Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/qGV9L6j6i3GKxeClR7BW09uAd4w.roa
File: qGV9L6j6i3GKxeClR7BW09uAd4w.roa (raw, json)
Hash identifier: LKn49sP5Sh98xv8aX80m1R9axViF8fZD9afescA5UUo=
Subject key identifier: A8:65:7D:2F:A8:FA:8B:71:8A:C5:E0:A5:47:B0:56:D3:DB:80:77:8C
Certificate issuer: /CN=a5d954d6db2a1178efbec0d5d959076407cf96ca
Certificate serial: 018CC87078A3C6BC61CA93420F8A7251E0DB
Authority key identifier: A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/qGV9L6j6i3GKxeClR7BW09uAd4w.roa
Signing time: Tue 02 Jan 2024 04:31:03 +0000
ROA not before: Tue 02 Jan 2024 04:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212630
IP address blocks: 82.117.241.0/24 maxlen: 24
2a0b:53c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.mft
rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:78:a3:c6:bc:61:ca:93:42:0f:8a:72:51:e0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d954d6db2a1178efbec0d5d959076407cf96ca
Validity
Not Before: Jan 2 04:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8657d2fa8fa8b718ac5e0a547b056d3db80778c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:85:39:91:6c:1b:45:eb:72:66:85:50:39:
87:da:e1:e8:09:66:87:e8:41:b7:67:5a:de:39:0c:
0a:44:a7:c5:ac:ec:11:d1:e1:7f:28:08:a9:51:02:
7e:c0:eb:e6:21:73:9c:5e:6b:32:dd:1e:52:a3:2e:
25:6b:bc:06:5a:db:37:58:5d:ca:9c:d4:52:ff:b1:
85:b9:ff:e4:80:f4:02:3d:32:2b:53:e9:cb:09:de:
87:68:0f:89:4c:20:5b:fc:2f:e9:a0:4f:f8:05:61:
06:9e:39:eb:3d:e6:91:ba:43:17:5d:59:49:1c:69:
80:e8:f5:8e:b3:b9:ae:25:6f:21:1f:18:ac:8f:f5:
dc:7c:32:b0:d5:dc:44:1c:6e:97:b5:ea:8e:9e:5e:
cf:54:a7:0a:ef:e0:af:f1:41:a2:68:81:b5:06:df:
dd:9e:95:11:2d:40:8f:03:ea:59:52:9b:0d:0a:4c:
29:c8:47:6b:73:11:75:81:7b:38:72:7b:97:54:d3:
86:31:26:b3:dd:56:bb:3c:b5:12:8c:a6:4d:f7:8a:
a1:44:15:41:5b:a9:8f:2a:67:ed:30:68:a7:c6:55:
9d:30:73:d6:2e:e0:d2:28:74:78:b4:ae:d1:98:46:
33:86:1e:de:ce:21:e9:bc:4b:00:11:0e:5b:8e:a2:
05:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:65:7D:2F:A8:FA:8B:71:8A:C5:E0:A5:47:B0:56:D3:DB:80:77:8C
X509v3 Authority Key Identifier:
keyid:A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/qGV9L6j6i3GKxeClR7BW09uAd4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.241.0/24
IPv6:
2a0b:53c0::/32
Signature Algorithm: sha256WithRSAEncryption
36:dc:06:f9:78:d1:37:68:ce:57:04:6b:11:4b:e5:ba:a6:4b:
9a:3d:6c:23:9e:a7:88:85:86:d9:48:4d:6a:f9:8a:1c:9b:16:
e3:d8:8e:be:fc:4c:27:b0:cd:45:b4:1c:83:7c:e6:98:9f:94:
a2:b8:6d:cd:8c:61:7a:bb:ac:66:78:7a:93:fe:97:f1:66:8a:
1d:e5:c3:86:e3:52:b2:5e:fe:f8:c1:00:95:d8:24:1f:2a:ee:
33:39:bc:3b:e7:60:9d:b5:bb:4a:47:f6:e9:2c:94:2a:1c:e5:
0a:5c:0d:72:51:32:e7:56:af:e8:d0:59:4d:7d:00:da:87:91:
6e:4a:6c:f7:d6:04:fa:5f:7a:e3:de:ae:fc:8d:d5:80:81:2c:
7e:28:1d:bd:01:e5:d9:e4:af:0f:bb:12:d5:98:fa:2e:08:dc:
f2:b8:1c:76:55:3e:a4:f0:70:d6:6b:63:9f:09:5f:82:65:3f:
03:ea:d0:af:29:09:2e:fc:e3:40:14:62:1d:28:22:e9:17:d1:
d7:96:d5:31:93:1d:c1:a5:05:ab:b2:fc:f4:c5:68:f0:2c:32:
23:96:5c:88:30:aa:59:57:78:e4:11:39:d8:55:02:3c:a7:18:
9c:bc:53:17:bf:85:8b:d3:24:e9:f3:6f:46:c9:b5:45:a1:9b:
06:8d:ca:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcHijxrxhypNCD4pyUeDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDk1NGQ2ZGIyYTExNzhlZmJlYzBkNWQ5NTkwNzY0MDdj
Zjk2Y2EwHhcNMjQwMTAyMDQzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY1N2QyZmE4ZmE4YjcxOGFjNWUwYTU0N2IwNTZkM2RiODA3NzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq2FOZFsG0XrcmaFUDmH2uHoCWaH
6EG3Z1reOQwKRKfFrOwR0eF/KAipUQJ+wOvmIXOcXmsy3R5Soy4la7wGWts3WF3K
nNRS/7GFuf/kgPQCPTIrU+nLCd6HaA+JTCBb/C/poE/4BWEGnjnrPeaRukMXXVlJ
HGmA6PWOs7muJW8hHxisj/XcfDKw1dxEHG6XteqOnl7PVKcK7+Cv8UGiaIG1Bt/d
npURLUCPA+pZUpsNCkwpyEdrcxF1gXs4cnuXVNOGMSaz3Va7PLUSjKZN94qhRBVB
W6mPKmftMGinxlWdMHPWLuDSKHR4tK7RmEYzhh7eziHpvEsAEQ5bjqIFAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKhlfS+o+otxisXgpUewVtPbgHeMMB8GA1UdIwQY
MBaAFKXZVNbbKhF4777A1dlZB2QHz5bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUt
MzlmNGFiNmVjN2U2LzEvcUdWOUw2ajZpM0dLeGVDbFI3QlcwOXVBZDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUtMzlmNGFiNmVjN2U2
LzEvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUnXxMA0E
AgACMAcDBQAqC1PAMA0GCSqGSIb3DQEBCwUAA4IBAQA23Ab5eNE3aM5XBGsRS+W6
pkuaPWwjnqeIhYbZSE1q+Yocmxbj2I6+/EwnsM1FtByDfOaYn5SiuG3NjGF6u6xm
eHqT/pfxZood5cOG41KyXv74wQCV2CQfKu4zObw752CdtbtKR/bpLJQqHOUKXA1y
UTLnVq/o0FlNfQDah5FuSmz31gT6X3rj3q78jdWAgSx+KB29AeXZ5K8PuxLVmPou
CNzyuBx2VT6k8HDWa2OfCV+CZT8D6tCvKQku/ONAFGIdKCLpF9HXltUxkx3BpQWr
svz0xWjwLDIjllyIMKpZV3jkETnYVQI8pxicvFMXv4WL0yTp829GybVFoZsGjcrP
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:41:35 2024 by rpki-client on console-fra.rpki-client.org