Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/q9VUoF1qyFxi5xbl9uC_DIgqme8.roa
File: q9VUoF1qyFxi5xbl9uC_DIgqme8.roa (raw, json)
Hash identifier: EwaYSFFFcEpLrImD+q3HwnZkCupuXvEInqYEkWyCPbU=
Subject key identifier: AB:D5:54:A0:5D:6A:C8:5C:62:E7:16:E5:F6:E0:BF:0C:88:2A:99:EF
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0192EC455C0EB7DE198BAD8A1AD220E35804
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/q9VUoF1qyFxi5xbl9uC_DIgqme8.roa
Signing time: Sat 02 Nov 2024 09:47:01 +0000
ROA not before: Sat 02 Nov 2024 09:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a09:6280:b::/48 maxlen: 48
2a10:4100::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4102::/36 maxlen: 36
2a10:4102:1000::/36 maxlen: 36
2a10:4102:2000::/36 maxlen: 36
2a10:4102:3000::/36 maxlen: 36
2a10:4102:4000::/36 maxlen: 36
2a10:4102:5000::/36 maxlen: 36
2a10:4102:6000::/36 maxlen: 36
2a10:4102:7000::/36 maxlen: 36
2a10:4102:8000::/36 maxlen: 36
2a10:4102:9000::/36 maxlen: 36
2a10:4102:a000::/36 maxlen: 36
2a10:4102:b000::/36 maxlen: 36
2a10:4102:c000::/36 maxlen: 36
2a10:4102:d000::/36 maxlen: 36
2a10:4102:e000::/36 maxlen: 36
2a10:4102:f000::/36 maxlen: 36
2a12:a345::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:45:5c:0e:b7:de:19:8b:ad:8a:1a:d2:20:e3:58:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 2 09:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abd554a05d6ac85c62e716e5f6e0bf0c882a99ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:f1:1d:9c:a5:e9:44:c3:aa:3b:5f:97:c6:
22:58:7b:ee:2c:61:5f:a6:1b:e3:ad:9a:b2:33:a4:
e4:be:97:39:af:2e:a9:07:4a:d5:92:f1:ba:28:22:
41:42:8a:0d:6c:b9:4b:f9:9e:aa:71:c8:db:7b:0f:
8c:50:3a:c5:0c:f6:0b:55:69:b3:e6:8a:24:c6:5b:
d2:f1:bd:30:cb:b7:e6:ae:bc:cf:ef:65:d5:8d:c0:
fe:7e:37:96:9f:59:eb:fe:4b:05:d1:bc:23:e7:6b:
10:e5:94:62:82:36:8b:1c:3f:fd:23:ec:96:8c:10:
91:e9:37:23:96:61:7e:78:03:c2:0d:3d:0d:30:30:
4d:b5:40:14:bc:2d:26:a3:9f:d8:d4:df:43:98:6e:
e1:f1:ba:8f:3d:c3:4a:bb:e9:9c:23:bb:e4:10:23:
50:f9:fb:9f:18:36:ee:03:18:c7:29:86:11:bb:74:
d1:fa:7e:df:a8:42:3d:cb:35:74:03:29:96:67:a7:
15:cf:09:67:ef:72:aa:40:11:8c:a2:8e:2b:03:d4:
40:55:c0:a8:21:1a:fc:a9:99:eb:bb:ed:84:1b:62:
be:a9:8f:32:7d:1e:79:f5:da:9d:f0:ad:13:b7:6b:
87:3d:f3:6f:ac:6d:14:b3:c7:e2:ad:a2:e1:fe:9c:
3b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D5:54:A0:5D:6A:C8:5C:62:E7:16:E5:F6:E0:BF:0C:88:2A:99:EF
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/q9VUoF1qyFxi5xbl9uC_DIgqme8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6280:b::/48
2a10:4100::/32
2a10:4102::/32
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
4d:41:b1:a7:e7:6b:e7:c3:66:a5:a0:0d:64:1a:a9:20:a0:67:
79:d1:80:26:65:17:3a:4b:7d:0f:94:c1:06:da:16:0d:84:1f:
58:c3:59:5a:fb:24:ee:31:b0:e5:e4:5a:f9:7d:1b:ef:39:65:
b7:53:77:69:a0:fb:22:34:49:c8:a5:b3:a2:69:8e:2e:16:99:
48:8d:bc:52:6e:7d:a2:b2:bc:1b:9a:77:9d:9f:36:0e:37:9a:
3d:05:fa:cf:ef:bf:d9:b4:aa:66:93:f1:88:97:0d:24:38:72:
21:11:b1:90:45:f1:dc:f8:09:91:73:ca:10:97:49:3f:29:67:
bd:5a:46:33:dc:53:ad:1b:b4:8c:7e:69:1b:89:1a:6a:70:63:
98:2d:6d:d9:b3:63:f3:98:20:29:68:1b:29:37:04:90:30:2d:
6f:f9:c3:59:06:13:51:54:db:82:77:21:a0:80:25:34:7e:00:
01:43:1a:b4:42:44:84:6b:1e:37:de:2d:cb:43:89:b3:49:1c:
b9:ee:a4:3d:fc:c1:85:a7:e0:e2:21:87:dc:41:d0:fc:a8:a4:
76:15:10:cf:db:85:ce:50:9b:6a:eb:40:8b:c2:9d:ab:dc:73:
89:17:95:1e:62:e4:60:e0:80:17:de:6e:3a:d9:33:df:2d:8d:
7f:0e:06:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLsRVwOt94Zi62KGtIg41gEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTAyMDk0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ1NTRhMDVkNmFjODVjNjJlNzE2ZTVmNmUwYmYwYzg4MmE5OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs47xHZyl6UTDqjtfl8YiWHvuLGFf
phvjrZqyM6Tkvpc5ry6pB0rVkvG6KCJBQooNbLlL+Z6qccjbew+MUDrFDPYLVWmz
5ookxlvS8b0wy7fmrrzP72XVjcD+fjeWn1nr/ksF0bwj52sQ5ZRigjaLHD/9I+yW
jBCR6TcjlmF+eAPCDT0NMDBNtUAUvC0mo5/Y1N9DmG7h8bqPPcNKu+mcI7vkECNQ
+fufGDbuAxjHKYYRu3TR+n7fqEI9yzV0AymWZ6cVzwln73KqQBGMoo4rA9RAVcCo
IRr8qZnru+2EG2K+qY8yfR559dqd8K0Tt2uHPfNvrG0Us8firaLh/pw7dwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKvVVKBdashcYucW5fbgvwyIKpnvMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcTlWVW9GMXF5RnhpNXhibDl1Q19ESWdxbWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAKgligAAL
AwUAKhBBAAMFACoQQQIDBQAqEqNFMA0GCSqGSIb3DQEBCwUAA4IBAQBNQbGn52vn
w2aloA1kGqkgoGd50YAmZRc6S30PlMEG2hYNhB9Yw1la+yTuMbDl5Fr5fRvvOWW3
U3dpoPsiNEnIpbOiaY4uFplIjbxSbn2isrwbmnednzYON5o9BfrP77/ZtKpmk/GI
lw0kOHIhEbGQRfHc+AmRc8oQl0k/KWe9WkYz3FOtG7SMfmkbiRpqcGOYLW3Zs2Pz
mCApaBspNwSQMC1v+cNZBhNRVNuCdyGggCU0fgABQxq0QkSEax433i3LQ4mzSRy5
7qQ9/MGFp+DiIYfcQdD8qKR2FRDP24XOUJtq60CLwp2r3HOJF5UeYuRg4IAX3m46
2TPfLY1/DgYV
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:30 2024 by rpki-client on console-fra.rpki-client.org