Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/qN8o3IaNFTZur7cVig0KjamPjwE.roa
File: qN8o3IaNFTZur7cVig0KjamPjwE.roa (raw, json)
Hash identifier: bzN1z/nhzgOapnium5TvOHV1rD921wojnrwhjuLMRm4=
Subject key identifier: A8:DF:28:DC:86:8D:15:36:6E:AF:B7:15:8A:0D:0A:8D:A9:8F:8F:01
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 01904F625F302948A91501E9B82C19083D4D
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/qN8o3IaNFTZur7cVig0KjamPjwE.roa
Signing time: Tue 25 Jun 2024 12:32:45 +0000
ROA not before: Tue 25 Jun 2024 12:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396595
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:62:5f:30:29:48:a9:15:01:e9:b8:2c:19:08:3d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jun 25 12:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8df28dc868d15366eafb7158a0d0a8da98f8f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:13:4d:13:1c:a6:bd:f6:a6:3e:58:df:a3:75:
83:f6:bf:77:37:02:19:d1:58:2b:a9:a2:5e:e4:5e:
5e:34:e7:8f:30:2f:f3:ba:ab:b3:d9:39:a2:d3:4b:
5d:d2:92:e5:a9:e1:d3:5d:c8:78:b7:e1:1f:da:96:
58:0a:69:d4:f5:a9:5e:3e:b9:3d:0a:ff:aa:75:f7:
96:2f:63:37:0a:ec:d0:57:06:e4:34:11:34:5f:c9:
9f:4f:4c:00:73:fe:85:4f:e3:55:0d:67:5f:47:22:
46:f4:51:60:2a:9a:ba:2d:08:60:37:87:c5:a2:eb:
66:d6:67:12:cf:89:cf:91:e9:03:bb:6b:c1:7d:d6:
6c:62:5a:4e:3c:ee:af:ea:67:8d:c5:9f:94:74:af:
24:d3:ee:78:f1:34:48:e8:ee:52:75:f9:a2:d4:26:
23:9e:03:71:c5:12:8b:eb:38:c1:81:2b:1b:0d:c7:
a8:b2:87:5a:cc:30:3c:f0:ee:bf:86:68:f4:8b:6e:
66:6b:3a:fb:53:2c:bb:26:1f:22:b3:f5:64:22:df:
9f:b7:1a:6d:43:c6:6a:83:9c:3b:c4:c6:21:13:f9:
24:6d:12:32:79:a5:3b:cf:a3:e2:7e:da:6a:a1:40:
b1:b6:b3:be:14:97:0f:40:0d:39:33:5f:e3:02:be:
6d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:28:DC:86:8D:15:36:6E:AF:B7:15:8A:0D:0A:8D:A9:8F:8F:01
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/qN8o3IaNFTZur7cVig0KjamPjwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
Signature Algorithm: sha256WithRSAEncryption
70:b1:bb:a1:50:fd:e3:c1:5e:62:ad:e4:a0:fb:a0:5b:e0:0c:
0a:df:15:83:3f:b5:0c:9d:91:b7:17:b0:2a:d1:04:98:dc:f0:
6d:6d:cf:a1:d2:04:a3:6b:13:ed:08:b7:2c:66:0c:05:cd:13:
21:e7:bd:0b:76:40:31:ef:37:9c:ec:9f:40:e7:4a:8a:98:30:
fb:d8:ef:6b:ea:af:b0:3f:9c:d3:ee:74:4d:b9:d2:73:5c:01:
c6:bc:68:65:ff:db:d6:37:13:4d:fd:6b:26:db:8e:85:c0:c1:
e4:5b:10:59:a3:be:88:68:02:92:58:16:f6:cf:ab:45:b0:b5:
6f:f3:88:0a:13:e5:59:0e:17:66:dd:0d:a0:80:58:c9:85:45:
73:b4:8e:ed:1c:35:26:df:1c:96:d5:69:c9:4f:bc:2f:c9:b9:
84:e4:76:b3:e1:09:88:ce:e1:9e:ad:84:b3:09:4c:0a:48:d1:
be:18:2e:51:d8:79:df:a1:e6:ee:6d:8b:0e:56:a3:e1:79:dd:
18:bf:1a:42:32:f1:1c:80:ae:45:c3:16:3c:cd:a4:ff:e6:19:
b8:3e:59:13:6b:8f:ad:72:09:f2:f0:8d:8d:c3:a8:0c:f3:54:
94:87:51:70:02:1b:f6:01:e8:ae:2c:bb:f0:39:56:6c:6a:c1:
db:b4:d8:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBPYl8wKUipFQHpuCwZCD1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwNjI1MTIzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRmMjhkYzg2OGQxNTM2NmVhZmI3MTU4YTBkMGE4ZGE5OGY4ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hNNExymvfamPljfo3WD9r93NwIZ
0VgrqaJe5F5eNOePMC/zuquz2Tmi00td0pLlqeHTXch4t+Ef2pZYCmnU9alePrk9
Cv+qdfeWL2M3CuzQVwbkNBE0X8mfT0wAc/6FT+NVDWdfRyJG9FFgKpq6LQhgN4fF
outm1mcSz4nPkekDu2vBfdZsYlpOPO6v6meNxZ+UdK8k0+548TRI6O5Sdfmi1CYj
ngNxxRKL6zjBgSsbDceosodazDA88O6/hmj0i25mazr7Uyy7Jh8is/VkIt+ftxpt
Q8Zqg5w7xMYhE/kkbRIyeaU7z6PiftpqoUCxtrO+FJcPQA05M1/jAr5tmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKjfKNyGjRU2bq+3FYoNCo2pj48BMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcU44bzNJYU5GVFp1cjdjVmlnMEtqYW1QandFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUBURPDHjAN
BgkqhkiG9w0BAQsFAAOCAQEAcLG7oVD948FeYq3koPugW+AMCt8Vgz+1DJ2Rtxew
KtEEmNzwbW3PodIEo2sT7Qi3LGYMBc0TIee9C3ZAMe83nOyfQOdKipgw+9jva+qv
sD+c0+50TbnSc1wBxrxoZf/b1jcTTf1rJtuOhcDB5FsQWaO+iGgCklgW9s+rRbC1
b/OIChPlWQ4XZt0NoIBYyYVFc7SO7Rw1Jt8cltVpyU+8L8m5hOR2s+EJiM7hnq2E
swlMCkjRvhguUdh536Hm7m2LDlaj4XndGL8aQjLxHICuRcMWPM2k/+YZuD5ZE2uP
rXIJ8vCNjcOoDPNUlIdRcAIb9gHoriy78DlWbGrB27TYHw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:47:18 2024 by rpki-client on console-ams.rpki-client.org