Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/qkXD50jyS1kD_4st0XzB_QdkroY.roa
File: qkXD50jyS1kD_4st0XzB_QdkroY.roa (raw, json)
Hash identifier: 26dmKqb7XRRP7w0SjrG9J/qaFpCWsLiO8heCugiYxYc=
Subject key identifier: AA:45:C3:E7:48:F2:4B:59:03:FF:8B:2D:D1:7C:C1:FD:07:64:AE:86
Certificate issuer: /CN=7720c670434da5102261099da101f25dd3f7aada
Certificate serial: 0191698E0C8C5FEB8BEA2111866D92F88610
Authority key identifier: 77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/qkXD50jyS1kD_4st0XzB_QdkroY.roa
Signing time: Mon 19 Aug 2024 07:33:22 +0000
ROA not before: Mon 19 Aug 2024 07:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2134
IP address blocks: 195.43.48.0/22 maxlen: 22
195.43.48.0/24 maxlen: 24
195.43.49.0/24 maxlen: 24
195.43.50.0/24 maxlen: 24
195.43.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft
rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:8e:0c:8c:5f:eb:8b:ea:21:11:86:6d:92:f8:86:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7720c670434da5102261099da101f25dd3f7aada
Validity
Not Before: Aug 19 07:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa45c3e748f24b5903ff8b2dd17cc1fd0764ae86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9c:ef:25:08:c8:8a:5a:bd:a5:24:33:bb:ce:
61:e3:c9:3d:9e:c7:7b:2c:0a:b8:3b:2a:da:23:76:
86:01:4a:b7:8c:ea:53:61:af:b1:c2:fb:0a:e0:ef:
cd:e4:1b:33:17:9b:73:3b:bd:65:b4:0e:3e:ae:b6:
eb:7c:d6:a0:41:16:02:1c:74:46:cc:90:b5:0a:9c:
f9:55:70:41:0d:e5:8c:1f:3b:cd:47:62:76:f4:1e:
05:d4:96:4d:eb:e0:45:d2:dc:3c:97:f7:d5:ca:a5:
7a:4d:f6:8b:b0:e6:44:4d:ad:3b:89:85:8f:bc:e3:
0a:20:be:a2:e3:5b:3a:94:ac:93:d8:18:6d:3b:c7:
e5:1d:6a:ed:f1:85:1a:38:c2:7d:2c:2f:99:aa:0b:
02:ec:90:83:ac:e1:a0:61:3c:92:7c:46:86:13:81:
03:e2:22:f3:d4:e5:21:ce:66:8e:b1:6a:ba:80:eb:
f1:05:ff:b8:b5:d4:87:36:de:4f:c7:3c:1d:cc:0d:
ae:0a:f4:91:53:19:10:30:d1:8b:7c:69:1b:da:e2:
65:8b:55:7e:58:c1:37:dd:e5:92:20:46:79:4d:b1:
57:27:b6:0d:44:aa:f7:fa:2a:98:fd:38:ec:68:d5:
bc:66:97:bd:79:b7:f4:ed:55:f9:0b:77:b9:42:37:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:45:C3:E7:48:F2:4B:59:03:FF:8B:2D:D1:7C:C1:FD:07:64:AE:86
X509v3 Authority Key Identifier:
keyid:77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/qkXD50jyS1kD_4st0XzB_QdkroY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.48.0/22
Signature Algorithm: sha256WithRSAEncryption
62:67:e7:1a:8c:c3:a8:ad:4d:51:76:ea:50:2e:86:2b:29:ab:
0d:3d:4a:a8:d4:cf:d3:ae:10:d1:17:e8:93:d1:70:a3:8f:30:
c5:91:69:23:0c:fc:df:60:55:ec:88:06:d4:00:53:d7:80:f6:
16:76:d0:3b:45:2c:94:c2:35:82:7b:14:e4:47:cf:00:be:5d:
99:36:6d:7b:a0:99:4b:ff:76:a2:86:cd:29:5e:8c:6e:38:e0:
b6:7a:b1:e7:06:4a:f7:4e:12:13:d5:a1:df:5b:c7:ad:1f:a0:
4a:a1:5d:ca:3b:4f:55:20:ef:ea:f3:a0:19:85:9f:e8:b7:ba:
76:eb:a2:af:05:83:2c:84:01:52:37:05:bd:a8:ea:4d:a0:b2:
95:08:2a:40:5b:bc:d3:5f:0e:82:5b:e1:61:f6:68:e7:dc:51:
ea:50:66:34:12:a2:e1:ec:43:dd:8f:fd:e6:76:59:43:fa:2e:
85:66:b0:60:58:24:59:5f:e7:6b:a5:92:84:1f:ea:da:e4:35:
b8:d5:b5:2e:e3:ea:3d:46:9f:a3:5d:07:69:13:b7:32:13:8c:
c9:14:a3:8a:c7:bd:de:e3:0d:93:14:97:6c:06:f0:00:c0:7b:
62:9e:3f:a2:68:3b:87:21:30:be:c4:d4:e4:cb:7a:77:e4:d1:
8c:0f:c2:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFpjgyMX+uL6iERhm2S+IYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjBjNjcwNDM0ZGE1MTAyMjYxMDk5ZGExMDFmMjVkZDNm
N2FhZGEwHhcNMjQwODE5MDczMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQ1YzNlNzQ4ZjI0YjU5MDNmZjhiMmRkMTdjYzFmZDA3NjRhZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJzvJQjIilq9pSQzu85h48k9nsd7
LAq4OyraI3aGAUq3jOpTYa+xwvsK4O/N5BszF5tzO71ltA4+rrbrfNagQRYCHHRG
zJC1Cpz5VXBBDeWMHzvNR2J29B4F1JZN6+BF0tw8l/fVyqV6TfaLsOZETa07iYWP
vOMKIL6i41s6lKyT2BhtO8flHWrt8YUaOMJ9LC+ZqgsC7JCDrOGgYTySfEaGE4ED
4iLz1OUhzmaOsWq6gOvxBf+4tdSHNt5PxzwdzA2uCvSRUxkQMNGLfGkb2uJli1V+
WME33eWSIEZ5TbFXJ7YNRKr3+iqY/TjsaNW8Zpe9ebf07VX5C3e5Qjf5MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpFw+dI8ktZA/+LLdF8wf0HZK6GMB8GA1UdIwQY
MBaAFHcgxnBDTaUQImEJnaEB8l3T96raMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUt
ZDg0NTk5NTk5MWFjLzEvcWtYRDUwanlTMWtEXzRzdDBYekJfUWRrcm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUtZDg0NTk5NTk5MWFj
LzEvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwyswMA0G
CSqGSIb3DQEBCwUAA4IBAQBiZ+cajMOorU1RdupQLoYrKasNPUqo1M/TrhDRF+iT
0XCjjzDFkWkjDPzfYFXsiAbUAFPXgPYWdtA7RSyUwjWCexTkR88Avl2ZNm17oJlL
/3aihs0pXoxuOOC2erHnBkr3ThIT1aHfW8etH6BKoV3KO09VIO/q86AZhZ/ot7p2
66KvBYMshAFSNwW9qOpNoLKVCCpAW7zTXw6CW+Fh9mjn3FHqUGY0EqLh7EPdj/3m
dllD+i6FZrBgWCRZX+drpZKEH+ra5DW41bUu4+o9Rp+jXQdpE7cyE4zJFKOKx73e
4w2TFJdsBvAAwHtinj+iaDuHITC+xNTky3p35NGMD8Ji
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:57 2024 by rpki-client on console-fra.rpki-client.org