Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/bqXy6bBIEO3k5zsVlcH4uIh3L8g.roa
File: bqXy6bBIEO3k5zsVlcH4uIh3L8g.roa (raw, json)
Hash identifier: jUfjBxlEQM2dDoPxwIkLaj80LU2MxlU9sd2IsS9X0zA=
Subject key identifier: 6E:A5:F2:E9:B0:48:10:ED:E4:E7:3B:15:95:C1:F8:B8:88:77:2F:C8
Certificate issuer: /CN=ed5e838312e04aef9f9536e20cd41283a7b8b77b
Certificate serial: 018CC86F7A1C424C9DCD0A41CA5E3FC0F18B
Authority key identifier: ED:5E:83:83:12:E0:4A:EF:9F:95:36:E2:0C:D4:12:83:A7:B8:B7:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7V6DgxLgSu-flTbiDNQSg6e4t3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/bqXy6bBIEO3k5zsVlcH4uIh3L8g.roa
Signing time: Tue 02 Jan 2024 04:29:58 +0000
ROA not before: Tue 02 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207179
IP address blocks: 185.140.224.0/23 maxlen: 23
185.140.226.0/23 maxlen: 23
2a07:2080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/7V6DgxLgSu-flTbiDNQSg6e4t3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/7V6DgxLgSu-flTbiDNQSg6e4t3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/7V6DgxLgSu-flTbiDNQSg6e4t3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7a:1c:42:4c:9d:cd:0a:41:ca:5e:3f:c0:f1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5e838312e04aef9f9536e20cd41283a7b8b77b
Validity
Not Before: Jan 2 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ea5f2e9b04810ede4e73b1595c1f8b888772fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:f7:90:f1:0e:c0:18:e4:cb:fc:47:bb:25:
9b:10:e7:57:8c:54:59:b2:20:80:1b:7f:9e:ae:4a:
66:ef:14:c8:d4:97:96:57:ea:a6:bd:29:4c:d4:a6:
e4:2e:c6:58:07:7e:25:5e:63:ab:73:8b:c2:1e:28:
1e:08:22:06:3b:a6:c8:3b:b4:9c:5a:7b:58:1e:71:
c0:ea:07:78:46:4e:ea:89:a5:db:7b:f5:9f:a8:fd:
aa:02:cc:e0:e3:5a:27:6d:d4:ec:05:cd:d5:1d:94:
6c:9f:e8:0d:5d:83:87:7e:4b:ba:2a:b0:9d:da:23:
ca:c7:e2:4e:d2:e5:b1:8b:0f:c4:46:89:21:89:1e:
6d:67:26:66:28:85:c9:44:4b:c8:17:f1:06:e2:cd:
73:59:c2:cd:7d:0d:df:85:79:0f:35:f0:37:c3:29:
d5:03:67:71:3a:72:3a:40:8f:44:a7:db:09:de:e1:
df:30:f8:e0:77:9f:80:1d:b9:46:f8:6b:2e:4b:5f:
19:4a:45:b5:c6:aa:4c:39:c1:60:9c:f6:15:00:77:
d7:02:af:1c:32:06:d3:7f:aa:f1:16:27:08:32:87:
d1:ee:c0:b5:c5:ac:6f:69:28:fe:c1:6a:43:37:94:
93:8b:4f:51:54:3c:87:9c:33:84:60:74:cb:a4:cf:
a9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A5:F2:E9:B0:48:10:ED:E4:E7:3B:15:95:C1:F8:B8:88:77:2F:C8
X509v3 Authority Key Identifier:
keyid:ED:5E:83:83:12:E0:4A:EF:9F:95:36:E2:0C:D4:12:83:A7:B8:B7:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7V6DgxLgSu-flTbiDNQSg6e4t3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/bqXy6bBIEO3k5zsVlcH4uIh3L8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/7V6DgxLgSu-flTbiDNQSg6e4t3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.224.0/22
IPv6:
2a07:2080::/29
Signature Algorithm: sha256WithRSAEncryption
a1:1c:4b:ce:35:2d:55:3c:23:2b:a1:47:83:42:17:05:de:8a:
b0:d1:38:ba:61:0a:5a:27:98:a2:fb:28:38:ad:2d:a8:bf:74:
e1:91:9d:09:97:7a:ef:d2:62:b2:7f:8b:40:9f:0f:5d:27:d8:
44:d0:13:cc:de:90:c9:ea:e3:bf:5a:68:48:8b:68:84:41:44:
f2:e2:ea:d0:5d:77:de:d7:99:6d:8e:3a:fe:6c:ff:c9:c9:4a:
f9:6e:45:cd:b5:ec:7e:fd:f1:28:ac:91:60:be:06:d8:f6:a6:
bb:52:e6:80:0d:58:bc:6f:db:1f:fe:54:dc:06:b7:e0:69:ab:
6a:e7:a8:e3:cb:ee:ef:31:0f:8e:c6:b8:41:72:b4:9a:37:be:
fa:b0:37:77:48:88:97:11:bd:a5:aa:57:cc:c3:4a:bb:be:4f:
fb:18:18:de:8b:54:a2:c2:e4:8e:cf:bc:91:08:5c:b0:5c:28:
43:af:86:b4:60:2c:82:71:0f:0d:10:a1:35:38:27:46:35:14:
4a:aa:5c:b6:0b:e2:13:5f:7e:cd:0d:50:e1:e0:41:25:2a:73:
b2:21:cc:cf:f9:bc:ef:96:86:df:6e:a9:0b:8b:2e:79:17:15:
16:5e:66:d6:08:a3:11:d5:15:3b:f3:d4:ac:d5:df:d8:76:f8:
82:ac:c4:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb3ocQkydzQpByl4/wPGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNWU4MzgzMTJlMDRhZWY5Zjk1MzZlMjBjZDQxMjgzYTdi
OGI3N2IwHhcNMjQwMTAyMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE1ZjJlOWIwNDgxMGVkZTRlNzNiMTU5NWMxZjhiODg4NzcyZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFD3kPEOwBjky/xHuyWbEOdXjFRZ
siCAG3+erkpm7xTI1JeWV+qmvSlM1KbkLsZYB34lXmOrc4vCHigeCCIGO6bIO7Sc
WntYHnHA6gd4Rk7qiaXbe/WfqP2qAszg41onbdTsBc3VHZRsn+gNXYOHfku6KrCd
2iPKx+JO0uWxiw/ERokhiR5tZyZmKIXJREvIF/EG4s1zWcLNfQ3fhXkPNfA3wynV
A2dxOnI6QI9Ep9sJ3uHfMPjgd5+AHblG+GsuS18ZSkW1xqpMOcFgnPYVAHfXAq8c
MgbTf6rxFicIMofR7sC1xaxvaSj+wWpDN5STi09RVDyHnDOEYHTLpM+pMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6l8umwSBDt5Oc7FZXB+LiIdy/IMB8GA1UdIwQY
MBaAFO1eg4MS4Ervn5U24gzUEoOnuLd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1Y2RGd4TGdTdS1mbFRiaUROUVNnNmU0dDNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZWU1YWMtOTljYy00MWE3LWE2NWYt
ZWRhY2E5ZDEzNjFhLzEvYnFYeTZiQklFTzNrNXpzVmxjSDR1SWgzTDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZWU1YWMtOTljYy00MWE3LWE2NWYtZWRhY2E5ZDEzNjFh
LzEvN1Y2RGd4TGdTdS1mbFRiaUROUVNnNmU0dDNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYzgMA0E
AgACMAcDBQMqByCAMA0GCSqGSIb3DQEBCwUAA4IBAQChHEvONS1VPCMroUeDQhcF
3oqw0Ti6YQpaJ5ii+yg4rS2ov3ThkZ0Jl3rv0mKyf4tAnw9dJ9hE0BPM3pDJ6uO/
WmhIi2iEQUTy4urQXXfe15ltjjr+bP/JyUr5bkXNtex+/fEorJFgvgbY9qa7UuaA
DVi8b9sf/lTcBrfgaatq56jjy+7vMQ+OxrhBcrSaN776sDd3SIiXEb2lqlfMw0q7
vk/7GBjei1SiwuSOz7yRCFywXChDr4a0YCyCcQ8NEKE1OCdGNRRKqly2C+ITX37N
DVDh4EElKnOyIczP+bzvlobfbqkLiy55FxUWXmbWCKMR1RU789Ss1d/YdviCrMSo
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:44:56 2024 by rpki-client on console-fra.rpki-client.org