Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/QzlGiWv7IOP17jhB5YJtotpK1IE.roa
File: QzlGiWv7IOP17jhB5YJtotpK1IE.roa (raw, json)
Hash identifier: D6A9W83Vd2ISppjp1kQCk5EAEzohA/4EEsTr6/ruVOI=
Subject key identifier: 43:39:46:89:6B:FB:20:E3:F5:EE:38:41:E5:82:6D:A2:DA:4A:D4:81
Certificate issuer: /CN=fa630c3d23c6046c2f1a7e0c8fccbd83e20ed4c7
Certificate serial: 018CC6499DBA54EC75A9EA948100E82092AC
Authority key identifier: FA:63:0C:3D:23:C6:04:6C:2F:1A:7E:0C:8F:CC:BD:83:E2:0E:D4:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/QzlGiWv7IOP17jhB5YJtotpK1IE.roa
Signing time: Mon 01 Jan 2024 18:29:22 +0000
ROA not before: Mon 01 Jan 2024 18:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3399
IP address blocks: 2001:678:5d8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:9d:ba:54:ec:75:a9:ea:94:81:00:e8:20:92:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa630c3d23c6046c2f1a7e0c8fccbd83e20ed4c7
Validity
Not Before: Jan 1 18:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=433946896bfb20e3f5ee3841e5826da2da4ad481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:7e:6a:ee:ad:cc:52:db:ac:b7:7d:f4:cf:
d6:d6:69:6f:27:b3:7f:78:90:8e:2f:c5:18:c3:a3:
d8:fd:f1:7d:69:24:2a:fb:05:b5:b5:7e:77:20:6f:
f3:67:c8:8b:4a:51:2d:9d:fa:67:96:b8:75:ae:e2:
cf:ed:31:49:08:81:d6:7e:69:99:71:fc:d6:a5:09:
1a:76:85:63:18:92:54:63:5e:b5:83:ba:3f:45:ea:
d8:65:a6:46:25:93:55:f5:ee:33:e9:41:cf:43:86:
a3:08:f1:f3:ab:1e:e6:8a:62:97:ef:de:66:fe:3a:
24:99:89:12:56:94:0c:db:4e:83:16:a1:00:c5:e1:
49:6c:11:a1:ab:ee:ae:3f:62:45:6a:49:13:fb:ce:
66:c7:ce:48:8e:fe:f2:34:06:01:fb:58:d8:7f:c4:
24:3f:3d:cf:b1:f2:17:f6:c5:d4:73:02:bd:5a:2b:
78:aa:2a:1d:a4:8b:51:66:57:8e:17:92:24:6b:b9:
4a:25:e3:60:2c:74:30:88:e8:6b:d9:60:97:c5:24:
d8:18:db:0b:66:f4:e9:29:91:7f:20:01:21:4a:bc:
f7:f3:c5:81:04:ef:ad:d3:e0:74:be:fd:9c:56:e1:
72:be:1e:e3:7e:36:a4:24:f2:e7:74:a0:74:c1:08:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:39:46:89:6B:FB:20:E3:F5:EE:38:41:E5:82:6D:A2:DA:4A:D4:81
X509v3 Authority Key Identifier:
keyid:FA:63:0C:3D:23:C6:04:6C:2F:1A:7E:0C:8F:CC:BD:83:E2:0E:D4:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/QzlGiWv7IOP17jhB5YJtotpK1IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5d8::/48
Signature Algorithm: sha256WithRSAEncryption
87:48:cc:c1:0b:fb:28:18:26:eb:44:16:45:b1:5d:2b:2a:ee:
f2:d2:5d:b2:ea:e8:c8:db:94:4f:a8:44:26:2f:e1:8b:c4:e5:
f8:de:10:9a:03:86:8e:aa:97:85:c4:c8:4d:f5:44:8d:2a:cb:
0e:49:88:18:ae:5d:e9:9f:f7:3c:6b:be:cf:f2:a8:45:c5:6d:
d0:d3:1c:85:33:08:3e:dd:a5:46:2a:8a:7c:25:0c:f4:23:fa:
9f:db:d0:eb:62:59:2e:e0:00:a3:d2:78:e7:0a:bc:04:8b:dd:
cc:51:32:b8:c3:4c:ed:4e:6d:65:a0:6d:29:36:d0:e2:a8:c6:
ae:41:f4:58:44:b9:e5:ed:76:0b:62:f2:4a:9c:7b:62:21:1b:
76:3a:89:a0:56:30:57:7d:c9:f0:e7:98:22:9a:5d:81:9d:b2:
b3:5d:a2:4b:69:2b:3e:9e:d0:23:7b:38:e4:6b:a5:d0:e0:be:
e2:cd:88:55:87:b3:27:d8:20:71:c8:34:af:68:b8:7d:75:45:
c3:e0:42:6d:ab:0f:fc:38:26:4c:5b:ab:e0:aa:a6:68:47:61:
e0:28:16:2e:ea:87:84:20:02:b1:1c:bb:60:0d:ca:98:f7:37:
40:0e:f0:00:2f:85:21:2e:5d:c3:55:38:43:c3:6c:d6:ed:d4:
0b:83:6a:fa
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzGSZ26VOx1qeqUgQDoIJKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjMwYzNkMjNjNjA0NmMyZjFhN2UwYzhmY2NiZDgzZTIw
ZWQ0YzcwHhcNMjQwMTAxMTgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM5NDY4OTZiZmIyMGUzZjVlZTM4NDFlNTgyNmRhMmRhNGFkNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2x+au6tzFLbrLd99M/W1mlvJ7N/
eJCOL8UYw6PY/fF9aSQq+wW1tX53IG/zZ8iLSlEtnfpnlrh1ruLP7TFJCIHWfmmZ
cfzWpQkadoVjGJJUY161g7o/RerYZaZGJZNV9e4z6UHPQ4ajCPHzqx7mimKX795m
/jokmYkSVpQM206DFqEAxeFJbBGhq+6uP2JFakkT+85mx85Ijv7yNAYB+1jYf8Qk
Pz3PsfIX9sXUcwK9Wit4qiodpItRZleOF5Ika7lKJeNgLHQwiOhr2WCXxSTYGNsL
ZvTpKZF/IAEhSrz388WBBO+t0+B0vv2cVuFyvh7jfjakJPLndKB0wQibWQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFEM5Rolr+yDj9e44QeWCbaLaStSBMB8GA1UdIwQY
MBaAFPpjDD0jxgRsLxp+DI/MvYPiDtTHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tTU1QU1BHQkd3dkduNE1qOHk5Zy1JTzFNYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNDlhZDk3LTIxZjEtNGNjOS1iNzc2
LThjYmVlNWEwMjdjMy8xL1F6bEdpV3Y3SU9QMTdqaEI1WUp0b3RwSzFJRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvNDlhZDk3LTIxZjEtNGNjOS1iNzc2LThjYmVlNWEwMjdj
My8xLzEtbU1NUFNQR0JHd3ZHbjRNajh5OWctSU8xTWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4
BdgwDQYJKoZIhvcNAQELBQADggEBAIdIzMEL+ygYJutEFkWxXSsq7vLSXbLq6Mjb
lE+oRCYv4YvE5fjeEJoDho6ql4XEyE31RI0qyw5JiBiuXemf9zxrvs/yqEXFbdDT
HIUzCD7dpUYqinwlDPQj+p/b0OtiWS7gAKPSeOcKvASL3cxRMrjDTO1ObWWgbSk2
0OKoxq5B9FhEueXtdgti8kqce2IhG3Y6iaBWMFd9yfDnmCKaXYGdsrNdoktpKz6e
0CN7OORrpdDgvuLNiFWHsyfYIHHINK9ouH11RcPgQm2rD/w4Jkxbq+CqpmhHYeAo
Fi7qh4QgArEcu2ANypj3N0AO8AAvhSEuXcNVOEPDbNbt1AuDavo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:56 2024 by rpki-client on console-ams.rpki-client.org