Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/QVCTI2QS2PHJ2b58xnLvgcRoyzA.roa
File: QVCTI2QS2PHJ2b58xnLvgcRoyzA.roa (raw, json)
Hash identifier: ejVwCHHjW4Pn1uchRaiumDDsdppyJqj9ceFP45vtILE=
Subject key identifier: 41:50:93:23:64:12:D8:F1:C9:D9:BE:7C:C6:72:EF:81:C4:68:CB:30
Certificate issuer: /CN=699c581aff3d0a90178cfab565a388ccd9bc01ce
Certificate serial: 018CCA28EC86B8BE321E7AD496D8DFAE5ECB
Authority key identifier: 69:9C:58:1A:FF:3D:0A:90:17:8C:FA:B5:65:A3:88:CC:D9:BC:01:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/QVCTI2QS2PHJ2b58xnLvgcRoyzA.roa
Signing time: Tue 02 Jan 2024 12:32:08 +0000
ROA not before: Tue 02 Jan 2024 12:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49206
IP address blocks: 185.41.48.0/24 maxlen: 24
185.41.51.0/24 maxlen: 24
185.41.50.0/24 maxlen: 24
185.41.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:ec:86:b8:be:32:1e:7a:d4:96:d8:df:ae:5e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699c581aff3d0a90178cfab565a388ccd9bc01ce
Validity
Not Before: Jan 2 12:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=415093236412d8f1c9d9be7cc672ef81c468cb30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:2f:38:ae:dc:4c:ad:fe:85:f9:31:42:57:
e2:fe:6b:7d:68:90:15:29:d6:9f:83:79:d4:e5:f8:
e6:63:af:35:36:db:9a:54:0c:a7:7e:c9:20:a1:1a:
be:4d:5e:e6:25:e4:aa:9e:49:ba:b4:8c:3d:da:11:
7d:2f:53:85:c3:4e:d5:80:9c:fe:81:e7:6e:14:0b:
4a:8b:e3:9f:a5:f4:12:93:78:b7:d7:a4:15:9f:26:
c5:a4:a0:e7:9d:bb:6d:7a:7c:de:69:b9:fb:68:22:
6c:46:68:76:f0:86:20:00:96:4a:e6:ce:82:95:25:
d7:d5:75:02:0d:85:1a:2a:49:be:b0:7c:23:ab:63:
10:67:bf:30:1b:83:1e:cd:52:ea:3c:26:ac:26:bf:
92:80:c5:1e:9e:66:1c:4b:e8:5a:20:a9:c1:8c:f9:
07:82:cc:f7:51:5b:03:e0:c4:20:55:a2:6a:82:c1:
28:0d:51:2a:b0:c2:6a:16:ed:9c:2c:d6:6b:fa:c6:
40:68:17:fc:34:9a:04:9b:40:34:18:95:a2:7c:97:
ab:0c:67:a5:1e:bf:4e:be:8f:99:b0:0c:f7:6b:6a:
80:ba:8d:3c:13:b5:23:47:cb:2d:70:93:a8:73:e4:
ff:58:7e:89:2a:87:0b:ac:bd:a0:28:3c:95:f8:a1:
5d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:50:93:23:64:12:D8:F1:C9:D9:BE:7C:C6:72:EF:81:C4:68:CB:30
X509v3 Authority Key Identifier:
keyid:69:9C:58:1A:FF:3D:0A:90:17:8C:FA:B5:65:A3:88:CC:D9:BC:01:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/QVCTI2QS2PHJ2b58xnLvgcRoyzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/fb9d5e-a628-4f23-88a5-e5ddd2bb51c5/1/aZxYGv89CpAXjPq1ZaOIzNm8Ac4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.48.0/22
Signature Algorithm: sha256WithRSAEncryption
78:f4:a0:68:ff:99:00:2f:54:b9:27:cd:ba:db:b6:10:bc:41:
a3:27:b5:eb:9b:6b:62:5d:4b:cd:0e:1e:26:d1:0a:f0:f8:76:
7d:2d:c5:6e:e4:9c:20:ff:39:95:d0:95:0a:10:69:d0:36:1f:
a3:cf:67:32:2f:6a:ff:01:fa:0b:35:27:f5:e5:07:1b:ab:42:
a5:57:e2:72:f5:a9:4d:83:70:33:db:46:cf:1a:ac:3f:e7:8f:
8a:58:0f:31:f5:75:9a:c8:1a:21:21:fe:62:e0:c7:20:9a:ea:
b6:75:65:38:ac:fe:49:c0:c5:c1:ba:f4:25:08:f5:24:30:f6:
62:5f:9c:07:9a:94:a0:8b:0c:4f:a3:f8:08:64:6d:fb:e5:3b:
15:e3:2e:3a:94:e6:bd:6b:88:d0:16:dd:8f:c8:fa:e0:93:eb:
1a:4b:e0:14:ab:74:ef:46:38:6f:83:9b:5c:47:78:a1:a4:a1:
40:52:b3:98:20:5f:ce:43:ae:e4:9d:11:09:dd:89:7f:6f:28:
29:46:fc:e9:8b:fa:b1:80:93:5f:89:48:7d:66:c2:ca:24:9a:
02:dc:59:26:89:01:83:58:51:ec:d1:1f:22:5d:c9:34:27:b4:
ed:51:21:03:f3:f3:87:23:e9:65:b5:da:33:53:de:9f:70:3d:
95:9d:ee:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKOyGuL4yHnrUltjfrl7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OWM1ODFhZmYzZDBhOTAxNzhjZmFiNTY1YTM4OGNjZDli
YzAxY2UwHhcNMjQwMTAyMTIzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTUwOTMyMzY0MTJkOGYxYzlkOWJlN2NjNjcyZWY4MWM0NjhjYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprIvOK7cTK3+hfkxQlfi/mt9aJAV
Kdafg3nU5fjmY681NtuaVAynfskgoRq+TV7mJeSqnkm6tIw92hF9L1OFw07VgJz+
geduFAtKi+OfpfQSk3i316QVnybFpKDnnbttenzeabn7aCJsRmh28IYgAJZK5s6C
lSXX1XUCDYUaKkm+sHwjq2MQZ78wG4MezVLqPCasJr+SgMUenmYcS+haIKnBjPkH
gsz3UVsD4MQgVaJqgsEoDVEqsMJqFu2cLNZr+sZAaBf8NJoEm0A0GJWifJerDGel
Hr9Ovo+ZsAz3a2qAuo08E7UjR8stcJOoc+T/WH6JKocLrL2gKDyV+KFdqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFQkyNkEtjxydm+fMZy74HEaMswMB8GA1UdIwQY
MBaAFGmcWBr/PQqQF4z6tWWjiMzZvAHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVp4WUd2ODlDcEFYalBxMVphT0l6Tm04QWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mYjlkNWUtYTYyOC00ZjIzLTg4YTUt
ZTVkZGQyYmI1MWM1LzEvUVZDVEkyUVMyUEhKMmI1OHhuTHZnY1JveXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mYjlkNWUtYTYyOC00ZjIzLTg4YTUtZTVkZGQyYmI1MWM1
LzEvYVp4WUd2ODlDcEFYalBxMVphT0l6Tm04QWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSkwMA0G
CSqGSIb3DQEBCwUAA4IBAQB49KBo/5kAL1S5J82627YQvEGjJ7Xrm2tiXUvNDh4m
0Qrw+HZ9LcVu5Jwg/zmV0JUKEGnQNh+jz2cyL2r/AfoLNSf15Qcbq0KlV+Jy9alN
g3Az20bPGqw/54+KWA8x9XWayBohIf5i4Mcgmuq2dWU4rP5JwMXBuvQlCPUkMPZi
X5wHmpSgiwxPo/gIZG375TsV4y46lOa9a4jQFt2PyPrgk+saS+AUq3TvRjhvg5tc
R3ihpKFAUrOYIF/OQ67knREJ3Yl/bygpRvzpi/qxgJNfiUh9ZsLKJJoC3FkmiQGD
WFHs0R8iXck0J7TtUSED8/OHI+lltdozU96fcD2Vne5t
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:10 2024 by rpki-client on console-fra.rpki-client.org