Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/qfyYbP3Ce1T1umINqdqE7JnZv4M.roa
File: qfyYbP3Ce1T1umINqdqE7JnZv4M.roa (raw, json)
Hash identifier: GQQhEwDJWvhGtzEEmSADip1mOPtgvhOLSoL0EuTMWYY=
Subject key identifier: A9:FC:98:6C:FD:C2:7B:54:F5:BA:62:0D:A9:DA:84:EC:99:D9:BF:83
Certificate issuer: /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial: 018CCA2B78367C713902BBE97A4835F7A3B5
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/qfyYbP3Ce1T1umINqdqE7JnZv4M.roa
Signing time: Tue 02 Jan 2024 12:34:55 +0000
ROA not before: Tue 02 Jan 2024 12:34:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51155
IP address blocks: 46.227.38.0/23 maxlen: 23
178.19.176.0/20 maxlen: 20
46.227.36.0/23 maxlen: 23
2a02:26e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:78:36:7c:71:39:02:bb:e9:7a:48:35:f7:a3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Validity
Not Before: Jan 2 12:34:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9fc986cfdc27b54f5ba620da9da84ec99d9bf83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:bc:fd:d6:96:a2:26:1d:6e:22:b0:a4:e7:
13:87:7a:78:01:47:df:ab:12:17:e3:36:ac:39:60:
34:50:bd:40:25:2a:db:c5:57:0c:69:d1:72:84:7e:
86:12:8e:b0:a4:38:26:e2:84:09:13:b1:73:ae:9d:
cb:87:b9:18:93:db:34:8b:20:3e:87:5e:5d:98:03:
20:27:98:01:a2:10:1f:86:80:78:f9:64:c9:67:c1:
ed:0d:1e:1d:70:9d:1e:80:88:98:87:f3:12:94:13:
e0:76:82:a9:a4:44:a2:fb:55:83:30:5a:99:95:94:
47:35:ca:f4:ed:be:ce:dc:57:b1:70:cd:c4:e0:34:
c3:a5:08:f3:b1:70:b5:6a:65:a2:0f:8d:77:b3:e0:
22:da:c7:fd:41:b2:7c:c2:63:05:7c:88:62:df:96:
b9:27:cd:9c:f9:81:d2:a2:9c:ae:7e:4a:7c:e5:05:
c4:c3:a1:f9:b8:eb:24:96:8f:14:c2:e3:06:85:4e:
70:85:ae:d3:23:38:20:6f:c8:0c:fc:d0:c1:bf:a8:
46:b3:67:d3:c8:07:4b:9c:f7:3b:94:e7:69:19:a4:
2d:b5:70:7b:ee:68:7e:d3:b3:5b:38:50:75:0f:47:
d0:45:db:67:77:20:40:cb:0f:6d:93:c7:14:ee:b0:
98:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FC:98:6C:FD:C2:7B:54:F5:BA:62:0D:A9:DA:84:EC:99:D9:BF:83
X509v3 Authority Key Identifier:
keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/qfyYbP3Ce1T1umINqdqE7JnZv4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.36.0/22
178.19.176.0/20
IPv6:
2a02:26e8::/32
Signature Algorithm: sha256WithRSAEncryption
09:79:50:3a:0b:77:29:c9:bb:3f:36:4b:55:29:55:06:1f:48:
ec:e2:70:94:f4:9c:c4:12:9d:f5:b6:85:6a:8b:1b:13:6c:0a:
b4:9c:d3:61:e1:37:29:a0:d4:66:16:85:ea:22:73:82:ee:3a:
73:cb:90:24:66:e3:e9:67:74:c8:ea:ea:a1:fd:c3:c3:04:64:
73:99:ff:69:e3:76:24:6b:64:4e:b4:a9:eb:bc:cc:64:ec:f6:
ca:b3:50:50:50:69:df:df:c7:12:4e:25:c8:46:29:4c:d5:48:
a6:77:9a:34:46:b2:a1:35:2c:67:3e:07:42:c4:27:e1:14:2c:
6c:b3:25:66:5a:ce:08:d9:03:d9:dd:29:5b:42:66:91:8a:ed:
37:f2:ed:53:a3:9e:ce:72:1c:22:ff:e6:fb:ff:fa:d6:5e:2e:
6e:71:e0:bf:77:67:c5:aa:64:2f:f2:e2:22:72:c4:f5:ab:43:
c7:ed:24:b9:57:ac:89:ba:75:74:ac:c1:a9:35:80:d8:87:37:
19:0d:2e:42:a3:34:c7:b9:07:ad:86:22:f7:fb:9c:a8:25:6e:
ab:6d:f3:eb:ae:fc:6b:6d:05:64:b7:52:1e:5e:77:8b:82:fa:
5b:b2:c3:f4:1e:25:10:5e:56:31:ee:b3:14:ca:90:f6:55:d4:
45:0d:30:e7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKK3g2fHE5Arvpekg196O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjQwMTAyMTIzNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZjOTg2Y2ZkYzI3YjU0ZjViYTYyMGRhOWRhODRlYzk5ZDliZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiG8/daWoiYdbiKwpOcTh3p4AUff
qxIX4zasOWA0UL1AJSrbxVcMadFyhH6GEo6wpDgm4oQJE7Fzrp3Lh7kYk9s0iyA+
h15dmAMgJ5gBohAfhoB4+WTJZ8HtDR4dcJ0egIiYh/MSlBPgdoKppESi+1WDMFqZ
lZRHNcr07b7O3FexcM3E4DTDpQjzsXC1amWiD413s+Ai2sf9QbJ8wmMFfIhi35a5
J82c+YHSopyufkp85QXEw6H5uOsklo8UwuMGhU5wha7TIzggb8gM/NDBv6hGs2fT
yAdLnPc7lOdpGaQttXB77mh+07NbOFB1D0fQRdtndyBAyw9tk8cU7rCY7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKn8mGz9wntU9bpiDanahOyZ2b+DMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvcWZ5WWJQM0NlMVQxdW1JTnFkcUU3Sm5adjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLuMkAwQE
shOwMA0EAgACMAcDBQAqAiboMA0GCSqGSIb3DQEBCwUAA4IBAQAJeVA6C3cpybs/
NktVKVUGH0js4nCU9JzEEp31toVqixsTbAq0nNNh4TcpoNRmFoXqInOC7jpzy5Ak
ZuPpZ3TI6uqh/cPDBGRzmf9p43Yka2ROtKnrvMxk7PbKs1BQUGnf38cSTiXIRilM
1Uimd5o0RrKhNSxnPgdCxCfhFCxssyVmWs4I2QPZ3SlbQmaRiu038u1To57Ochwi
/+b7//rWXi5uceC/d2fFqmQv8uIicsT1q0PH7SS5V6yJunV0rMGpNYDYhzcZDS5C
ozTHuQethiL3+5yoJW6rbfPrrvxrbQVkt1IeXneLgvpbssP0HiUQXlYx7rMUypD2
VdRFDTDn
-----END CERTIFICATE-----
Generated at Sun May 19 06:50:22 2024 by rpki-client on console-fra.rpki-client.org