Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qJbtUZnuNrPepnydLbgtjkQ-l1I.roa
File: qJbtUZnuNrPepnydLbgtjkQ-l1I.roa (raw, json)
Hash identifier: PSTleqo2kX3IngQvqOB2cBq+aNxjbuVZZ9ONbsA8J0E=
Subject key identifier: A8:96:ED:51:99:EE:36:B3:DE:A6:7C:9D:2D:B8:2D:8E:44:3E:97:52
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 018CC7933A4601C383E6E03B3179BBB298D5
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qJbtUZnuNrPepnydLbgtjkQ-l1I.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15510
IP address blocks: 84.19.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3a:46:01:c3:83:e6:e0:3b:31:79:bb:b2:98:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a896ed5199ee36b3dea67c9d2db82d8e443e9752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8b:22:4d:75:1b:5c:0d:0d:6e:45:40:75:61:
99:ea:11:86:b7:95:8f:42:7a:69:74:59:d5:b0:22:
63:c1:5a:bb:ee:9b:b3:e5:c0:07:d2:80:0f:fd:78:
fd:41:27:f0:05:2d:be:b2:0b:4a:e6:85:4e:4c:4a:
72:b7:0e:39:d9:49:ea:c4:77:f8:d0:bc:fa:05:1d:
c9:01:a4:f1:f0:c8:d9:b0:38:83:52:dc:a8:8c:01:
ab:0f:4f:04:0f:88:50:f6:bd:12:2e:98:8a:e6:5f:
5d:a3:19:cf:22:95:19:82:80:10:1b:ff:ba:9d:8c:
64:db:ad:81:33:80:4f:97:51:17:58:ec:a9:f2:8a:
f3:3d:65:ba:84:4f:71:04:7f:4c:f4:fc:6e:c3:4b:
35:47:35:35:0a:44:a7:34:6f:53:a1:0e:2d:55:ef:
58:d2:fd:46:d1:96:39:b4:22:f0:6c:16:26:b2:88:
b8:71:6e:01:96:1e:f1:95:b2:d1:e5:90:4c:71:55:
fb:f8:8f:ac:51:c9:77:fa:97:53:12:0c:32:0b:3c:
30:6b:96:e0:e2:68:84:7c:31:31:63:fc:2f:c4:77:
89:54:7b:c7:75:21:13:17:e1:f1:a5:1b:b9:63:0f:
c5:03:d5:a8:ad:3d:c5:23:d3:19:c7:1b:f3:0a:ec:
4d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:96:ED:51:99:EE:36:B3:DE:A6:7C:9D:2D:B8:2D:8E:44:3E:97:52
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/qJbtUZnuNrPepnydLbgtjkQ-l1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.112.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:49:67:17:5f:52:48:6a:82:fc:4a:ef:b4:8b:c2:dd:8a:17:
15:fd:a0:9d:26:12:59:04:45:37:66:82:50:eb:ca:2d:cd:8a:
8e:bd:85:54:02:eb:bd:6c:2e:30:be:e0:a4:35:00:40:08:2e:
00:62:db:d2:18:bc:d8:72:ce:6b:a2:a2:50:b2:cc:ea:ea:42:
ce:98:79:39:0c:b0:79:03:8b:d3:df:8d:04:44:f7:c7:39:48:
75:e0:ad:33:db:1d:2f:d6:00:92:63:70:26:14:d0:f0:5b:f6:
62:26:bd:1f:81:6c:bf:58:a4:50:5b:27:91:b5:a3:d1:4d:8c:
a0:35:a4:0e:b8:31:05:89:0a:d0:f6:58:6c:bf:ff:f9:6a:74:
e2:3e:5c:76:9c:b2:50:50:2a:d1:32:73:ee:91:ab:75:de:86:
17:c7:75:88:9e:6e:87:c3:00:2d:dd:e1:32:f1:fd:d1:82:c0:
4b:9c:54:94:3b:42:09:c7:ed:60:3c:5c:b6:2a:1c:3d:d9:98:
21:28:1f:16:73:f1:2d:61:2e:36:d1:2e:f8:4e:62:46:b9:37:
30:00:7f:88:d2:df:83:bf:cc:eb:19:1b:0a:c3:51:9f:c7:18:
72:5a:ce:ab:ad:e0:40:d5:f7:14:b0:63:87:35:f0:c5:d1:e8:
02:b3:44:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzpGAcOD5uA7MXm7spjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk2ZWQ1MTk5ZWUzNmIzZGVhNjdjOWQyZGI4MmQ4ZTQ0M2U5NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmosiTXUbXA0NbkVAdWGZ6hGGt5WP
QnppdFnVsCJjwVq77puz5cAH0oAP/Xj9QSfwBS2+sgtK5oVOTEpytw452UnqxHf4
0Lz6BR3JAaTx8MjZsDiDUtyojAGrD08ED4hQ9r0SLpiK5l9doxnPIpUZgoAQG/+6
nYxk262BM4BPl1EXWOyp8orzPWW6hE9xBH9M9Pxuw0s1RzU1CkSnNG9ToQ4tVe9Y
0v1G0ZY5tCLwbBYmsoi4cW4Blh7xlbLR5ZBMcVX7+I+sUcl3+pdTEgwyCzwwa5bg
4miEfDExY/wvxHeJVHvHdSETF+HxpRu5Yw/FA9WorT3FI9MZxxvzCuxNgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiW7VGZ7jaz3qZ8nS24LY5EPpdSMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvcUpidFVabnVOclBlcG55ZExiZ3Rqa1EtbDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVBNwMA0G
CSqGSIb3DQEBCwUAA4IBAQC3SWcXX1JIaoL8Su+0i8LdihcV/aCdJhJZBEU3ZoJQ
68otzYqOvYVUAuu9bC4wvuCkNQBACC4AYtvSGLzYcs5roqJQsszq6kLOmHk5DLB5
A4vT340ERPfHOUh14K0z2x0v1gCSY3AmFNDwW/ZiJr0fgWy/WKRQWyeRtaPRTYyg
NaQOuDEFiQrQ9lhsv//5anTiPlx2nLJQUCrRMnPukat13oYXx3WInm6HwwAt3eEy
8f3RgsBLnFSUO0IJx+1gPFy2Khw92ZghKB8Wc/EtYS420S74TmJGuTcwAH+I0t+D
v8zrGRsKw1GfxxhyWs6rreBA1fcUsGOHNfDF0egCs0Qg
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:27 2024 by rpki-client on console-ams.rpki-client.org