Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/Qb8Eqi2WaH_Y-KVM-RjgrfCoUhQ.roa
File: Qb8Eqi2WaH_Y-KVM-RjgrfCoUhQ.roa (raw, json)
Hash identifier: w28YtAdNNL6FMA36pxUzg3FguVl7n2OBHX3ZkJuO1Y4=
Subject key identifier: 41:BF:04:AA:2D:96:68:7F:D8:F8:A5:4C:F9:18:E0:AD:F0:A8:52:14
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 018E61A8538F07D07D3E2FD45544E56D8AE4
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/Qb8Eqi2WaH_Y-KVM-RjgrfCoUhQ.roa
Signing time: Thu 21 Mar 2024 15:36:45 +0000
ROA not before: Thu 21 Mar 2024 15:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50920
IP address blocks: 62.93.84.0/24 maxlen: 24
62.93.87.0/24 maxlen: 24
82.192.6.0/24 maxlen: 24
85.13.58.0/24 maxlen: 24
217.16.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:a8:53:8f:07:d0:7d:3e:2f:d4:55:44:e5:6d:8a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Mar 21 15:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41bf04aa2d96687fd8f8a54cf918e0adf0a85214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:29:5d:6f:b4:31:21:b8:83:fc:8c:15:be:5e:
f5:0e:28:03:f9:88:47:a3:54:41:62:11:5c:b7:81:
cc:92:4e:55:ec:79:28:8c:d5:88:5f:fa:8b:53:71:
ae:55:1a:b2:b0:2b:3d:08:93:0c:5f:a6:6c:3a:6f:
45:3c:9c:0a:90:b1:f0:7e:23:ef:e5:1f:fa:de:08:
d4:d1:61:c7:6c:69:17:eb:12:22:a1:e4:c5:72:f0:
d7:bf:14:8a:60:ab:f8:73:f9:04:a0:ac:81:d2:21:
eb:7b:94:aa:82:27:a8:32:87:ee:af:6e:32:9e:97:
d3:de:c8:95:c7:4a:12:17:e7:95:18:14:73:51:fe:
dd:f6:50:7b:e6:c5:17:9a:cf:96:10:93:69:6b:d6:
3e:82:aa:44:a1:89:ab:f8:2b:ca:50:76:a2:2d:8d:
04:64:8c:09:d1:02:e3:4b:33:90:11:aa:5e:b0:16:
a7:b5:be:f4:13:e9:61:76:98:f7:79:e3:a7:c8:99:
cc:55:07:e5:f3:17:b9:8a:20:bd:45:fd:80:45:bc:
1a:10:83:54:48:27:d3:8d:a1:ae:80:68:86:4c:78:
03:a5:c0:fa:97:5b:1b:f0:63:b3:78:18:39:cd:14:
f3:eb:60:98:d8:20:98:4c:a7:ad:82:82:66:f6:8f:
04:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BF:04:AA:2D:96:68:7F:D8:F8:A5:4C:F9:18:E0:AD:F0:A8:52:14
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/Qb8Eqi2WaH_Y-KVM-RjgrfCoUhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.84.0/24
62.93.87.0/24
82.192.6.0/24
85.13.58.0/24
217.16.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:69:9e:31:4e:84:3a:40:2c:75:fb:ef:f1:1e:5b:f3:73:d7:
29:af:15:6e:22:07:1a:0c:81:04:9a:34:51:1b:90:5e:84:e9:
32:26:6d:e8:92:ae:fd:d9:4f:0d:b4:13:82:c4:d9:77:ac:8c:
2d:34:d3:fd:b0:35:4e:5d:7d:27:68:10:54:cc:92:39:1b:9e:
68:b4:cb:09:e9:bf:84:f8:25:10:a4:9f:e7:03:0f:3a:7f:68:
21:25:38:7d:76:cd:14:51:a3:15:b0:ea:a6:5f:40:1d:04:b6:
9f:62:c7:fd:bd:0e:1a:0c:2a:82:be:b1:73:99:70:29:8c:51:
38:3c:94:9b:a1:5e:20:41:2a:80:d1:00:11:c9:be:93:6c:be:
f1:c5:22:eb:61:bc:9a:f0:45:5d:d9:1d:5d:61:5c:f1:e5:55:
58:f7:7f:1b:01:f0:95:b0:d2:d0:5d:41:ee:ad:bf:a2:b1:5b:
32:a5:e5:5b:45:e8:11:19:85:98:93:4d:b6:3a:c9:b1:3b:b9:
bb:71:37:64:a0:b9:86:0b:f0:c6:c8:fa:a9:01:79:cf:b9:e5:
ba:16:51:f5:7f:96:d3:40:ef:a3:f0:22:3d:72:ed:cb:35:9d:
ec:b2:e0:b4:80:f3:56:7b:01:de:76:82:44:2c:21:94:49:9d:
16:05:f2:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5hqFOPB9B9Pi/UVUTlbYrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQwMzIxMTUzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJmMDRhYTJkOTY2ODdmZDhmOGE1NGNmOTE4ZTBhZGYwYTg1MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCldb7QxIbiD/IwVvl71DigD+YhH
o1RBYhFct4HMkk5V7HkojNWIX/qLU3GuVRqysCs9CJMMX6ZsOm9FPJwKkLHwfiPv
5R/63gjU0WHHbGkX6xIioeTFcvDXvxSKYKv4c/kEoKyB0iHre5SqgieoMofur24y
npfT3siVx0oSF+eVGBRzUf7d9lB75sUXms+WEJNpa9Y+gqpEoYmr+CvKUHaiLY0E
ZIwJ0QLjSzOQEapesBantb70E+lhdpj3eeOnyJnMVQfl8xe5iiC9Rf2ARbwaEINU
SCfTjaGugGiGTHgDpcD6l1sb8GOzeBg5zRTz62CY2CCYTKetgoJm9o8EwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEG/BKotlmh/2PilTPkY4K3wqFIUMB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvUWI4RXFpMldhSF9ZLUtWTS1SamdyZkNvVWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPl1UAwQA
Pl1XAwQAUsAGAwQAVQ06AwQA2RB3MA0GCSqGSIb3DQEBCwUAA4IBAQANaZ4xToQ6
QCx1++/xHlvzc9cprxVuIgcaDIEEmjRRG5BehOkyJm3okq792U8NtBOCxNl3rIwt
NNP9sDVOXX0naBBUzJI5G55otMsJ6b+E+CUQpJ/nAw86f2ghJTh9ds0UUaMVsOqm
X0AdBLafYsf9vQ4aDCqCvrFzmXApjFE4PJSboV4gQSqA0QARyb6TbL7xxSLrYbya
8EVd2R1dYVzx5VVY938bAfCVsNLQXUHurb+isVsypeVbRegRGYWYk022OsmxO7m7
cTdkoLmGC/DGyPqpAXnPueW6FlH1f5bTQO+j8CI9cu3LNZ3ssuC0gPNWewHedoJE
LCGUSZ0WBfJ1
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:25:33 2024 by rpki-client on console-fra.rpki-client.org