Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/QBOzbcmhgix3Y9qdGoRrRkaT240.roa
File: QBOzbcmhgix3Y9qdGoRrRkaT240.roa (raw, json)
Hash identifier: x/ZH1IQtZ3qGQeu7P5P99pSYnaFZbJjIigAlZX+2o+0=
Subject key identifier: 40:13:B3:6D:C9:A1:82:2C:77:63:DA:9D:1A:84:6B:46:46:93:DB:8D
Certificate issuer: /CN=63e2caa7e18af2dfbdb3a6269da2e06dedcb6cf0
Certificate serial: 018CC9BC6457F0B41DBC97D9975DF52302C8
Authority key identifier: 63:E2:CA:A7:E1:8A:F2:DF:BD:B3:A6:26:9D:A2:E0:6D:ED:CB:6C:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/QBOzbcmhgix3Y9qdGoRrRkaT240.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44882
IP address blocks: 109.230.160.0/21 maxlen: 21
109.230.176.0/20 maxlen: 20
109.230.128.0/19 maxlen: 19
2a01:98c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:64:57:f0:b4:1d:bc:97:d9:97:5d:f5:23:02:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e2caa7e18af2dfbdb3a6269da2e06dedcb6cf0
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4013b36dc9a1822c7763da9d1a846b464693db8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:65:aa:f0:2c:07:83:40:06:e6:de:b9:39:22:
d5:05:d5:57:30:63:66:0c:30:2b:7e:6b:6a:60:09:
95:ba:c4:d5:db:78:23:8a:25:70:cb:dc:d9:b0:b9:
81:ef:36:f5:02:fd:9e:ad:1c:13:eb:43:47:33:89:
27:a4:7e:73:01:14:3d:fd:15:26:7e:9f:ca:e1:2c:
94:a2:68:70:7f:d0:7b:3c:dd:07:1f:ed:e4:76:2b:
c1:bf:9c:0a:c3:5f:5d:a4:b2:ea:f3:0f:0e:54:0a:
37:67:cc:c9:0a:c3:c3:66:05:b2:b0:3a:1b:57:51:
3e:92:e7:39:e3:91:f2:16:a7:b9:ea:8f:e1:61:ea:
54:4b:e0:75:3f:8c:f9:f3:2f:e5:74:ef:74:f1:a5:
cb:4d:9d:b0:08:4d:c9:c8:7b:0c:38:ad:60:cd:0c:
85:ef:20:43:45:2d:f4:69:98:72:5e:78:c0:6f:a1:
e4:aa:54:cf:51:2b:d5:0a:86:26:c2:08:8c:e9:c2:
e1:b4:a5:70:99:c9:6c:68:96:c9:2f:b6:45:19:94:
66:ba:5c:64:db:9a:c0:6a:12:fb:52:4d:fb:bc:23:
44:bb:fa:e6:ad:a3:3d:9c:91:f9:c9:a8:a7:4e:0c:
b7:d0:6a:1f:eb:32:d4:ef:a3:35:d6:65:a9:a7:7c:
72:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:13:B3:6D:C9:A1:82:2C:77:63:DA:9D:1A:84:6B:46:46:93:DB:8D
X509v3 Authority Key Identifier:
keyid:63:E2:CA:A7:E1:8A:F2:DF:BD:B3:A6:26:9D:A2:E0:6D:ED:CB:6C:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/QBOzbcmhgix3Y9qdGoRrRkaT240.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/099705-4a3b-4a68-b6bd-538af1017509/1/Y-LKp-GK8t-9s6YmnaLgbe3LbPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.230.128.0-109.230.167.255
109.230.176.0/20
IPv6:
2a01:98c0::/48
Signature Algorithm: sha256WithRSAEncryption
25:8b:c6:d0:69:a7:7e:d9:fb:d6:31:15:08:7d:53:67:44:84:
c7:2f:dd:a5:be:52:ba:04:00:ec:58:2e:e0:c0:43:28:62:21:
84:6f:7d:d1:44:ac:81:39:44:61:f4:be:92:2b:8d:12:35:0f:
f1:24:a4:f2:44:59:48:ab:9a:cf:19:86:31:33:ef:c0:60:4e:
78:91:96:78:b7:2f:6e:bc:01:f2:24:68:60:3d:2f:4a:8e:e1:
37:47:3c:9c:1f:fc:21:e0:4a:26:0d:d0:ee:fc:24:30:f4:9f:
58:e4:00:c8:12:89:7d:93:d0:9e:de:6f:64:b6:99:e8:bb:44:
9d:75:19:6b:09:37:ea:d0:c7:a8:d1:07:66:aa:24:8e:f8:ea:
29:9f:7a:59:ef:30:08:ac:17:36:bf:a3:0d:73:bf:15:74:d3:
22:18:83:71:c1:9d:1e:3d:89:55:d7:f3:bb:04:4c:7c:c7:82:
8e:10:14:92:ed:10:1e:7a:5e:c6:16:6e:85:62:97:6c:ef:b1:
b5:81:69:73:f0:f2:90:a6:cb:9f:2e:bb:8b:84:be:10:75:61:
64:fc:1d:a5:7b:78:fd:d1:14:37:d9:37:08:44:39:13:91:b4:
ee:d2:f6:5c:9c:47:c9:4b:2c:21:0a:ea:01:53:e1:ad:53:41:
4a:14:0d:5a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzJvGRX8LQdvJfZl131IwLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTJjYWE3ZTE4YWYyZGZiZGIzYTYyNjlkYTJlMDZkZWRj
YjZjZjAwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDEzYjM2ZGM5YTE4MjJjNzc2M2RhOWQxYTg0NmI0NjQ2OTNkYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WWq8CwHg0AG5t65OSLVBdVXMGNm
DDArfmtqYAmVusTV23gjiiVwy9zZsLmB7zb1Av2erRwT60NHM4knpH5zARQ9/RUm
fp/K4SyUomhwf9B7PN0HH+3kdivBv5wKw19dpLLq8w8OVAo3Z8zJCsPDZgWysDob
V1E+kuc545HyFqe56o/hYepUS+B1P4z58y/ldO908aXLTZ2wCE3JyHsMOK1gzQyF
7yBDRS30aZhyXnjAb6HkqlTPUSvVCoYmwgiM6cLhtKVwmclsaJbJL7ZFGZRmulxk
25rAahL7Uk37vCNEu/rmraM9nJH5yainTgy30Gof6zLU76M11mWpp3xymwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEATs23JoYIsd2PanRqEa0ZGk9uNMB8GA1UdIwQY
MBaAFGPiyqfhivLfvbOmJp2i4G3ty2zwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1MS3AtR0s4dC05czZZbW5hTGdiZTNMYlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8wOTk3MDUtNGEzYi00YTY4LWI2YmQt
NTM4YWYxMDE3NTA5LzEvUUJPemJjbWhnaXgzWTlxZEdvUnJSa2FUMjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8wOTk3MDUtNGEzYi00YTY4LWI2YmQtNTM4YWYxMDE3NTA5
LzEvWS1MS3AtR0s4dC05czZZbW5hTGdiZTNMYlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAdt5oAD
BANt5qADBARt5rAwDwQCAAIwCQMHACoBmMAAADANBgkqhkiG9w0BAQsFAAOCAQEA
JYvG0Gmnftn71jEVCH1TZ0SExy/dpb5SugQA7Fgu4MBDKGIhhG990USsgTlEYfS+
kiuNEjUP8SSk8kRZSKuazxmGMTPvwGBOeJGWeLcvbrwB8iRoYD0vSo7hN0c8nB/8
IeBKJg3Q7vwkMPSfWOQAyBKJfZPQnt5vZLaZ6LtEnXUZawk36tDHqNEHZqokjvjq
KZ96We8wCKwXNr+jDXO/FXTTIhiDccGdHj2JVdfzuwRMfMeCjhAUku0QHnpexhZu
hWKXbO+xtYFpc/DykKbLny67i4S+EHVhZPwdpXt4/dEUN9k3CEQ5E5G07tL2XJxH
yUssIQrqAVPhrVNBShQNWg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:53:21 2024 by rpki-client on console-fra.rpki-client.org