Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/qZCFNyHUhuZpdxx-DpqPQnhQJtU.roa
File: qZCFNyHUhuZpdxx-DpqPQnhQJtU.roa (raw, json)
Hash identifier: oqDDX9gSY3lVcDNSimFUNHR1KwqsZ1JUaQSUinURxpA=
Subject key identifier: A9:90:85:37:21:D4:86:E6:69:77:1C:7E:0E:9A:8F:42:78:50:26:D5
Certificate issuer: /CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Certificate serial: 019224C0CF76DEDC28ED4975B27CBADA37AE
Authority key identifier: 7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/qZCFNyHUhuZpdxx-DpqPQnhQJtU.roa
Signing time: Tue 24 Sep 2024 15:57:48 +0000
ROA not before: Tue 24 Sep 2024 15:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34907
IP address blocks: 193.3.162.0/24 maxlen: 24
194.31.232.0/24 maxlen: 24
195.245.200.0/24 maxlen: 24
2001:67c:178c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:c0:cf:76:de:dc:28:ed:49:75:b2:7c:ba:da:37:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Validity
Not Before: Sep 24 15:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a990853721d486e669771c7e0e9a8f42785026d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:45:30:94:d0:71:86:18:97:91:5d:00:d5:45:
1a:3d:e2:99:3e:17:d8:8c:7b:7b:5e:68:90:2c:03:
33:57:ac:97:d0:94:2c:6f:11:1e:6e:30:62:1c:c3:
83:2a:5f:a7:2a:97:e7:55:8b:be:c4:42:9c:b3:81:
c0:18:25:af:98:5f:83:f0:9f:d0:7b:2c:6a:a6:04:
ed:58:0c:85:fb:4c:18:14:32:a6:86:f9:e4:c1:5f:
ff:87:b9:75:24:ba:ed:1d:d4:bd:3f:35:b8:91:47:
93:6a:25:68:6d:d6:e3:4f:e6:51:09:57:3b:2f:ac:
b7:fd:ce:04:6f:1d:08:3e:87:70:ed:25:b0:6f:ab:
19:4b:8a:a1:9a:64:84:de:10:45:80:64:4f:95:e7:
a9:dd:23:57:41:3d:23:ab:41:fe:df:8a:d2:27:9c:
1d:51:4c:6b:61:96:59:df:91:a4:88:dc:c5:6e:7b:
80:ab:68:7b:f4:97:83:88:b5:5b:82:c3:ba:9f:7d:
93:01:82:b1:c5:d1:f2:df:42:b1:ac:b4:91:f9:05:
20:67:e0:bc:86:59:e1:a4:75:48:59:d0:2c:41:a6:
38:5c:d1:6a:b7:ee:9d:57:73:48:d3:4a:e8:43:fb:
ba:90:47:9b:99:22:fb:55:2a:55:92:3c:94:39:73:
31:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:90:85:37:21:D4:86:E6:69:77:1C:7E:0E:9A:8F:42:78:50:26:D5
X509v3 Authority Key Identifier:
keyid:7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/qZCFNyHUhuZpdxx-DpqPQnhQJtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.162.0/24
194.31.232.0/24
195.245.200.0/24
IPv6:
2001:67c:178c::/48
Signature Algorithm: sha256WithRSAEncryption
28:cf:0d:e6:f7:5b:3a:f8:de:a2:fe:c9:b9:6c:66:5b:b8:ba:
f1:00:c4:4e:ff:3c:52:94:b9:1d:9f:a1:44:35:fd:ec:49:5e:
a5:71:8e:62:eb:a8:18:75:3e:09:cb:39:8a:67:91:91:e1:39:
22:bd:e0:3c:25:87:a6:b7:eb:71:06:84:b8:ae:89:53:25:98:
32:5a:94:b5:23:37:33:9e:86:f0:0b:c5:af:f1:b3:c6:24:ae:
6c:2c:8e:e9:a8:94:c0:b3:ac:6c:e5:da:74:51:f5:4a:3c:01:
6e:4c:a5:36:2e:c6:b0:32:ca:cc:7a:10:82:96:b0:7b:9b:cd:
a0:b6:13:42:d7:5e:06:d2:e9:7a:ef:1b:00:c6:e5:22:f1:25:
d2:05:70:12:69:06:f2:d9:a7:36:70:1d:d9:e3:0d:e8:67:83:
c3:fc:17:f9:69:18:21:98:23:2a:04:91:9d:78:a9:43:4c:5f:
7e:fd:24:72:22:47:a6:e6:73:40:cf:e5:97:dc:95:a9:4a:34:
20:5f:ee:32:9f:60:d6:18:cf:a7:9d:f6:68:99:ce:27:09:ed:
be:f6:f4:22:0f:05:00:32:52:3f:7d:24:3a:d8:cd:b9:a7:03:
a9:34:87:ac:0f:6a:83:73:19:b0:2c:86:a0:fb:9f:86:61:89:
f5:05:4d:1d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZIkwM923two7Ul1sny62jeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOGJhZTkyMzMwNWE3MWM1MjZhNmZjZjU3YzI5ZDZjMTZh
NDI2OWUwHhcNMjQwOTI0MTU1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTkwODUzNzIxZDQ4NmU2Njk3NzFjN2UwZTlhOGY0Mjc4NTAyNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEUwlNBxhhiXkV0A1UUaPeKZPhfY
jHt7XmiQLAMzV6yX0JQsbxEebjBiHMODKl+nKpfnVYu+xEKcs4HAGCWvmF+D8J/Q
eyxqpgTtWAyF+0wYFDKmhvnkwV//h7l1JLrtHdS9PzW4kUeTaiVobdbjT+ZRCVc7
L6y3/c4Ebx0IPodw7SWwb6sZS4qhmmSE3hBFgGRPleep3SNXQT0jq0H+34rSJ5wd
UUxrYZZZ35GkiNzFbnuAq2h79JeDiLVbgsO6n32TAYKxxdHy30KxrLSR+QUgZ+C8
hlnhpHVIWdAsQaY4XNFqt+6dV3NI00roQ/u6kEebmSL7VSpVkjyUOXMxtQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKmQhTch1IbmaXccfg6aj0J4UCbVMB8GA1UdIwQY
MBaAFHqLrpIzBaccUmpvz1fCnWwWpCaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0Yzkt
ZGUwYzU3MGJhODUwLzEvcVpDRk55SFVodVpwZHh4LURwcVBRbmhRSnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0YzktZGUwYzU3MGJhODUw
LzEvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwQOiAwQA
wh/oAwQAw/XIMA8EAgACMAkDBwAgAQZ8F4wwDQYJKoZIhvcNAQELBQADggEBACjP
Deb3Wzr43qL+yblsZlu4uvEAxE7/PFKUuR2foUQ1/exJXqVxjmLrqBh1PgnLOYpn
kZHhOSK94Dwlh6a363EGhLiuiVMlmDJalLUjNzOehvALxa/xs8YkrmwsjumolMCz
rGzl2nRR9Uo8AW5MpTYuxrAyysx6EIKWsHubzaC2E0LXXgbS6XrvGwDG5SLxJdIF
cBJpBvLZpzZwHdnjDehng8P8F/lpGCGYIyoEkZ14qUNMX379JHIiR6bmc0DP5Zfc
lalKNCBf7jKfYNYYz6ed9miZzicJ7b729CIPBQAyUj99JDrYzbmnA6k0h6wPaoNz
GbAshqD7n4ZhifUFTR0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:55:34 2024 by rpki-client on console-ams.rpki-client.org