Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/QBcmMBpfcIn9fSN46fXg-fB3fm8.roa
File: QBcmMBpfcIn9fSN46fXg-fB3fm8.roa (raw, json)
Hash identifier: BIrVS6+yDwfVb1NN7kX8tCxyswJ7TZYWuVICnphEalw=
Subject key identifier: 40:17:26:30:1A:5F:70:89:FD:7D:23:78:E9:F5:E0:F9:F0:77:7E:6F
Certificate issuer: /CN=049d4f66598668079353721c21935a00319f6759
Certificate serial: 018CC424B2929F3A924A598B325114E07F7E
Authority key identifier: 04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/QBcmMBpfcIn9fSN46fXg-fB3fm8.roa
Signing time: Mon 01 Jan 2024 08:29:48 +0000
ROA not before: Mon 01 Jan 2024 08:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 2a11:7400:d1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:b2:92:9f:3a:92:4a:59:8b:32:51:14:e0:7f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=049d4f66598668079353721c21935a00319f6759
Validity
Not Before: Jan 1 08:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=401726301a5f7089fd7d2378e9f5e0f9f0777e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2e:5d:8e:c4:14:cb:9f:3c:cd:ee:8a:3f:56:
6a:1f:4b:49:83:3f:19:0a:7e:32:e5:96:d2:ad:7b:
53:f2:9e:0d:94:e4:c8:26:29:81:86:81:55:72:ad:
bd:91:f8:44:22:cd:76:48:ce:dd:f2:83:7e:5b:5e:
d5:86:ae:4c:d9:be:b2:bf:63:b8:82:32:be:b6:c1:
22:bd:52:21:62:4a:17:35:52:16:f0:fc:86:1d:00:
13:f3:d9:72:66:68:ce:23:c3:33:f7:96:81:83:1b:
f2:bd:56:e3:8d:60:b9:79:39:e6:97:b6:59:f2:88:
f5:34:a2:c5:0b:25:96:00:34:fc:23:4b:70:75:6c:
82:17:d2:d3:96:3e:21:2d:17:ce:12:f2:56:92:1e:
6e:57:50:ca:1d:ec:b5:8e:7d:cf:5f:1c:54:4d:37:
b7:48:53:a4:e7:f6:5c:52:4c:eb:73:3a:17:00:f8:
0e:f6:4e:32:de:61:a0:d3:22:4a:41:b9:91:34:d8:
15:66:49:65:2a:dc:a3:fc:76:93:00:56:3b:c7:5b:
5b:1a:53:44:99:39:c8:82:5b:79:2d:e7:46:8a:b2:
1e:6a:03:8b:28:e4:dd:7f:3c:46:32:7f:32:33:f1:
20:8f:45:8d:ed:c4:f6:e2:fe:0f:6e:c7:e9:97:40:
35:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:17:26:30:1A:5F:70:89:FD:7D:23:78:E9:F5:E0:F9:F0:77:7E:6F
X509v3 Authority Key Identifier:
keyid:04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/QBcmMBpfcIn9fSN46fXg-fB3fm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7400:d1::/48
Signature Algorithm: sha256WithRSAEncryption
13:df:11:45:c8:c8:e9:20:a1:00:b1:2e:07:99:07:73:4f:d7:
af:37:d1:8f:ce:d5:ff:4f:0e:d6:b9:37:04:87:1d:8d:84:9d:
4f:29:79:80:48:92:c3:d3:0c:06:99:15:b3:3a:be:fb:b6:26:
27:b9:51:7b:34:42:a4:ae:95:83:f9:91:1e:c6:57:74:d2:31:
c3:55:71:02:da:f0:7f:09:85:e9:e9:1a:d9:18:75:70:44:6d:
d4:69:ee:9e:4f:57:ac:48:e1:14:22:80:73:5c:bb:06:ba:a0:
33:61:06:0e:8c:4e:91:8c:2b:23:3d:b1:d0:54:9b:ef:f6:5c:
7e:6c:1a:0d:a7:32:be:c4:77:9d:73:38:1e:74:6f:e2:f2:7f:
ae:e2:f6:c3:3e:40:16:f8:c1:04:28:4a:7e:57:48:ae:97:14:
cb:a8:de:2f:e3:39:92:70:e5:e5:97:94:3e:8a:f6:66:0c:c2:
6d:14:44:04:dc:3e:d9:05:fb:f4:27:5d:64:d2:3e:99:8e:18:
b0:4e:54:8a:02:11:66:ef:8c:6c:f2:d1:ce:ca:c8:46:ad:41:
80:6f:cf:9c:25:45:5a:d8:55:6a:3e:e3:17:b3:e9:50:d0:bf:
57:a4:b6:49:46:f4:d3:4b:a7:d6:fe:4c:e1:3d:87:0b:4a:b6:
ec:ee:d2:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJLKSnzqSSlmLMlEU4H9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OWQ0ZjY2NTk4NjY4MDc5MzUzNzIxYzIxOTM1YTAwMzE5
ZjY3NTkwHhcNMjQwMTAxMDgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE3MjYzMDFhNWY3MDg5ZmQ3ZDIzNzhlOWY1ZTBmOWYwNzc3ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i5djsQUy588ze6KP1ZqH0tJgz8Z
Cn4y5ZbSrXtT8p4NlOTIJimBhoFVcq29kfhEIs12SM7d8oN+W17Vhq5M2b6yv2O4
gjK+tsEivVIhYkoXNVIW8PyGHQAT89lyZmjOI8Mz95aBgxvyvVbjjWC5eTnml7ZZ
8oj1NKLFCyWWADT8I0twdWyCF9LTlj4hLRfOEvJWkh5uV1DKHey1jn3PXxxUTTe3
SFOk5/ZcUkzrczoXAPgO9k4y3mGg0yJKQbmRNNgVZkllKtyj/HaTAFY7x1tbGlNE
mTnIglt5LedGirIeagOLKOTdfzxGMn8yM/Egj0WN7cT24v4Pbsfpl0A1rwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEAXJjAaX3CJ/X0jeOn14Pnwd35vMB8GA1UdIwQY
MBaAFASdT2ZZhmgHk1NyHCGTWgAxn2dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEt
OTI3OTU0N2VjYTU1LzEvUUJjbU1CcGZjSW45ZlNONDZmWGctZkIzZm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEtOTI3OTU0N2VjYTU1
LzEvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhF0AADR
MA0GCSqGSIb3DQEBCwUAA4IBAQAT3xFFyMjpIKEAsS4HmQdzT9evN9GPztX/Tw7W
uTcEhx2NhJ1PKXmASJLD0wwGmRWzOr77tiYnuVF7NEKkrpWD+ZEexld00jHDVXEC
2vB/CYXp6RrZGHVwRG3Uae6eT1esSOEUIoBzXLsGuqAzYQYOjE6RjCsjPbHQVJvv
9lx+bBoNpzK+xHedczgedG/i8n+u4vbDPkAW+MEEKEp+V0iulxTLqN4v4zmScOXl
l5Q+ivZmDMJtFEQE3D7ZBfv0J11k0j6ZjhiwTlSKAhFm74xs8tHOyshGrUGAb8+c
JUVa2FVqPuMXs+lQ0L9XpLZJRvTTS6fW/kzhPYcLSrbs7tK4
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:33 2024 by rpki-client on console-fra.rpki-client.org