Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/qXsevtedXZWZWFcZadzS6utiX70.roa
File: qXsevtedXZWZWFcZadzS6utiX70.roa (raw, json)
Hash identifier: Lg1WZlsvbj24xWzE9ns2K90z1diAwWuX7KfR4MqPyyY=
Subject key identifier: A9:7B:1E:BE:D7:9D:5D:95:99:58:57:19:69:DC:D2:EA:EB:62:5F:BD
Certificate issuer: /CN=600e85f581c7513908ea04665fd23726fd70e62b
Certificate serial: 018CC794F5B70A5C3F273EAA187F7106D35D
Authority key identifier: 60:0E:85:F5:81:C7:51:39:08:EA:04:66:5F:D2:37:26:FD:70:E6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YA6F9YHHUTkI6gRmX9I3Jv1w5is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/qXsevtedXZWZWFcZadzS6utiX70.roa
Signing time: Tue 02 Jan 2024 00:31:17 +0000
ROA not before: Tue 02 Jan 2024 00:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200577
IP address blocks: 193.228.3.0/24 maxlen: 24
193.228.60.0/24 maxlen: 24
193.228.101.0/24 maxlen: 24
2001:67c:201c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/YA6F9YHHUTkI6gRmX9I3Jv1w5is.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/YA6F9YHHUTkI6gRmX9I3Jv1w5is.mft
rsync://rpki.ripe.net/repository/DEFAULT/YA6F9YHHUTkI6gRmX9I3Jv1w5is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f5:b7:0a:5c:3f:27:3e:aa:18:7f:71:06:d3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=600e85f581c7513908ea04665fd23726fd70e62b
Validity
Not Before: Jan 2 00:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a97b1ebed79d5d959958571969dcd2eaeb625fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:91:d3:10:6d:55:11:78:d5:ec:f4:82:da:16:
49:86:08:7d:68:ee:6d:5b:94:1c:c7:18:9f:0c:29:
32:83:ac:c4:6a:6d:21:83:f3:61:39:7d:18:13:28:
fa:a4:63:a8:33:ca:20:ac:12:0f:24:58:c3:b4:9e:
3f:cd:fc:dd:19:c5:bd:92:7c:6b:55:0f:d4:85:fd:
d7:fc:ef:b7:db:7c:42:0a:b2:62:4e:3d:68:44:4d:
d2:e9:62:db:13:e0:cc:d2:f0:99:d2:49:0b:86:e2:
53:cf:76:86:df:96:22:cb:e5:9f:ce:0a:3c:f6:fa:
33:de:ee:74:56:b9:81:cb:6f:30:9f:d5:c9:74:8a:
aa:11:ad:2f:8b:85:da:3f:82:b7:db:fd:93:f4:7f:
53:f9:07:05:93:ee:f7:b5:c3:8b:85:10:2a:48:96:
c1:f9:38:ec:19:46:b2:a9:bb:2d:37:83:70:d4:09:
d3:b8:e9:64:8e:39:3e:68:2c:a9:0a:a4:ae:09:c9:
0a:3e:47:62:da:3c:7c:c1:b1:a3:6e:04:ce:cc:4e:
65:ba:41:ef:cb:08:4d:29:0f:00:66:30:1c:e3:b0:
ac:24:4e:5f:72:5b:99:3c:cb:84:91:9a:6b:0e:c7:
88:ab:da:58:f7:97:47:9d:84:4a:78:96:f3:53:c0:
d2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7B:1E:BE:D7:9D:5D:95:99:58:57:19:69:DC:D2:EA:EB:62:5F:BD
X509v3 Authority Key Identifier:
keyid:60:0E:85:F5:81:C7:51:39:08:EA:04:66:5F:D2:37:26:FD:70:E6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA6F9YHHUTkI6gRmX9I3Jv1w5is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/qXsevtedXZWZWFcZadzS6utiX70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/25c017-86e2-4cc3-a202-4cda788fe899/1/YA6F9YHHUTkI6gRmX9I3Jv1w5is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.3.0/24
193.228.60.0/24
193.228.101.0/24
IPv6:
2001:67c:201c::/48
Signature Algorithm: sha256WithRSAEncryption
a2:df:17:98:30:b1:bf:2a:76:f8:e7:19:72:42:35:94:65:89:
74:87:d8:c9:98:e8:79:66:97:cf:c0:33:0c:f7:02:8c:2f:7a:
73:f6:e1:1c:68:eb:43:26:3f:e5:9c:2a:39:e7:35:db:cd:87:
f8:04:41:2f:e8:7a:5d:5d:02:8a:0f:39:45:54:ac:12:17:a5:
16:3f:1b:2c:48:ba:7e:bb:e0:c5:eb:7e:17:22:f3:d6:ed:f4:
a5:3e:be:8e:af:61:98:87:fa:69:87:23:01:05:7a:94:9d:d1:
23:9d:bb:d6:9a:85:52:b0:94:3a:b9:92:44:87:e1:b5:b1:04:
80:77:db:49:4d:0a:57:a6:9e:83:f8:8f:6c:90:1e:fc:5c:16:
60:3c:7c:a3:55:59:c3:e7:4a:d2:b6:6d:a3:f6:51:1a:96:d8:
40:c2:48:a7:91:5e:3d:4e:98:b2:99:c8:95:90:aa:23:ff:26:
f9:3f:52:2e:25:75:0f:ed:77:8e:35:c7:2e:9e:e5:ba:22:c7:
7a:1d:c3:02:d5:7c:16:dd:f6:9f:41:34:b2:32:ec:e6:d1:d1:
20:98:63:f1:16:67:77:62:ef:e4:a1:b9:82:27:e8:7e:db:44:
26:52:82:f1:aa:8a:b9:91:c2:6e:4f:c5:d7:e9:49:cb:28:9f:
d8:91:99:f4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHlPW3Clw/Jz6qGH9xBtNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGU4NWY1ODFjNzUxMzkwOGVhMDQ2NjVmZDIzNzI2ZmQ3
MGU2MmIwHhcNMjQwMTAyMDAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTdiMWViZWQ3OWQ1ZDk1OTk1ODU3MTk2OWRjZDJlYWViNjI1ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipHTEG1VEXjV7PSC2hZJhgh9aO5t
W5QcxxifDCkyg6zEam0hg/NhOX0YEyj6pGOoM8ogrBIPJFjDtJ4/zfzdGcW9knxr
VQ/Uhf3X/O+323xCCrJiTj1oRE3S6WLbE+DM0vCZ0kkLhuJTz3aG35Yiy+Wfzgo8
9voz3u50VrmBy28wn9XJdIqqEa0vi4XaP4K32/2T9H9T+QcFk+73tcOLhRAqSJbB
+TjsGUayqbstN4Nw1AnTuOlkjjk+aCypCqSuCckKPkdi2jx8wbGjbgTOzE5lukHv
ywhNKQ8AZjAc47CsJE5fcluZPMuEkZprDseIq9pY95dHnYRKeJbzU8DSYQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKl7Hr7XnV2VmVhXGWnc0urrYl+9MB8GA1UdIwQY
MBaAFGAOhfWBx1E5COoEZl/SNyb9cOYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUE2RjlZSEhVVGtJNmdSbVg5STNKdjF3NWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yNWMwMTctODZlMi00Y2MzLWEyMDIt
NGNkYTc4OGZlODk5LzEvcVhzZXZ0ZWRYWldaV0ZjWmFkelM2dXRpWDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yNWMwMTctODZlMi00Y2MzLWEyMDItNGNkYTc4OGZlODk5
LzEvWUE2RjlZSEhVVGtJNmdSbVg5STNKdjF3NWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAweQDAwQA
weQ8AwQAweRlMA8EAgACMAkDBwAgAQZ8IBwwDQYJKoZIhvcNAQELBQADggEBAKLf
F5gwsb8qdvjnGXJCNZRliXSH2MmY6Hlml8/AMwz3AowvenP24Rxo60MmP+WcKjnn
NdvNh/gEQS/oel1dAooPOUVUrBIXpRY/GyxIun674MXrfhci89bt9KU+vo6vYZiH
+mmHIwEFepSd0SOdu9aahVKwlDq5kkSH4bWxBIB320lNClemnoP4j2yQHvxcFmA8
fKNVWcPnStK2baP2URqW2EDCSKeRXj1OmLKZyJWQqiP/Jvk/Ui4ldQ/td441xy6e
5boix3odwwLVfBbd9p9BNLIy7ObR0SCYY/EWZ3di7+ShuYIn6H7bRCZSgvGqirmR
wm5PxdfpScson9iRmfQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:26 2024 by rpki-client on console-fra.rpki-client.org