Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/KQI8dRLirQatqsxjgc3mS1BCCIs.roa
File: KQI8dRLirQatqsxjgc3mS1BCCIs.roa (raw, json)
Hash identifier: qxBIfgIFeYVVup/miZjV1QuETPdRYzT74jCv5RpDkrg=
Subject key identifier: 29:02:3C:75:12:E2:AD:06:AD:AA:CC:63:81:CD:E6:4B:50:42:08:8B
Certificate issuer: /CN=f4de891474b4befd3eb2150b54759d6bed664196
Certificate serial: 018D5FAB03EA76EFA833CE5B5EAC5B91DF43
Authority key identifier: F4:DE:89:14:74:B4:BE:FD:3E:B2:15:0B:54:75:9D:6B:ED:66:41:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9N6JFHS0vv0-shULVHWda-1mQZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/KQI8dRLirQatqsxjgc3mS1BCCIs.roa
Signing time: Wed 31 Jan 2024 13:17:39 +0000
ROA not before: Wed 31 Jan 2024 13:17:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202798
IP address blocks: 2001:67c:db8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/9N6JFHS0vv0-shULVHWda-1mQZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/9N6JFHS0vv0-shULVHWda-1mQZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9N6JFHS0vv0-shULVHWda-1mQZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:ab:03:ea:76:ef:a8:33:ce:5b:5e:ac:5b:91:df:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4de891474b4befd3eb2150b54759d6bed664196
Validity
Not Before: Jan 31 13:17:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29023c7512e2ad06adaacc6381cde64b5042088b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:bc:27:77:9c:ef:f1:9c:e0:94:4b:46:3a:
26:25:3e:45:4a:3d:83:8f:cf:c0:2e:b8:c3:ea:e6:
e8:f1:cc:43:d6:51:0e:88:68:dd:c2:95:9d:13:66:
cd:4b:da:f5:71:31:7b:11:3a:9d:b9:83:a5:cf:b4:
74:e3:53:97:c6:de:60:b4:2b:27:30:eb:23:e1:9e:
a8:50:8b:69:a1:a6:0e:0c:db:42:98:f9:f4:60:d0:
1c:db:ca:c1:cf:79:7a:b3:dc:96:4e:92:ec:2f:6b:
4a:5e:c1:cc:ea:d5:06:13:eb:3f:bf:49:37:92:0a:
b0:3f:7a:e8:23:c7:92:be:07:02:09:dd:fc:eb:bd:
75:37:8b:a1:dd:fa:17:1c:df:ce:09:f2:4c:6f:ff:
da:05:fc:b5:45:3b:23:5f:00:14:cd:d5:24:64:6f:
ef:61:a7:3b:9c:ae:45:26:98:fa:88:92:54:99:a9:
bb:16:59:80:40:13:63:04:98:b0:cd:9b:94:c5:13:
13:8b:a1:a4:09:0b:4c:15:ad:cb:55:ad:40:b7:f0:
51:b7:40:e5:2c:d6:2d:34:b0:d4:d7:74:7a:e0:23:
fe:ba:57:68:e9:87:25:4e:62:ad:c7:99:f2:bd:60:
a3:34:45:9f:4c:80:b1:b6:c6:1d:2b:f8:50:29:06:
c2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:02:3C:75:12:E2:AD:06:AD:AA:CC:63:81:CD:E6:4B:50:42:08:8B
X509v3 Authority Key Identifier:
keyid:F4:DE:89:14:74:B4:BE:FD:3E:B2:15:0B:54:75:9D:6B:ED:66:41:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9N6JFHS0vv0-shULVHWda-1mQZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/KQI8dRLirQatqsxjgc3mS1BCCIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/45fc7c-69ec-4290-960b-2c51d90c4ffe/1/9N6JFHS0vv0-shULVHWda-1mQZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:db8::/48
Signature Algorithm: sha256WithRSAEncryption
8c:eb:94:d4:43:72:53:6c:10:e1:8b:93:2f:a2:56:00:93:df:
d1:50:f0:81:38:ba:42:cf:17:f8:54:a1:a3:18:d0:bc:85:48:
60:c0:eb:a9:e5:bb:a6:07:a8:02:15:a9:52:e1:20:26:5f:3d:
4d:8d:2d:a4:41:9e:56:c0:ce:c4:2f:33:2a:1d:e3:0b:91:01:
d0:04:fc:e4:e2:92:4d:46:8a:b9:9e:4b:03:6f:bb:97:7c:20:
2d:c3:19:c4:b0:99:c7:63:ad:8e:f7:ea:37:bb:61:a5:95:b7:
a8:fb:d6:35:00:30:1a:ff:d4:41:1a:6d:90:76:d2:85:e7:94:
ac:ce:c2:cd:11:b6:be:84:80:c5:56:69:f1:2a:cb:98:8c:32:
1b:fc:b1:52:39:8d:28:91:ec:5c:4e:e1:e7:c4:0b:c9:90:c1:
07:f7:66:21:84:49:e6:a0:ab:39:f4:8b:44:c8:e8:7b:c9:ae:
64:e6:1b:8a:2c:dc:d5:50:62:5a:b9:f5:f7:cd:43:09:d3:80:
01:58:f9:47:a2:7e:fd:0b:77:4b:21:55:9a:69:4e:a2:4a:bb:
5f:eb:f0:98:3d:24:1d:82:62:b2:6e:b9:d8:c2:76:0d:7e:34:
cb:41:4f:7a:aa:39:20:54:ff:b3:08:f2:b2:35:82:4b:45:a9:
17:21:c6:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1fqwPqdu+oM85bXqxbkd9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGU4OTE0NzRiNGJlZmQzZWIyMTUwYjU0NzU5ZDZiZWQ2
NjQxOTYwHhcNMjQwMTMxMTMxNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAyM2M3NTEyZTJhZDA2YWRhYWNjNjM4MWNkZTY0YjUwNDIwODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUa8J3ec7/Gc4JRLRjomJT5FSj2D
j8/ALrjD6ubo8cxD1lEOiGjdwpWdE2bNS9r1cTF7ETqduYOlz7R041OXxt5gtCsn
MOsj4Z6oUItpoaYODNtCmPn0YNAc28rBz3l6s9yWTpLsL2tKXsHM6tUGE+s/v0k3
kgqwP3roI8eSvgcCCd386711N4uh3foXHN/OCfJMb//aBfy1RTsjXwAUzdUkZG/v
Yac7nK5FJpj6iJJUmam7FlmAQBNjBJiwzZuUxRMTi6GkCQtMFa3LVa1At/BRt0Dl
LNYtNLDU13R64CP+uldo6YclTmKtx5nyvWCjNEWfTICxtsYdK/hQKQbCZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCkCPHUS4q0GrarMY4HN5ktQQgiLMB8GA1UdIwQY
MBaAFPTeiRR0tL79PrIVC1R1nWvtZkGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU42SkZIUzB2djAtc2hVTFZIV2RhLTFtUVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NWZjN2MtNjllYy00MjkwLTk2MGIt
MmM1MWQ5MGM0ZmZlLzEvS1FJOGRSTGlyUWF0cXN4amdjM21TMUJDQ0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NWZjN2MtNjllYy00MjkwLTk2MGItMmM1MWQ5MGM0ZmZl
LzEvOU42SkZIUzB2djAtc2hVTFZIV2RhLTFtUVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA24
MA0GCSqGSIb3DQEBCwUAA4IBAQCM65TUQ3JTbBDhi5MvolYAk9/RUPCBOLpCzxf4
VKGjGNC8hUhgwOup5bumB6gCFalS4SAmXz1NjS2kQZ5WwM7ELzMqHeMLkQHQBPzk
4pJNRoq5nksDb7uXfCAtwxnEsJnHY62O9+o3u2Gllbeo+9Y1ADAa/9RBGm2QdtKF
55SszsLNEba+hIDFVmnxKsuYjDIb/LFSOY0okexcTuHnxAvJkMEH92YhhEnmoKs5
9ItEyOh7ya5k5huKLNzVUGJaufX3zUMJ04ABWPlHon79C3dLIVWaaU6iSrtf6/CY
PSQdgmKybrnYwnYNfjTLQU96qjkgVP+zCPKyNYJLRakXIca/
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:28:15 2024 by rpki-client on console-fra.rpki-client.org