+mXSvtu4TB/
d9vwtPIH8CZKYGLfS1t9QZ+xGXK6ls4cjWyYydKs9YCOFJ11A/dpHXk+3JkwOLHg
izMtX4Mh2SMoFoSRHTymUbgrR0uFf2ZKiCmxvucu1a1HoPqFvZXDXRgpK+Nk825b
sJuFVXPD+x3iq0GhPjHkfbSg5nj4eTNUDedr+YOMitvaqXZZBgnvyjS9d/sL+4wI
8R4WDDhJK5MlMYpk03t3eEK9kpYlFXJY/S63L3Z6BUK23B6ra/cZ3PiV0+gCa5qI
XJivReZHY+1s9f8XYtKFtnw09RUBnyydh+iCVWRCnFploCseNqhW87HUL/6d
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:05:48 2024 by rpki-client on console-fra.rpki-client.org