Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/QnVJsrrYT_1VW0m5yoN3CMONfdg.roa
File: QnVJsrrYT_1VW0m5yoN3CMONfdg.roa (raw, json)
Hash identifier: 5khTHtvZyAwF3jSm3k8rWbH24Kh3oH0FCN1g/3ApYs8=
Subject key identifier: 42:75:49:B2:BA:D8:4F:FD:55:5B:49:B9:CA:83:77:08:C3:8D:7D:D8
Certificate issuer: /CN=8b515fbb31b30ca22d2f947c519ac471f02bb605
Certificate serial: 018CC50010BEB53A4EB7845B1B338A6737AD
Authority key identifier: 8B:51:5F:BB:31:B3:0C:A2:2D:2F:94:7C:51:9A:C4:71:F0:2B:B6:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i1FfuzGzDKItL5R8UZrEcfArtgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/QnVJsrrYT_1VW0m5yoN3CMONfdg.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206815
IP address blocks: 83.229.24.0/24 maxlen: 24
2a13:b280::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/i1FfuzGzDKItL5R8UZrEcfArtgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/i1FfuzGzDKItL5R8UZrEcfArtgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/i1FfuzGzDKItL5R8UZrEcfArtgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:10:be:b5:3a:4e:b7:84:5b:1b:33:8a:67:37:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b515fbb31b30ca22d2f947c519ac471f02bb605
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=427549b2bad84ffd555b49b9ca837708c38d7dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:46:86:20:4d:70:9c:55:c6:dd:bd:99:76:
38:30:7a:6a:56:68:58:54:85:75:58:f9:e5:fc:6c:
dd:d4:45:0b:84:db:8e:5b:a2:60:3b:dc:3c:6d:3e:
36:ef:e7:87:28:18:38:13:5f:ae:53:c6:ad:ae:0a:
43:9d:1b:70:14:90:43:8b:0d:6b:d2:f4:65:a1:16:
70:7f:b5:d9:f8:ac:dd:d4:34:2f:da:ff:86:92:df:
d2:37:ff:76:83:81:37:74:41:e5:86:0a:22:68:da:
4e:35:8b:8a:00:42:08:f5:39:ec:6e:45:3f:07:bd:
d0:06:54:90:b3:bc:90:58:66:e5:13:8d:34:5d:fd:
33:b7:79:a9:a5:87:d9:67:63:44:f8:59:18:7f:bd:
4e:a0:a5:43:14:8d:6d:1f:69:44:4c:33:5c:98:2f:
f9:90:54:b0:e8:6a:12:b9:19:02:ca:75:36:64:6c:
7a:d1:43:e9:3a:e1:d2:89:9c:d3:7f:14:6d:1c:17:
de:0d:0a:5f:a1:0f:a4:f0:7c:0f:5a:e1:30:ed:91:
a8:6b:b2:81:1b:68:74:75:3a:a3:69:5d:5d:b3:51:
89:e5:a4:34:e9:dc:29:e1:a2:92:fa:ed:b8:b1:ba:
a5:42:b3:4a:96:28:43:ae:17:a3:1e:e3:48:5d:e0:
bd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:75:49:B2:BA:D8:4F:FD:55:5B:49:B9:CA:83:77:08:C3:8D:7D:D8
X509v3 Authority Key Identifier:
keyid:8B:51:5F:BB:31:B3:0C:A2:2D:2F:94:7C:51:9A:C4:71:F0:2B:B6:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i1FfuzGzDKItL5R8UZrEcfArtgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/QnVJsrrYT_1VW0m5yoN3CMONfdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9dfa0f-18a4-42f6-b9d5-06a4655c6362/1/i1FfuzGzDKItL5R8UZrEcfArtgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.24.0/24
IPv6:
2a13:b280::/29
Signature Algorithm: sha256WithRSAEncryption
b4:f8:79:25:10:93:f5:1b:a8:85:28:ed:01:8c:9b:de:df:f3:
ec:11:bd:39:73:56:03:ad:49:20:7c:17:d2:74:e0:6f:84:93:
db:56:40:bd:60:d5:26:c5:d5:78:7c:f8:c7:4f:6b:14:a9:0c:
c5:64:b5:b2:83:9c:82:12:86:64:be:a3:e5:72:0e:1d:3d:aa:
fb:68:2a:a6:94:da:57:23:e8:40:93:8b:cb:95:d1:de:29:40:
d5:ca:76:b8:2c:4a:df:2e:b6:8f:61:be:88:06:fa:80:d7:fb:
26:88:3c:08:3c:54:d6:69:bf:fb:0b:4e:fa:5e:bf:71:cd:0c:
f1:d6:22:9b:a5:8b:c7:a8:4f:37:be:10:0d:25:55:6f:95:8b:
b3:47:38:d8:96:cf:c6:51:5e:bd:59:de:c0:34:ca:ad:4d:66:
e5:df:e5:ba:f1:ca:5c:36:1d:96:f0:0e:f0:d6:48:bc:ee:a3:
12:91:3d:85:f2:c6:4f:8d:16:96:2c:1e:15:37:d4:cc:a4:67:
52:30:ba:bb:01:ee:ec:fc:68:b8:10:e1:19:2f:01:1d:d0:e5:
c5:d9:89:9e:a7:65:04:4a:69:2b:f5:4f:19:fb:61:96:cf:d4:
e4:73:f4:d7:80:60:fc:36:18:84:fe:28:73:4f:8c:67:4b:ce:
96:90:dd:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFABC+tTpOt4RbGzOKZzetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNTE1ZmJiMzFiMzBjYTIyZDJmOTQ3YzUxOWFjNDcxZjAy
YmI2MDUwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc1NDliMmJhZDg0ZmZkNTU1YjQ5YjljYTgzNzcwOGMzOGQ3ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+hGhiBNcJxVxt29mXY4MHpqVmhY
VIV1WPnl/Gzd1EULhNuOW6JgO9w8bT427+eHKBg4E1+uU8atrgpDnRtwFJBDiw1r
0vRloRZwf7XZ+Kzd1DQv2v+Gkt/SN/92g4E3dEHlhgoiaNpONYuKAEII9TnsbkU/
B73QBlSQs7yQWGblE400Xf0zt3mppYfZZ2NE+FkYf71OoKVDFI1tH2lETDNcmC/5
kFSw6GoSuRkCynU2ZGx60UPpOuHSiZzTfxRtHBfeDQpfoQ+k8HwPWuEw7ZGoa7KB
G2h0dTqjaV1ds1GJ5aQ06dwp4aKS+u24sbqlQrNKlihDrhejHuNIXeC9HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJ1SbK62E/9VVtJucqDdwjDjX3YMB8GA1UdIwQY
MBaAFItRX7sxswyiLS+UfFGaxHHwK7YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTFGZnV6R3pES0l0TDVSOFVackVjZkFydGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZGZhMGYtMThhNC00MmY2LWI5ZDUt
MDZhNDY1NWM2MzYyLzEvUW5WSnNycllUXzFWVzBtNXlvTjNDTU9OZmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZGZhMGYtMThhNC00MmY2LWI5ZDUtMDZhNDY1NWM2MzYy
LzEvaTFGZnV6R3pES0l0TDVSOFVackVjZkFydGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAU+UYMA0E
AgACMAcDBQMqE7KAMA0GCSqGSIb3DQEBCwUAA4IBAQC0+HklEJP1G6iFKO0BjJve
3/PsEb05c1YDrUkgfBfSdOBvhJPbVkC9YNUmxdV4fPjHT2sUqQzFZLWyg5yCEoZk
vqPlcg4dPar7aCqmlNpXI+hAk4vLldHeKUDVyna4LErfLraPYb6IBvqA1/smiDwI
PFTWab/7C076Xr9xzQzx1iKbpYvHqE83vhANJVVvlYuzRzjYls/GUV69Wd7ANMqt
TWbl3+W68cpcNh2W8A7w1ki87qMSkT2F8sZPjRaWLB4VN9TMpGdSMLq7Ae7s/Gi4
EOEZLwEd0OXF2Ymep2UESmkr9U8Z+2GWz9Tkc/TXgGD8NhiE/ihzT4xnS86WkN31
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:21 2024 by rpki-client on console-fra.rpki-client.org