Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QjyeyQ3e1yohcl6NvFfFTsixoE4.roa
File: QjyeyQ3e1yohcl6NvFfFTsixoE4.roa (raw, json)
Hash identifier: 0tkJQ5RKAkikldLsqSLQdHtwgb6OAOgBzpWukbjl4SM=
Subject key identifier: 42:3C:9E:C9:0D:DE:D7:2A:21:72:5E:8D:BC:57:C5:4E:C8:B1:A0:4E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802EB11DE91BCDC20C5E7E1E7890E13
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QjyeyQ3e1yohcl6NvFfFTsixoE4.roa
Signing time: Tue 02 Jan 2024 02:31:23 +0000
ROA not before: Tue 02 Jan 2024 02:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41884
IP address blocks: 192.121.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:eb:11:de:91:bc:dc:20:c5:e7:e1:e7:89:0e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=423c9ec90dded72a21725e8dbc57c54ec8b1a04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:c7:32:f3:a6:e7:72:7f:33:9e:39:fc:1b:
4b:79:b8:8b:3c:74:e6:74:29:f5:db:1f:3d:f1:bd:
02:e3:93:a2:29:b1:67:fe:ee:5e:21:1e:91:84:64:
39:39:fe:3c:71:d0:9d:44:2a:58:12:03:2f:b8:8b:
92:d0:a7:f4:24:51:8f:f4:83:d8:8f:54:74:5a:2f:
bb:42:44:48:be:91:71:f4:95:f1:a0:0c:e3:a6:e0:
aa:ef:9b:5c:68:d6:5f:c4:be:1f:8c:a6:53:e9:63:
04:59:5c:07:89:d4:46:3f:77:99:d5:4a:4a:29:f7:
a8:24:5a:b3:92:80:e6:1d:67:a1:40:32:f1:a5:fa:
c6:d6:b2:1a:bf:bd:14:1e:ae:82:b9:26:b6:01:92:
b5:83:8b:3d:8c:b3:b4:b3:41:5a:54:85:78:3d:0a:
87:61:0e:fc:d6:96:fe:19:1e:d8:68:94:75:ed:41:
3c:61:fe:13:4e:a8:fc:3e:36:13:0c:4b:a4:32:51:
90:6c:94:01:60:ca:67:b7:b1:69:ee:39:09:92:a1:
3f:84:8d:16:aa:e5:1d:10:97:6e:18:01:ba:e6:22:
1c:ec:ce:53:cb:a5:a2:d2:3c:61:7f:79:06:9b:84:
80:67:34:4a:b8:30:ce:a8:c9:c4:01:e6:7e:29:d1:
68:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3C:9E:C9:0D:DE:D7:2A:21:72:5E:8D:BC:57:C5:4E:C8:B1:A0:4E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QjyeyQ3e1yohcl6NvFfFTsixoE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.218.0/24
Signature Algorithm: sha256WithRSAEncryption
28:83:aa:b6:d9:1a:a6:3b:42:f1:46:9e:78:2a:2a:c9:9d:0d:
6c:f0:42:93:dd:d0:82:b7:07:2d:f4:df:30:d3:d2:d1:c9:b1:
a9:11:6f:a2:d6:8b:bc:01:4f:42:8c:4e:21:8b:7c:0d:8a:e6:
8b:f7:7d:72:94:6d:cb:6a:e7:15:4b:cf:a8:49:9f:b5:2b:43:
20:46:95:a0:bf:ea:48:f4:99:7b:60:c9:48:53:c2:ef:2c:92:
78:d7:90:60:99:48:e2:79:05:8f:2c:0c:db:68:9d:80:cb:6f:
d4:8c:99:7d:c3:24:39:f0:3a:ca:06:d8:fa:0c:a7:11:51:83:
a5:15:70:29:ef:12:e3:5c:06:b6:44:fc:5d:4a:8d:49:48:cc:
5e:b2:61:2d:37:10:56:9f:dc:5f:ed:6b:e2:7e:4a:0c:2d:e7:
8b:72:bc:f6:ed:e2:e6:f0:64:0a:c7:c1:95:cd:40:99:c2:87:
3f:49:fb:f4:d2:e2:6d:d0:2d:23:2d:f5:b2:7f:ac:fa:93:6a:
b6:9d:5d:51:e2:15:e2:94:52:e2:73:fa:1f:ea:f4:05:eb:5d:
51:55:d7:4b:bc:e2:14:f8:e4:13:37:1d:a6:f6:49:d2:45:fc:
16:87:3f:1c:39:f5:01:09:82:24:27:7d:6e:8d:89:0e:1f:5e:
17:91:2c:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAusR3pG83CDF5+HniQ4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNjOWVjOTBkZGVkNzJhMjE3MjVlOGRiYzU3YzU0ZWM4YjFhMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28zHMvOm53J/M545/BtLebiLPHTm
dCn12x898b0C45OiKbFn/u5eIR6RhGQ5Of48cdCdRCpYEgMvuIuS0Kf0JFGP9IPY
j1R0Wi+7QkRIvpFx9JXxoAzjpuCq75tcaNZfxL4fjKZT6WMEWVwHidRGP3eZ1UpK
KfeoJFqzkoDmHWehQDLxpfrG1rIav70UHq6CuSa2AZK1g4s9jLO0s0FaVIV4PQqH
YQ781pb+GR7YaJR17UE8Yf4TTqj8PjYTDEukMlGQbJQBYMpnt7Fp7jkJkqE/hI0W
quUdEJduGAG65iIc7M5Ty6Wi0jxhf3kGm4SAZzRKuDDOqMnEAeZ+KdFo1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI8nskN3tcqIXJejbxXxU7IsaBOMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUWp5ZXlRM2UxeW9oY2w2TnZGZkZUc2l4b0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHnaMA0G
CSqGSIb3DQEBCwUAA4IBAQAog6q22RqmO0LxRp54KirJnQ1s8EKT3dCCtwct9N8w
09LRybGpEW+i1ou8AU9CjE4hi3wNiuaL931ylG3LaucVS8+oSZ+1K0MgRpWgv+pI
9Jl7YMlIU8LvLJJ415BgmUjieQWPLAzbaJ2Ay2/UjJl9wyQ58DrKBtj6DKcRUYOl
FXAp7xLjXAa2RPxdSo1JSMxesmEtNxBWn9xf7WvifkoMLeeLcrz27eLm8GQKx8GV
zUCZwoc/Sfv00uJt0C0jLfWyf6z6k2q2nV1R4hXilFLic/of6vQF611RVddLvOIU
+OQTNx2m9knSRfwWhz8cOfUBCYIkJ31ujYkOH14XkSxz
-----END CERTIFICATE-----
Generated at Sat May 25 08:58:37 2024 by rpki-client on console-ams.rpki-client.org