Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/qEPd0nqSig91awjPn67ELfYs8As.roa
File: qEPd0nqSig91awjPn67ELfYs8As.roa (raw, json)
Hash identifier: SHIg9XBoUMy411p/9FGAneRAtPgULKrWih69F9Q73Kc=
Subject key identifier: A8:43:DD:D2:7A:92:8A:0F:75:6B:08:CF:9F:AE:C4:2D:F6:2C:F0:0B
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018CC5DC5BC57774DEB3C25281F236539244
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/qEPd0nqSig91awjPn67ELfYs8As.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63859
IP address blocks: 151.249.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5b:c5:77:74:de:b3:c2:52:81:f2:36:53:92:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a843ddd27a928a0f756b08cf9faec42df62cf00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:ad:e2:d0:c8:40:33:c5:34:05:b4:07:10:
98:89:b9:83:2c:68:0f:fd:fc:82:e9:a4:0f:44:23:
72:13:fd:3d:76:9a:78:08:59:ae:80:f7:c4:3d:0a:
71:d6:8c:24:df:ae:e7:de:c1:0a:05:69:de:e4:24:
3e:fb:9a:30:ce:9d:d4:92:85:a1:9c:cf:c1:2a:b3:
0f:fe:a4:5d:d9:06:00:42:f8:66:ed:cc:70:5b:c0:
0a:dd:12:4b:88:a7:f2:2a:9c:8c:e8:6c:af:48:1c:
cb:fc:28:6e:ee:f1:ca:4c:c1:a3:81:17:d0:84:08:
8a:a5:05:ed:f1:73:94:e1:f9:44:1a:f9:c2:f2:20:
26:c3:02:96:94:c2:45:1d:6d:9a:80:d0:cd:11:07:
e8:f5:58:0d:0b:7c:4b:9f:eb:c0:44:b8:9c:5b:92:
bf:6d:bb:a9:3e:8e:45:34:82:9d:cd:f2:87:b7:33:
79:13:a6:3f:b4:d8:6c:19:6d:28:7a:eb:d8:fb:3f:
46:de:06:43:ca:b1:f6:64:8d:85:31:13:6b:7b:b0:
39:8a:6c:49:9c:b1:7c:52:a7:2e:34:8a:e3:e4:50:
81:21:21:6a:5a:f7:5d:5a:f8:1d:12:7c:ff:a4:06:
eb:d4:10:86:fd:f1:d8:a8:ef:27:35:df:51:01:e1:
5f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:43:DD:D2:7A:92:8A:0F:75:6B:08:CF:9F:AE:C4:2D:F6:2C:F0:0B
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/qEPd0nqSig91awjPn67ELfYs8As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.95.0/24
Signature Algorithm: sha256WithRSAEncryption
55:20:af:b1:6d:43:b2:c6:cc:b8:51:97:28:e9:3b:c6:b0:f3:
b9:2d:c1:58:97:e2:a8:b9:8e:d4:b9:c1:af:80:41:80:ed:e9:
e9:d9:18:f8:dd:f4:8c:03:fc:ee:6e:50:22:82:87:99:49:ea:
8c:62:e6:01:45:50:d5:f0:99:c0:dc:cf:67:31:d0:95:2c:ac:
be:fb:8c:15:91:62:7a:71:46:76:ea:50:d8:07:a4:ef:01:93:
d2:c9:80:7a:97:1a:45:2e:1a:51:5d:d6:13:3a:62:34:ae:a5:
1d:0b:a2:69:c5:40:65:80:6e:a7:64:70:5a:97:ea:a0:74:2a:
f7:49:e8:a6:11:c4:53:bc:55:ec:74:e2:33:b7:ed:43:9b:1b:
44:05:45:ee:da:d2:8d:87:59:c2:fd:3a:0a:c1:88:9a:24:6d:
be:d9:d9:e2:7d:db:ba:5a:80:47:34:09:65:cb:27:dc:f0:a7:
ed:23:5f:1b:aa:23:4d:11:1c:26:f6:69:72:fc:30:2c:3e:ab:
36:65:f3:aa:c0:42:ec:ee:c9:ca:13:36:08:db:67:bc:e2:31:
e2:f1:2a:7e:91:5e:fd:69:af:3e:c5:a5:0d:38:01:96:94:31:
0e:a6:cb:78:93:4c:63:b8:9c:61:cb:ed:5d:89:ef:4f:cb:23:
c3:3a:7b:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3FvFd3Tes8JSgfI2U5JEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQzZGRkMjdhOTI4YTBmNzU2YjA4Y2Y5ZmFlYzQyZGY2MmNmMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicSt4tDIQDPFNAW0BxCYibmDLGgP
/fyC6aQPRCNyE/09dpp4CFmugPfEPQpx1owk367n3sEKBWne5CQ++5owzp3UkoWh
nM/BKrMP/qRd2QYAQvhm7cxwW8AK3RJLiKfyKpyM6GyvSBzL/Chu7vHKTMGjgRfQ
hAiKpQXt8XOU4flEGvnC8iAmwwKWlMJFHW2agNDNEQfo9VgNC3xLn+vARLicW5K/
bbupPo5FNIKdzfKHtzN5E6Y/tNhsGW0oeuvY+z9G3gZDyrH2ZI2FMRNre7A5imxJ
nLF8UqcuNIrj5FCBISFqWvddWvgdEnz/pAbr1BCG/fHYqO8nNd9RAeFfZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhD3dJ6kooPdWsIz5+uxC32LPALMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvcUVQZDBucVNpZzkxYXdqUG42N0VMZllzOEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/lfMA0G
CSqGSIb3DQEBCwUAA4IBAQBVIK+xbUOyxsy4UZco6TvGsPO5LcFYl+KouY7UucGv
gEGA7enp2Rj43fSMA/zublAigoeZSeqMYuYBRVDV8JnA3M9nMdCVLKy++4wVkWJ6
cUZ26lDYB6TvAZPSyYB6lxpFLhpRXdYTOmI0rqUdC6JpxUBlgG6nZHBal+qgdCr3
SeimEcRTvFXsdOIzt+1DmxtEBUXu2tKNh1nC/ToKwYiaJG2+2dnifdu6WoBHNAll
yyfc8KftI18bqiNNERwm9mly/DAsPqs2ZfOqwELs7snKEzYI22e84jHi8Sp+kV79
aa8+xaUNOAGWlDEOpst4k0xjuJxhy+1die9PyyPDOnut
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:29:36 2024 by rpki-client on console-ams.rpki-client.org