Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/QGLEWvPPLqbKYig-R4po-MReaF4.roa
File: QGLEWvPPLqbKYig-R4po-MReaF4.roa (raw, json)
Hash identifier: a6evvTo6rfY79EPPffjkRniOT/6YS5j0Y7ZhhZyo70k=
Subject key identifier: 40:62:C4:5A:F3:CF:2E:A6:CA:62:28:3E:47:8A:68:F8:C4:5E:68:5E
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018CC348EF81E728BFD095F0F04A92F342D9
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/QGLEWvPPLqbKYig-R4po-MReaF4.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397065
IP address blocks: 78.143.240.0/24 maxlen: 24
78.143.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ef:81:e7:28:bf:d0:95:f0:f0:4a:92:f3:42:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4062c45af3cf2ea6ca62283e478a68f8c45e685e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:8b:90:b8:71:48:ae:4b:ab:a6:5e:1f:f4:
dc:c7:b1:81:a0:db:aa:5f:c7:cd:6c:ec:17:a1:b3:
c5:d6:0c:12:2f:f3:10:dc:c9:12:d7:7d:6f:82:fe:
93:09:10:5d:de:01:dc:b2:6c:0f:17:59:9c:21:c5:
a8:8a:f2:a7:74:f3:bf:ea:cb:a4:c5:b8:e9:40:d4:
12:e2:15:6e:80:41:75:f3:48:18:58:76:08:19:52:
b0:cb:f5:47:69:fe:e5:5e:29:21:c4:2e:e6:a5:7a:
1d:96:aa:e4:0d:19:e3:40:3c:39:fe:f4:cc:d6:a2:
6b:47:de:08:fd:5c:29:2c:de:20:45:90:3e:85:45:
7e:9e:2f:82:0e:66:68:07:31:51:02:92:79:d3:62:
f2:d4:66:60:14:a8:9a:bd:45:1b:9e:bf:90:2f:5a:
56:e3:f9:41:05:b1:09:04:41:7e:9c:dd:76:ec:83:
db:d2:8a:a3:02:af:3c:2b:8d:86:c3:11:de:f8:e7:
a1:fc:a4:1d:a5:e5:50:fb:41:1c:8b:c4:2e:c0:dc:
a9:c2:ad:6f:c2:66:19:c0:30:92:ba:b2:6f:8a:1b:
eb:f5:55:dd:5c:7f:a6:4d:2e:bc:32:ca:9c:15:95:
3a:bb:cb:55:cd:89:54:10:ef:13:22:73:df:89:65:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:C4:5A:F3:CF:2E:A6:CA:62:28:3E:47:8A:68:F8:C4:5E:68:5E
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/QGLEWvPPLqbKYig-R4po-MReaF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.240.0/24
78.143.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:5c:93:9e:49:dc:f2:ba:08:40:9e:e0:44:96:ba:f2:c0:92:
66:67:57:0a:8e:ba:0a:3e:a4:f5:41:03:be:70:b5:43:d5:dd:
9b:6e:8c:5a:6f:a2:4f:31:f4:49:30:35:71:8f:7f:95:c9:3b:
4b:ae:bc:bd:c1:a4:ef:35:7b:4f:3b:c8:a2:11:a4:08:3b:8c:
8d:d0:09:ba:6d:09:5f:ae:b4:ed:e1:14:a1:7d:9b:a6:5c:7e:
0d:ec:e8:de:12:83:af:0b:04:7f:e5:e9:94:b7:d6:0c:bb:c6:
d0:da:55:f6:04:31:c6:9e:76:0e:d0:b1:28:05:60:b5:05:e3:
f5:27:17:bb:52:68:75:73:b1:93:17:6d:8c:e5:0b:23:f2:87:
a8:31:a9:c0:3e:df:84:c7:c4:b7:8f:a6:ee:40:d4:da:b5:2d:
69:71:c7:92:2a:59:ec:e1:d3:60:4c:75:7c:ed:df:04:b8:51:
25:75:5f:f9:e1:39:b3:b9:b8:43:5c:41:00:48:9f:39:7a:65:
d4:9f:9b:a3:95:0e:62:b8:91:3b:1b:da:14:38:13:a1:85:f9:
78:81:03:82:c6:0f:4e:13:97:ca:ad:e3:d8:2a:88:5e:a9:84:
16:4f:ea:6e:e4:72:32:36:0b:cf:6b:da:c6:51:2a:41:6b:48:
01:44:a3:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSO+B5yi/0JXw8EqS80LZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDYyYzQ1YWYzY2YyZWE2Y2E2MjI4M2U0NzhhNjhmOGM0NWU2ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla6LkLhxSK5Lq6ZeH/Tcx7GBoNuq
X8fNbOwXobPF1gwSL/MQ3MkS131vgv6TCRBd3gHcsmwPF1mcIcWoivKndPO/6suk
xbjpQNQS4hVugEF180gYWHYIGVKwy/VHaf7lXikhxC7mpXodlqrkDRnjQDw5/vTM
1qJrR94I/VwpLN4gRZA+hUV+ni+CDmZoBzFRApJ502Ly1GZgFKiavUUbnr+QL1pW
4/lBBbEJBEF+nN127IPb0oqjAq88K42GwxHe+Oeh/KQdpeVQ+0Eci8QuwNypwq1v
wmYZwDCSurJvihvr9VXdXH+mTS68MsqcFZU6u8tVzYlUEO8TInPfiWWDwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEBixFrzzy6mymIoPkeKaPjEXmheMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvUUdMRVd2UFBMcWJLWWlnLVI0cG8tTVJlYUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo/wAwQA
To/zMA0GCSqGSIb3DQEBCwUAA4IBAQArXJOeSdzyughAnuBElrrywJJmZ1cKjroK
PqT1QQO+cLVD1d2bboxab6JPMfRJMDVxj3+VyTtLrry9waTvNXtPO8iiEaQIO4yN
0Am6bQlfrrTt4RShfZumXH4N7OjeEoOvCwR/5emUt9YMu8bQ2lX2BDHGnnYO0LEo
BWC1BeP1Jxe7Umh1c7GTF22M5Qsj8oeoManAPt+Ex8S3j6buQNTatS1pcceSKlns
4dNgTHV87d8EuFEldV/54TmzubhDXEEASJ85emXUn5ujlQ5iuJE7G9oUOBOhhfl4
gQOCxg9OE5fKrePYKoheqYQWT+pu5HIyNgvPa9rGUSpBa0gBRKNm
-----END CERTIFICATE-----
Generated at Fri May 3 15:33:23 2024 by rpki-client on console-fra.rpki-client.org