Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/1-k2Mj5T5NQDbyK4pOtwvQakSNqQ.roa
File: 1-k2Mj5T5NQDbyK4pOtwvQakSNqQ.roa (raw, json)
Hash identifier: kK9VBh92C6sLvhQdEIxUXiPOIqfqH4YFIYo+MRM/6Us=
Subject key identifier: FA:4D:8C:8F:94:F9:35:00:DB:C8:AE:29:3A:DC:2F:41:A9:12:36:A4
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018CC56F0168A525E3661698A300B180E445
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/1-k2Mj5T5NQDbyK4pOtwvQakSNqQ.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43732
IP address blocks: 82.119.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:01:68:a5:25:e3:66:16:98:a3:00:b1:80:e4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa4d8c8f94f93500dbc8ae293adc2f41a91236a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:8f:6e:ba:d5:55:52:a4:87:df:1a:5e:e5:
be:52:5a:92:19:67:12:24:7f:13:97:06:e6:57:0c:
04:af:4e:d8:8b:2f:5f:33:89:15:fd:ff:b0:d9:ac:
c6:a4:4e:26:37:60:4a:5c:d1:00:fb:01:2f:88:9b:
2b:b4:d3:0c:15:2e:e9:5e:c1:9c:b6:7b:95:06:da:
b5:08:bb:40:79:7a:83:be:0c:d1:e7:be:8c:cc:95:
4d:b7:27:36:0c:18:a9:27:f1:39:6e:30:38:77:1d:
99:6e:87:b4:55:b3:d0:15:6a:9b:81:ee:4b:2c:ca:
63:2c:90:ac:4a:b3:6c:cf:10:ca:f4:ee:73:18:7b:
ff:c1:b5:f2:5a:a7:6f:d8:a7:ee:53:8f:50:e8:3e:
51:cd:9e:72:20:ec:a2:3d:bf:2a:d6:dc:1d:38:d1:
12:07:28:df:21:79:e2:f5:51:7a:03:79:91:1d:6d:
59:b1:cb:f7:e0:53:80:65:5d:62:70:80:56:c1:0b:
e3:8f:9c:d3:96:02:c5:b6:0e:9c:90:f5:c0:b1:d2:
8a:c8:bf:ec:75:27:72:89:d3:35:8a:6c:f2:26:ea:
40:52:8a:6d:c7:1c:20:37:04:05:85:30:d2:8f:a0:
08:5a:df:bf:b4:f5:72:5c:64:73:f5:3a:e0:3b:99:
c0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4D:8C:8F:94:F9:35:00:DB:C8:AE:29:3A:DC:2F:41:A9:12:36:A4
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/1-k2Mj5T5NQDbyK4pOtwvQakSNqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:39:b0:5a:7a:76:78:c4:b7:05:82:27:7f:de:fe:b8:b9:51:
5c:43:63:58:f9:ce:b6:7e:fa:e9:9c:63:89:92:58:02:91:31:
a8:20:ae:95:79:17:14:30:1f:c3:9c:ef:b6:0e:09:70:91:ca:
26:e1:b1:f4:92:96:ce:93:23:c3:34:24:9c:c5:68:87:79:ee:
54:dc:b4:ac:95:59:25:a1:d0:cb:b7:73:05:e4:37:91:f3:31:
d2:ba:3b:6d:ba:79:49:38:cf:cc:ef:c9:fe:7c:5e:89:02:e0:
0b:06:7b:45:c1:d6:ca:05:87:b3:dc:1a:21:d5:6f:20:e2:db:
f9:10:a9:07:62:2c:23:8d:59:db:66:24:21:c4:a5:d0:e6:55:
16:b2:06:65:65:85:cc:02:60:ef:e1:78:4f:c8:96:8b:dc:3f:
c8:ef:47:dd:02:6f:31:61:6d:2d:e2:bb:b6:9c:66:bd:bd:a9:
ec:a3:e9:72:ed:e5:a9:8e:61:8d:23:81:17:c9:47:78:dc:a9:
7a:f2:e0:48:ed:8c:91:84:ac:d6:63:2e:4d:06:fb:d8:a1:0b:
cc:b0:c1:8f:fb:26:e5:90:16:01:a8:b9:31:59:41:09:a9:ba:
f5:44:58:15:fe:ae:b9:26:84:f8:f3:4b:ea:59:4b:4a:0d:9d:
ad:57:7c:fd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFbwFopSXjZhaYowCxgORFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRkOGM4Zjk0ZjkzNTAwZGJjOGFlMjkzYWRjMmY0MWE5MTIzNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiCPbrrVVVKkh98aXuW+UlqSGWcS
JH8TlwbmVwwEr07Yiy9fM4kV/f+w2azGpE4mN2BKXNEA+wEviJsrtNMMFS7pXsGc
tnuVBtq1CLtAeXqDvgzR576MzJVNtyc2DBipJ/E5bjA4dx2Zboe0VbPQFWqbge5L
LMpjLJCsSrNszxDK9O5zGHv/wbXyWqdv2KfuU49Q6D5RzZ5yIOyiPb8q1twdONES
ByjfIXni9VF6A3mRHW1Zscv34FOAZV1icIBWwQvjj5zTlgLFtg6ckPXAsdKKyL/s
dSdyidM1imzyJupAUoptxxwgNwQFhTDSj6AIWt+/tPVyXGRz9TrgO5nARwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpNjI+U+TUA28iuKTrcL0GpEjakMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvMS1rMk1qNVQ1TlFEYnlLNHBPdHd2UWFrU05xUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvOTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUx
OC8xL1FRU2tDQ0hFRjJ6RUxpVmU5c0Z5ZEhQRDhBby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ3TjAN
BgkqhkiG9w0BAQsFAAOCAQEAoTmwWnp2eMS3BYInf97+uLlRXENjWPnOtn766Zxj
iZJYApExqCCulXkXFDAfw5zvtg4JcJHKJuGx9JKWzpMjwzQknMVoh3nuVNy0rJVZ
JaHQy7dzBeQ3kfMx0ro7bbp5STjPzO/J/nxeiQLgCwZ7RcHWygWHs9waIdVvIOLb
+RCpB2IsI41Z22YkIcSl0OZVFrIGZWWFzAJg7+F4T8iWi9w/yO9H3QJvMWFtLeK7
tpxmvb2p7KPpcu3lqY5hjSOBF8lHeNypevLgSO2MkYSs1mMuTQb72KELzLDBj/sm
5ZAWAai5MVlBCam69URYFf6uuSaE+PNL6llLSg2drVd8/Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:46 2024 by rpki-client on console-ams.rpki-client.org