Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/qOQNiW2e6VHxtIQ-7AybVqdHiUA.roa
File: qOQNiW2e6VHxtIQ-7AybVqdHiUA.roa (raw, json)
Hash identifier: X9FjQBnG/omhDdqRcJuENB5gaV9SFO+GlH1W+uagdW4=
Subject key identifier: A8:E4:0D:89:6D:9E:E9:51:F1:B4:84:3E:EC:0C:9B:56:A7:47:89:40
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 018CC50033DA08215603404FEF86BA2DC459
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/qOQNiW2e6VHxtIQ-7AybVqdHiUA.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51305
IP address blocks: 128.127.93.0/24 maxlen: 24
2a00:10a0:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:33:da:08:21:56:03:40:4f:ef:86:ba:2d:c4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e40d896d9ee951f1b4843eec0c9b56a7478940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bb:d7:da:6d:e1:a4:bd:62:ef:1d:42:da:5a:
e2:69:1d:0c:91:22:16:ca:a0:36:6a:c0:6f:89:1e:
dd:a8:00:53:f4:96:0c:e2:4d:03:c4:be:47:a6:0f:
7f:9b:99:b2:09:bf:1f:9b:d3:98:6f:b2:09:cd:f9:
aa:eb:95:60:66:fe:bd:ea:02:0d:b9:c4:de:6a:f4:
31:66:c0:5a:2f:fe:ab:04:c3:da:a0:f4:a7:33:fd:
a0:6d:dc:33:da:d2:11:a5:9c:bc:4b:14:71:11:29:
8f:36:e5:49:c7:77:58:21:6e:cc:47:41:ad:da:f7:
17:c1:c3:ba:5b:5c:72:a1:14:60:97:a4:0d:4e:1f:
86:b6:ac:27:d0:67:09:a6:86:95:4f:61:6c:9c:cc:
d2:08:09:14:76:50:9e:c1:14:c1:58:ec:51:63:90:
58:4b:29:b1:7b:e6:eb:db:8b:6d:87:62:10:95:6e:
1d:68:8d:fa:5f:56:7a:a0:9a:e3:b8:7d:1a:2b:ab:
66:6a:f9:23:13:6b:85:e0:f9:66:ef:9c:d3:66:0f:
e9:bd:57:95:27:2b:d8:3b:ea:0e:ab:dd:dc:d6:0a:
3b:b3:26:67:38:7f:56:98:69:ae:cf:33:a1:67:f3:
51:db:3f:21:16:63:a4:a8:08:19:ae:be:b9:71:26:
5a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E4:0D:89:6D:9E:E9:51:F1:B4:84:3E:EC:0C:9B:56:A7:47:89:40
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/qOQNiW2e6VHxtIQ-7AybVqdHiUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.93.0/24
IPv6:
2a00:10a0:b::/48
Signature Algorithm: sha256WithRSAEncryption
6c:8f:e5:1e:7e:5d:a1:d4:f0:a1:d5:66:eb:00:2a:70:46:e3:
6e:83:64:21:14:a0:ac:1d:5a:2d:64:d8:b0:4d:f1:e8:76:a7:
dc:65:a7:b5:da:b9:81:3f:da:98:50:cf:fc:af:20:3e:14:13:
6a:13:76:37:88:38:62:52:2b:45:14:22:71:3f:4e:0b:d5:11:
f4:18:ca:22:96:d3:9f:32:f2:45:57:b3:9a:8e:1f:7a:38:b1:
ef:95:f4:16:90:e7:78:8e:de:f1:97:39:10:31:68:25:1a:8a:
a5:e4:19:f4:26:dc:ca:05:15:51:07:ed:19:83:95:f8:ff:9b:
5d:c1:54:e1:3b:2e:55:6e:6d:cd:a5:b0:19:c0:f0:e8:ec:bd:
fb:32:d7:b3:c8:91:08:ae:82:80:cf:c2:97:70:71:b6:12:0f:
eb:97:22:f7:a9:44:74:45:33:04:44:8e:1b:80:e0:7f:37:11:
77:ad:48:a1:01:b8:e8:1b:e3:c1:71:87:4b:5f:8f:14:1b:4c:
49:f0:83:7c:56:52:79:d8:f2:55:18:5f:5a:8f:4d:99:39:9e:
61:0c:f3:e9:14:6f:46:a6:48:d2:db:8b:bc:e0:6f:d6:47:29:
83:fa:27:e9:24:be:72:9a:14:95:45:c2:2b:0e:ec:92:d8:bc:
e7:7c:48:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFADPaCCFWA0BP74a6LcRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU0MGQ4OTZkOWVlOTUxZjFiNDg0M2VlYzBjOWI1NmE3NDc4OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bvX2m3hpL1i7x1C2lriaR0MkSIW
yqA2asBviR7dqABT9JYM4k0DxL5Hpg9/m5myCb8fm9OYb7IJzfmq65VgZv696gIN
ucTeavQxZsBaL/6rBMPaoPSnM/2gbdwz2tIRpZy8SxRxESmPNuVJx3dYIW7MR0Gt
2vcXwcO6W1xyoRRgl6QNTh+Gtqwn0GcJpoaVT2FsnMzSCAkUdlCewRTBWOxRY5BY
Symxe+br24tth2IQlW4daI36X1Z6oJrjuH0aK6tmavkjE2uF4Plm75zTZg/pvVeV
JyvYO+oOq93c1go7syZnOH9WmGmuzzOhZ/NR2z8hFmOkqAgZrr65cSZa+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjkDYltnulR8bSEPuwMm1anR4lAMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvcU9RTmlXMmU2Vkh4dElRLTdBeWJWcWRIaVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAgH9dMA8E
AgACMAkDBwAqABCgAAswDQYJKoZIhvcNAQELBQADggEBAGyP5R5+XaHU8KHVZusA
KnBG426DZCEUoKwdWi1k2LBN8eh2p9xlp7XauYE/2phQz/yvID4UE2oTdjeIOGJS
K0UUInE/TgvVEfQYyiKW058y8kVXs5qOH3o4se+V9BaQ53iO3vGXORAxaCUaiqXk
GfQm3MoFFVEH7RmDlfj/m13BVOE7LlVubc2lsBnA8Ojsvfsy17PIkQiugoDPwpdw
cbYSD+uXIvepRHRFMwREjhuA4H83EXetSKEBuOgb48Fxh0tfjxQbTEnwg3xWUnnY
8lUYX1qPTZk5nmEM8+kUb0amSNLbi7zgb9ZHKYP6J+kkvnKaFJVFwisO7JLYvOd8
SJA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:26 2024 by rpki-client on console-ams.rpki-client.org