Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/QZRucCSbFqAcGRancdqbBob7PC8.roa
File: QZRucCSbFqAcGRancdqbBob7PC8.roa (raw, json)
Hash identifier: oJuFuLUDlnU8/+dmmePeO0ES/5VJBfH1daLRomIot8E=
Subject key identifier: 41:94:6E:70:24:9B:16:A0:1C:19:16:A7:71:DA:9B:06:86:FB:3C:2F
Certificate issuer: /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Certificate serial: 0193448CC9DE600024A9124A6825529932E2
Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/QZRucCSbFqAcGRancdqbBob7PC8.roa
Signing time: Tue 19 Nov 2024 13:11:37 +0000
ROA not before: Tue 19 Nov 2024 13:11:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33924
IP address blocks: 84.20.64.0/19 maxlen: 19
84.20.64.0/20 maxlen: 20
84.20.64.0/21 maxlen: 21
84.20.64.0/22 maxlen: 22
84.20.64.0/24 maxlen: 24
84.20.65.0/24 maxlen: 24
84.20.66.0/24 maxlen: 24
84.20.67.0/24 maxlen: 24
84.20.68.0/22 maxlen: 22
84.20.68.0/24 maxlen: 24
84.20.69.0/24 maxlen: 24
84.20.70.0/24 maxlen: 24
84.20.71.0/24 maxlen: 24
84.20.72.0/22 maxlen: 22
84.20.72.0/24 maxlen: 24
84.20.73.0/24 maxlen: 24
84.20.74.0/24 maxlen: 24
84.20.75.0/24 maxlen: 24
84.20.76.0/22 maxlen: 22
84.20.76.0/23 maxlen: 23
84.20.76.0/24 maxlen: 24
84.20.77.0/24 maxlen: 24
84.20.78.0/23 maxlen: 23
84.20.78.0/24 maxlen: 24
84.20.79.0/24 maxlen: 24
84.20.80.0/21 maxlen: 21
84.20.80.0/22 maxlen: 22
84.20.80.0/24 maxlen: 24
84.20.81.0/24 maxlen: 24
84.20.82.0/24 maxlen: 24
84.20.83.0/24 maxlen: 24
84.20.84.0/22 maxlen: 22
84.20.84.0/24 maxlen: 24
84.20.85.0/24 maxlen: 24
84.20.86.0/24 maxlen: 24
84.20.87.0/24 maxlen: 24
84.20.88.0/22 maxlen: 22
84.20.88.0/23 maxlen: 23
84.20.88.0/24 maxlen: 24
84.20.89.0/24 maxlen: 24
84.20.90.0/24 maxlen: 24
84.20.91.0/24 maxlen: 24
84.20.92.0/24 maxlen: 24
84.20.95.0/24 maxlen: 24
2a00:6b80::/29 maxlen: 29
2a00:6b80::/32 maxlen: 32
2a00:6b81::/32 maxlen: 32
2a00:6b82::/32 maxlen: 32
2a00:6b83::/32 maxlen: 32
2a00:6b84::/32 maxlen: 32
2a00:6b85::/32 maxlen: 32
2a00:6b86::/32 maxlen: 32
2a00:6b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:8c:c9:de:60:00:24:a9:12:4a:68:25:52:99:32:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Validity
Not Before: Nov 19 13:11:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41946e70249b16a01c1916a771da9b0686fb3c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:82:67:4f:02:2d:e3:17:3f:ca:d6:d8:f5:79:
a1:2a:c8:28:f4:27:2a:c2:1d:e6:1c:1b:f0:9c:02:
80:59:78:b1:a1:b2:23:5e:52:d7:bb:55:0f:87:f5:
df:1d:ba:d2:d8:60:db:02:7b:47:d1:1c:bc:bc:88:
f9:56:dd:c2:da:7e:4d:53:66:5b:93:d8:ad:81:6d:
c4:80:15:ee:df:9f:6d:4e:3b:65:c4:31:18:ce:a6:
3b:c7:8d:22:1a:62:84:23:74:fc:fd:ce:3f:20:24:
e4:a8:3b:2b:17:1b:6e:f9:92:6a:5b:a5:2a:fc:ae:
5d:d6:3f:78:7e:24:13:f9:e4:c9:b5:a4:99:87:93:
05:ba:da:da:2b:5f:07:23:73:75:85:9f:a3:ef:50:
8f:02:fb:46:bf:ee:ec:4f:50:a6:f6:7d:d7:84:55:
61:4f:6c:cb:e1:dc:af:6e:f1:ee:df:88:81:1b:9c:
02:2f:00:d7:9b:c5:f5:56:70:20:f3:91:e7:11:ae:
d8:e9:3a:2b:91:ba:54:7e:af:0f:1e:e5:91:e4:9a:
b5:d3:71:2f:78:5d:6c:e8:dd:ee:82:bc:1b:b3:69:
47:cb:df:e8:ec:5a:f8:89:e3:f6:42:43:30:bd:18:
ea:87:7f:f0:4c:d1:c6:2a:53:38:41:67:1f:67:e8:
62:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:94:6E:70:24:9B:16:A0:1C:19:16:A7:71:DA:9B:06:86:FB:3C:2F
X509v3 Authority Key Identifier:
keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/QZRucCSbFqAcGRancdqbBob7PC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.64.0/19
IPv6:
2a00:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
96:32:15:21:76:69:8d:ad:d1:8b:22:7e:4f:54:58:d7:df:af:
26:fa:8f:97:44:27:d2:b3:73:95:84:5d:5a:ef:50:0f:bb:a8:
b2:00:ad:ae:7a:9e:25:79:98:10:c6:c4:49:0e:28:f2:d7:19:
5a:99:62:79:35:cb:4f:77:db:62:75:e2:18:0c:6f:4d:a2:11:
c7:10:e0:bb:84:6e:3a:4f:93:b6:38:ab:be:9f:9e:be:5f:2b:
d9:99:a9:3f:c3:3a:5e:51:f4:8e:77:dc:f8:11:bf:28:0e:5e:
b3:5a:0e:e6:4c:47:46:67:a3:08:e1:9e:5d:81:e8:d6:1a:e0:
4d:48:9f:20:8b:7a:06:78:84:d7:0c:d4:9a:f4:8a:8a:da:f9:
09:c9:e1:ca:ba:40:dc:48:fd:58:e2:ca:a6:3a:da:e0:e9:e1:
89:32:21:e8:bf:ff:7e:bf:7f:9f:02:f6:30:10:91:2e:21:ed:
58:8c:67:f1:17:c2:ee:a6:68:ad:64:39:01:f2:44:41:68:7e:
63:08:fd:90:4c:a9:5e:cf:d3:d2:1e:83:28:6a:3e:b5:ba:2c:
e3:f4:88:b1:72:5f:75:6f:63:87:b8:62:15:02:aa:3d:04:2e:
91:12:3c:3d:fb:8b:74:14:31:7c:a5:f6:22:38:aa:90:2d:35:
c9:97:ed:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNEjMneYAAkqRJKaCVSmTLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTA5ZGVlNmZiZGMyNTZkZjkxMTQ2MGNjYzkxNWQwNjZh
OGZmOGIwHhcNMjQxMTE5MTMxMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk0NmU3MDI0OWIxNmEwMWMxOTE2YTc3MWRhOWIwNjg2ZmIzYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04JnTwIt4xc/ytbY9XmhKsgo9Ccq
wh3mHBvwnAKAWXixobIjXlLXu1UPh/XfHbrS2GDbAntH0Ry8vIj5Vt3C2n5NU2Zb
k9itgW3EgBXu359tTjtlxDEYzqY7x40iGmKEI3T8/c4/ICTkqDsrFxtu+ZJqW6Uq
/K5d1j94fiQT+eTJtaSZh5MFutraK18HI3N1hZ+j71CPAvtGv+7sT1Cm9n3XhFVh
T2zL4dyvbvHu34iBG5wCLwDXm8X1VnAg85HnEa7Y6TorkbpUfq8PHuWR5Jq103Ev
eF1s6N3ugrwbs2lHy9/o7Fr4ieP2QkMwvRjqh3/wTNHGKlM4QWcfZ+hiYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEGUbnAkmxagHBkWp3HamwaG+zwvMB8GA1UdIwQY
MBaAFK0Qne5vvcJW35EUYMzJFdBmqP+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYt
ZjY2MjZiNjMzODNlLzEvUVpSdWNDU2JGcUFjR1JhbmNkcWJCb2I3UEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYtZjY2MjZiNjMzODNl
LzEvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVBRAMA0E
AgACMAcDBQMqAGuAMA0GCSqGSIb3DQEBCwUAA4IBAQCWMhUhdmmNrdGLIn5PVFjX
368m+o+XRCfSs3OVhF1a71APu6iyAK2uep4leZgQxsRJDijy1xlamWJ5NctPd9ti
deIYDG9NohHHEOC7hG46T5O2OKu+n56+XyvZmak/wzpeUfSOd9z4Eb8oDl6zWg7m
TEdGZ6MI4Z5dgejWGuBNSJ8gi3oGeITXDNSa9IqK2vkJyeHKukDcSP1Y4sqmOtrg
6eGJMiHov/9+v3+fAvYwEJEuIe1YjGfxF8LupmitZDkB8kRBaH5jCP2QTKlez9PS
HoMoaj61uizj9Iixcl91b2OHuGIVAqo9BC6REjw9+4t0FDF8pfYiOKqQLTXJl+2H
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:31 2024 by rpki-client on console-fra.rpki-client.org