Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/QLkZeOymUDGas6lwK9HvUkSuHxM.roa
File: QLkZeOymUDGas6lwK9HvUkSuHxM.roa (raw, json)
Hash identifier: GWoI4eNTqwOOcL7ctAh8oiDOI/lI3GDlCj82BEechqI=
Subject key identifier: 40:B9:19:78:EC:A6:50:31:9A:B3:A9:70:2B:D1:EF:52:44:AE:1F:13
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0192FC264C9928D8E1646C73588C47EB13F5
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/QLkZeOymUDGas6lwK9HvUkSuHxM.roa
Signing time: Tue 05 Nov 2024 11:47:01 +0000
ROA not before: Tue 05 Nov 2024 11:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56582
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:26:4c:99:28:d8:e1:64:6c:73:58:8c:47:eb:13:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Nov 5 11:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40b91978eca650319ab3a9702bd1ef5244ae1f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:83:03:56:5a:c9:07:85:ed:e0:e9:23:34:c6:
ae:06:ff:76:4a:57:29:09:80:bd:51:b5:b5:a5:06:
81:48:c1:c3:94:bb:13:67:22:a9:a7:07:7d:fb:8f:
7c:20:2d:f7:90:51:1c:7e:81:5f:8e:34:9c:2b:31:
19:30:1b:85:35:9d:8c:44:e9:86:0c:ca:dd:74:60:
19:05:df:cd:61:b5:5f:5f:ea:a6:ba:a5:81:a4:b7:
20:ff:46:11:cb:38:24:7f:30:3b:cf:89:0e:7e:71:
14:a9:83:3c:48:49:97:5c:7c:89:56:aa:74:5b:b3:
63:39:77:93:ae:c7:69:32:c4:50:e9:c9:98:4c:2a:
9f:92:c1:72:4c:f1:0d:96:f9:e8:85:65:b4:fc:25:
8a:d6:29:21:aa:3f:8f:03:da:54:6f:05:2f:6f:8a:
d7:dd:a2:5f:ae:6b:d0:2c:96:41:7f:cc:e6:cc:54:
f7:fd:0a:b1:b0:ba:93:72:73:87:70:18:7b:5f:05:
79:5c:d2:38:83:24:d9:3e:48:ea:8e:fe:81:f1:6b:
90:2d:d6:60:1d:a3:c1:95:95:06:ba:12:af:0f:da:
61:92:61:bf:14:6f:9b:2a:8f:77:00:ad:31:15:81:
cb:f5:da:9f:13:b0:c7:22:ff:bd:c4:d8:bd:fa:ff:
62:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B9:19:78:EC:A6:50:31:9A:B3:A9:70:2B:D1:EF:52:44:AE:1F:13
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/QLkZeOymUDGas6lwK9HvUkSuHxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0-31.169.82.255
31.169.84.0/24
31.169.92.0/22
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
7e:19:59:cd:2c:2a:70:27:48:50:a2:0a:18:e9:b2:01:69:89:
f5:3b:48:53:6c:7f:c6:93:92:53:b2:73:8f:26:50:b5:40:60:
94:d1:dd:4d:7e:5a:88:09:0d:50:05:37:fa:41:16:24:03:00:
60:15:b7:6b:2a:e0:aa:d2:69:be:66:8c:60:c9:99:90:6c:d7:
38:ef:e2:64:47:ea:18:4a:1d:f4:7f:c2:6c:2f:88:f4:fc:3b:
1f:d9:25:2d:90:61:f0:ae:87:41:96:92:ed:8b:fc:6d:14:e2:
d8:98:48:85:d5:c0:dc:ae:7d:e8:31:0d:21:94:b8:74:90:ca:
d5:fb:ae:1b:df:6d:fc:52:32:1e:b7:ac:dc:6a:cd:a5:98:b9:
5a:3d:e7:e1:85:3e:a7:46:40:89:26:04:92:fc:34:a8:08:ad:
e7:72:34:35:99:9d:30:f4:4e:f7:f4:39:8d:c1:d7:35:b2:78:
7b:f7:ec:37:a1:f7:b3:03:b1:62:b2:8a:7b:88:3e:60:b0:c2:
23:5b:7f:c3:52:3f:d5:ba:dd:b6:f4:74:95:e1:b7:1c:41:e6:
24:fc:87:fe:78:af:33:21:df:bc:d9:fe:64:07:e4:7c:fb:f8:
25:68:b7:05:95:11:46:db:06:7e:fc:c6:7f:1a:a1:07:9a:5a:
e8:57:61:33
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZL8JkyZKNjhZGxzWIxH6xP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQxMTA1MTE0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI5MTk3OGVjYTY1MDMxOWFiM2E5NzAyYmQxZWY1MjQ0YWUxZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IMDVlrJB4Xt4OkjNMauBv92Slcp
CYC9UbW1pQaBSMHDlLsTZyKppwd9+498IC33kFEcfoFfjjScKzEZMBuFNZ2MROmG
DMrddGAZBd/NYbVfX+qmuqWBpLcg/0YRyzgkfzA7z4kOfnEUqYM8SEmXXHyJVqp0
W7NjOXeTrsdpMsRQ6cmYTCqfksFyTPENlvnohWW0/CWK1ikhqj+PA9pUbwUvb4rX
3aJfrmvQLJZBf8zmzFT3/QqxsLqTcnOHcBh7XwV5XNI4gyTZPkjqjv6B8WuQLdZg
HaPBlZUGuhKvD9phkmG/FG+bKo93AK0xFYHL9dqfE7DHIv+9xNi9+v9iyQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEC5GXjsplAxmrOpcCvR71JErh8TMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvUUxrWmVPeW1VREdhczZsd0s5SHZVa1N1SHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUowDAMEAh+pTAMEAB+pTjAMAwQAH6lRAwQAH6lSAwQA
H6lUAwQCH6lcAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+GVnNLCpwJ0hQogoY6bIBaYn1O0hTbH/Gk5JTsnOPJlC1QGCU0d1NflqICQ1Q
BTf6QRYkAwBgFbdrKuCq0mm+ZoxgyZmQbNc47+JkR+oYSh30f8JsL4j0/Dsf2SUt
kGHwrodBlpLti/xtFOLYmEiF1cDcrn3oMQ0hlLh0kMrV+64b3238UjIet6zcas2l
mLlaPefhhT6nRkCJJgSS/DSoCK3ncjQ1mZ0w9E739DmNwdc1snh79+w3ofezA7Fi
sop7iD5gsMIjW3/DUj/Vut229HSV4bccQeYk/If+eK8zId+82f5kB+R8+/glaLcF
lRFG2wZ+/MZ/GqEHmlroV2Ez
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:06 2024 by rpki-client on console-ams.rpki-client.org