Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/QhlBb_l6bOBUzoYcRNBoDz8ljMM.roa
File: QhlBb_l6bOBUzoYcRNBoDz8ljMM.roa (raw, json)
Hash identifier: uwOBZ6GW+SAP9h9ZAylyeIG9t1I7HyJBnQfghXXSuGc=
Subject key identifier: 42:19:41:6F:F9:7A:6C:E0:54:CE:86:1C:44:D0:68:0F:3F:25:8C:C3
Certificate issuer: /CN=3b308e9be3a85b0f4901f35e7cf1fb759b49fee7
Certificate serial: 018CC50150AFFE26FFD4B3735B398625C88F
Authority key identifier: 3B:30:8E:9B:E3:A8:5B:0F:49:01:F3:5E:7C:F1:FB:75:9B:49:FE:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OzCOm-OoWw9JAfNefPH7dZtJ_uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/QhlBb_l6bOBUzoYcRNBoDz8ljMM.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 185.53.249.0/24 maxlen: 24
2a12:c8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/OzCOm-OoWw9JAfNefPH7dZtJ_uc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/OzCOm-OoWw9JAfNefPH7dZtJ_uc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OzCOm-OoWw9JAfNefPH7dZtJ_uc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:50:af:fe:26:ff:d4:b3:73:5b:39:86:25:c8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b308e9be3a85b0f4901f35e7cf1fb759b49fee7
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4219416ff97a6ce054ce861c44d0680f3f258cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c4:cb:11:22:3b:24:15:82:ed:6a:c8:92:91:
32:44:25:b9:0a:69:16:3d:a0:38:f4:90:fd:34:a3:
5c:a6:1f:f2:da:84:ae:45:4f:82:d4:3c:10:73:62:
f3:02:93:e2:c3:38:bb:28:d1:2d:d6:bf:b0:15:1d:
27:7c:59:2d:74:6a:1d:70:b4:ce:9b:1d:45:b5:5a:
16:40:8a:f7:7f:17:82:b2:17:41:d5:ee:ce:94:4f:
28:a7:d2:46:f2:ab:e1:40:8e:43:41:1c:cd:8c:e2:
fe:82:f6:42:88:88:be:ef:e1:04:a2:fb:6d:2d:a8:
f5:e6:40:01:e4:88:59:ec:37:74:8b:34:31:1d:3d:
8b:41:dc:e6:d1:41:8b:2b:96:57:50:15:35:95:3d:
5d:3f:ac:fb:45:60:75:1b:61:57:93:77:1f:fb:f8:
9e:d8:a3:34:13:51:7b:7a:3b:20:4c:a8:53:57:10:
de:94:10:c7:40:de:ce:a6:cc:20:be:a3:9f:39:c1:
2b:0f:e3:e2:49:99:d1:06:f7:ec:ed:37:ed:58:8a:
ac:ae:4d:13:49:2f:96:21:32:7b:1f:8b:20:38:53:
b6:74:81:a4:e1:be:72:db:9d:a1:e5:d5:b1:ed:a2:
64:b9:52:4d:b7:5d:9a:d8:c8:8e:39:45:f8:7e:99:
c7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:41:6F:F9:7A:6C:E0:54:CE:86:1C:44:D0:68:0F:3F:25:8C:C3
X509v3 Authority Key Identifier:
keyid:3B:30:8E:9B:E3:A8:5B:0F:49:01:F3:5E:7C:F1:FB:75:9B:49:FE:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OzCOm-OoWw9JAfNefPH7dZtJ_uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/QhlBb_l6bOBUzoYcRNBoDz8ljMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/14a46d-2d92-4e75-88da-1f9d8e236e25/1/OzCOm-OoWw9JAfNefPH7dZtJ_uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.249.0/24
IPv6:
2a12:c8c0::/29
Signature Algorithm: sha256WithRSAEncryption
94:4c:4e:b1:02:d5:c1:21:db:58:36:65:eb:d2:31:a3:3a:cd:
0d:9e:c1:74:ca:94:09:89:ca:57:bf:70:00:1e:15:db:50:9b:
0e:c5:26:a0:c5:c9:55:65:3a:dc:e4:95:51:58:d1:c6:59:66:
a6:c0:96:bc:28:38:d5:f2:83:b8:38:d2:e4:73:ba:ea:c9:66:
fc:e4:30:21:50:3b:d5:bc:a7:1f:a2:6d:85:6e:61:ec:74:77:
29:66:ac:e9:96:47:22:53:dd:64:23:9e:53:42:97:80:b7:f4:
e0:20:b5:a0:9b:96:0b:77:83:e6:88:62:a6:d4:2d:dd:2a:b6:
92:93:22:d1:dc:61:7c:30:0f:aa:a6:da:31:31:6e:75:2c:3a:
2c:44:1a:b4:ab:29:19:d3:46:aa:c0:d5:3b:93:15:3d:ab:69:
16:28:91:7e:71:e0:a1:e4:92:32:6c:ce:4d:aa:6b:b5:d2:a7:
d6:70:b4:9a:d9:92:c5:2c:30:66:03:f6:2f:97:93:a2:92:39:
38:25:50:a7:50:15:b5:68:d1:25:ff:89:0d:2d:8c:5d:53:c0:
fa:1b:92:72:74:8f:4c:68:0d:32:9e:ca:02:03:ba:e9:6e:c7:
0c:c0:e2:d0:65:38:15:6e:b5:45:e8:0f:d8:59:2f:30:7b:4c:
23:62:68:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAVCv/ib/1LNzWzmGJciPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMzA4ZTliZTNhODViMGY0OTAxZjM1ZTdjZjFmYjc1OWI0
OWZlZTcwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE5NDE2ZmY5N2E2Y2UwNTRjZTg2MWM0NGQwNjgwZjNmMjU4Y2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MTLESI7JBWC7WrIkpEyRCW5CmkW
PaA49JD9NKNcph/y2oSuRU+C1DwQc2LzApPiwzi7KNEt1r+wFR0nfFktdGodcLTO
mx1FtVoWQIr3fxeCshdB1e7OlE8op9JG8qvhQI5DQRzNjOL+gvZCiIi+7+EEovtt
Laj15kAB5IhZ7Dd0izQxHT2LQdzm0UGLK5ZXUBU1lT1dP6z7RWB1G2FXk3cf+/ie
2KM0E1F7ejsgTKhTVxDelBDHQN7OpswgvqOfOcErD+PiSZnRBvfs7TftWIqsrk0T
SS+WITJ7H4sgOFO2dIGk4b5y252h5dWx7aJkuVJNt12a2MiOOUX4fpnH9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEIZQW/5emzgVM6GHETQaA8/JYzDMB8GA1UdIwQY
MBaAFDswjpvjqFsPSQHzXnzx+3WbSf7nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pDT20tT29XdzlKQWZOZWZQSDdkWnRKX3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xNGE0NmQtMmQ5Mi00ZTc1LTg4ZGEt
MWY5ZDhlMjM2ZTI1LzEvUWhsQmJfbDZiT0JVem9ZY1JOQm9Eejhsak1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xNGE0NmQtMmQ5Mi00ZTc1LTg4ZGEtMWY5ZDhlMjM2ZTI1
LzEvT3pDT20tT29XdzlKQWZOZWZQSDdkWnRKX3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTX5MA0E
AgACMAcDBQMqEsjAMA0GCSqGSIb3DQEBCwUAA4IBAQCUTE6xAtXBIdtYNmXr0jGj
Os0NnsF0ypQJicpXv3AAHhXbUJsOxSagxclVZTrc5JVRWNHGWWamwJa8KDjV8oO4
ONLkc7rqyWb85DAhUDvVvKcfom2FbmHsdHcpZqzplkciU91kI55TQpeAt/TgILWg
m5YLd4PmiGKm1C3dKraSkyLR3GF8MA+qptoxMW51LDosRBq0qykZ00aqwNU7kxU9
q2kWKJF+ceCh5JIybM5Nqmu10qfWcLSa2ZLFLDBmA/Yvl5Oikjk4JVCnUBW1aNEl
/4kNLYxdU8D6G5JydI9MaA0ynsoCA7rpbscMwOLQZTgVbrVF6A/YWS8we0wjYmim
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:32:50 2024 by rpki-client on console-ams.rpki-client.org