Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qLy1gvIF9U-npkQnfy12CWudLbA.roa
File: qLy1gvIF9U-npkQnfy12CWudLbA.roa (raw, json)
Hash identifier: 96477pBJTS7GYWRRnVbemROeVI5RhgEsqg9ytO030cw=
Subject key identifier: A8:BC:B5:82:F2:05:F5:4F:A7:A6:44:27:7F:2D:76:09:6B:9D:2D:B0
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DF1153A48FB0DC0261871B81E020F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qLy1gvIF9U-npkQnfy12CWudLbA.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201465
IP address blocks: 81.3.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f1:15:3a:48:fb:0d:c0:26:18:71:b8:1e:02:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8bcb582f205f54fa7a644277f2d76096b9d2db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fe:26:89:23:e7:7f:db:d4:63:f3:b8:41:24:
60:4c:f6:00:6c:4d:e9:49:75:42:bd:1a:91:8d:d3:
c9:5f:33:eb:52:50:f2:f0:e5:ef:c3:7e:61:0a:d8:
f6:73:35:22:ab:eb:c5:3d:a2:e1:91:e7:b8:b0:a4:
6d:e4:33:9c:df:c6:34:6a:13:df:e4:97:a1:1b:2b:
3b:c0:65:cf:14:5e:d4:4a:b1:4b:9b:b7:53:45:bb:
19:d0:6d:52:e6:eb:20:6a:47:c2:3f:c3:59:55:48:
c4:b7:9f:c7:9e:67:b3:a0:fa:90:82:3e:1f:f2:70:
3d:16:52:2e:63:ef:e0:56:78:d9:ad:aa:81:2a:d8:
c9:24:63:5e:d8:dc:ed:c3:1b:bc:7f:27:d5:cf:1e:
de:e7:1b:6e:aa:7d:52:b1:f0:c1:2f:7a:0e:72:4a:
47:1a:6d:1a:b7:5b:12:87:7f:98:dc:fc:ac:43:88:
d5:a5:f7:3d:70:b2:3a:dd:5a:39:08:70:94:ef:f8:
55:52:d1:45:8d:6c:09:75:b6:ff:08:00:dd:aa:83:
0e:c2:f0:51:54:a3:58:43:4b:58:3b:30:33:72:d7:
9f:c1:a5:b4:6b:90:ab:80:f8:ba:64:c6:cf:91:33:
16:33:22:2f:38:ad:af:5c:1c:87:09:39:56:f4:18:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BC:B5:82:F2:05:F5:4F:A7:A6:44:27:7F:2D:76:09:6B:9D:2D:B0
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/qLy1gvIF9U-npkQnfy12CWudLbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.3.145.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:10:f6:17:51:26:1c:5a:5b:f4:a8:cd:ac:8c:46:31:4c:44:
81:83:09:b7:0d:71:d8:5c:24:6d:e3:8d:de:06:c9:d0:3e:d2:
36:fb:a3:ab:14:51:1b:05:d9:70:15:c0:75:0e:37:38:5d:fd:
4c:17:b7:9d:af:4a:60:e0:dd:61:8a:c5:dd:9f:65:e5:25:dc:
9e:ee:5b:e8:ea:8e:d2:ed:fe:02:81:92:7b:44:74:52:7c:5c:
d1:e2:b4:12:1e:69:b6:a1:80:a1:90:59:af:c9:ee:a9:a2:5f:
4b:ac:f0:a8:e3:21:12:68:34:91:ae:c1:25:ac:89:5b:b3:47:
be:57:72:7f:b8:91:39:b7:38:bf:e8:4c:e0:cf:5f:12:33:10:
03:88:58:85:4c:23:88:23:af:c6:75:92:fc:7b:f7:03:bc:ee:
d1:42:fe:fa:bf:ff:31:8b:d8:87:b1:c8:1a:d2:a0:37:46:89:
38:d9:b4:e3:dc:36:8b:3b:ce:3b:10:91:80:7c:a4:35:e5:85:
71:12:04:ed:eb:41:61:73:81:22:55:ed:43:ed:e7:50:ce:6e:
80:00:af:ec:b2:83:e0:21:03:18:fc:4d:ee:6f:59:bb:2e:54:
11:87:c6:cf:06:46:55:3f:63:d8:0c:f5:cc:dc:88:89:2a:8a:
38:81:cf:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfEVOkj7DcAmGHG4HgIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJjYjU4MmYyMDVmNTRmYTdhNjQ0Mjc3ZjJkNzYwOTZiOWQyZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgv4miSPnf9vUY/O4QSRgTPYAbE3p
SXVCvRqRjdPJXzPrUlDy8OXvw35hCtj2czUiq+vFPaLhkee4sKRt5DOc38Y0ahPf
5JehGys7wGXPFF7USrFLm7dTRbsZ0G1S5usgakfCP8NZVUjEt5/HnmezoPqQgj4f
8nA9FlIuY+/gVnjZraqBKtjJJGNe2Nztwxu8fyfVzx7e5xtuqn1SsfDBL3oOckpH
Gm0at1sSh3+Y3PysQ4jVpfc9cLI63Vo5CHCU7/hVUtFFjWwJdbb/CADdqoMOwvBR
VKNYQ0tYOzAzctefwaW0a5CrgPi6ZMbPkTMWMyIvOK2vXByHCTlW9Bj24wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi8tYLyBfVPp6ZEJ38tdglrnS2wMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcUx5MWd2SUY5VS1ucGtRbmZ5MTJDV3VkTGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQORMA0G
CSqGSIb3DQEBCwUAA4IBAQB/EPYXUSYcWlv0qM2sjEYxTESBgwm3DXHYXCRt443e
BsnQPtI2+6OrFFEbBdlwFcB1Djc4Xf1MF7edr0pg4N1hisXdn2XlJdye7lvo6o7S
7f4CgZJ7RHRSfFzR4rQSHmm2oYChkFmvye6pol9LrPCo4yESaDSRrsElrIlbs0e+
V3J/uJE5tzi/6Ezgz18SMxADiFiFTCOII6/GdZL8e/cDvO7RQv76v/8xi9iHscga
0qA3Rok42bTj3DaLO847EJGAfKQ15YVxEgTt60Fhc4EiVe1D7edQzm6AAK/ssoPg
IQMY/E3ub1m7LlQRh8bPBkZVP2PYDPXM3IiJKoo4gc+l
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:15 2024 by rpki-client on console-fra.rpki-client.org