Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/BqQDmLMO21ujShKNZy01nacVt1o.roa
File: BqQDmLMO21ujShKNZy01nacVt1o.roa (raw, json)
Hash identifier: Qx44DOA+6pIbGJ9KFbNp+B8RA02Kvdw1qBH9XaIA74k=
Subject key identifier: 06:A4:03:98:B3:0E:DB:5B:A3:4A:12:8D:67:2D:35:9D:A7:15:B7:5A
Certificate issuer: /CN=6f930698733bad33c081719c7b68bd19723a5a77
Certificate serial: 018D5642F734B156404D89DEF63D7B40D161
Authority key identifier: 6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/BqQDmLMO21ujShKNZy01nacVt1o.roa
Signing time: Mon 29 Jan 2024 17:27:25 +0000
ROA not before: Mon 29 Jan 2024 17:27:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207928
IP address blocks: 194.153.76.0/23 maxlen: 23
194.153.76.0/24 maxlen: 24
194.153.77.0/24 maxlen: 24
194.153.102.0/23 maxlen: 23
194.153.102.0/24 maxlen: 24
194.153.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:42:f7:34:b1:56:40:4d:89:de:f6:3d:7b:40:d1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f930698733bad33c081719c7b68bd19723a5a77
Validity
Not Before: Jan 29 17:27:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a40398b30edb5ba34a128d672d359da715b75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:47:25:d6:4b:d6:59:77:45:b5:64:62:e4:a1:
f4:ee:5a:bb:d6:12:86:ae:09:1f:9c:9c:ba:12:cf:
e1:7a:b6:b9:d1:ee:bd:d1:3a:f6:6f:a4:76:cd:29:
22:42:40:5c:d5:52:f9:72:85:48:3a:5c:10:6e:f2:
d3:22:7f:81:e1:56:f8:c6:fb:b7:44:ae:a4:90:bb:
2d:1f:d4:17:9e:9b:38:e2:bd:b1:1b:8b:9e:1b:95:
7c:f8:c9:c7:80:07:6c:63:8a:85:56:a9:d2:97:62:
94:f8:df:97:d2:c5:f8:a9:c2:46:85:6c:6d:e5:cc:
9b:da:2b:1b:f1:f6:a3:57:0e:f4:11:db:51:ed:bc:
72:fb:d8:a8:06:7f:e1:13:da:f5:5b:33:1a:df:a4:
b1:b1:74:03:e7:73:e7:49:e3:a5:93:b0:93:95:3d:
84:a6:bb:15:97:f5:2a:8c:e8:e6:fe:80:0b:9d:d3:
84:48:7e:9e:de:c3:2c:a1:09:72:70:29:23:e1:3d:
c1:c5:33:dc:8a:99:ff:19:5b:fd:73:6d:a8:ef:b1:
c5:83:80:31:43:96:af:6a:af:f6:7f:7a:1d:8a:b3:
ee:6a:9c:93:99:0c:41:89:5c:87:a3:f5:fa:e6:38:
db:a9:95:66:bb:b8:8c:a8:29:13:69:63:bb:68:47:
10:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A4:03:98:B3:0E:DB:5B:A3:4A:12:8D:67:2D:35:9D:A7:15:B7:5A
X509v3 Authority Key Identifier:
keyid:6F:93:06:98:73:3B:AD:33:C0:81:71:9C:7B:68:BD:19:72:3A:5A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5MGmHM7rTPAgXGce2i9GXI6Wnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/BqQDmLMO21ujShKNZy01nacVt1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5e61f7-8363-4acc-b8a4-fe103fd3857c/1/b5MGmHM7rTPAgXGce2i9GXI6Wnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.76.0/23
194.153.102.0/23
Signature Algorithm: sha256WithRSAEncryption
39:79:62:80:7c:6d:ff:72:03:0b:72:0e:d1:8e:59:19:85:59:
26:9c:1b:6c:36:43:71:3c:fc:fd:57:67:9c:1c:91:d5:3c:c3:
99:a0:52:18:5b:1b:23:71:ca:3f:c6:01:5c:53:6b:2d:a6:01:
98:b2:6c:f0:31:9f:d9:77:62:6e:ba:f1:09:2b:a5:90:b2:1e:
16:26:16:20:01:20:1b:c3:48:8e:07:71:d3:0d:bc:55:db:cb:
0d:2e:ed:fa:eb:75:ef:f1:6c:f3:b1:2f:54:79:a4:6d:7f:e3:
56:4c:48:a2:6d:8f:f1:60:3f:28:9f:29:21:d3:e4:1a:8a:11:
c4:e9:7f:2b:88:44:c0:b0:f4:29:a7:13:4f:c4:f6:4f:bb:c5:
16:49:32:8f:0a:3e:b0:e2:3c:d1:35:f6:14:87:09:5c:da:44:
d8:38:f9:cf:87:1b:56:0b:26:9b:c1:f8:0a:83:52:76:94:9b:
e2:c3:95:53:ba:97:7d:f9:06:92:15:01:8c:63:20:02:4f:0a:
1e:ff:77:a8:ba:52:05:40:f4:19:87:9b:49:70:ba:b8:5f:b4:
aa:71:e8:f9:29:9b:ac:a0:18:6c:41:aa:8e:97:80:33:c0:4f:
29:82:bb:ca:76:ba:80:b2:31:dc:f3:a0:71:fe:1f:4a:4d:a3:
48:53:ca:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1WQvc0sVZATYne9j17QNFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmOTMwNjk4NzMzYmFkMzNjMDgxNzE5YzdiNjhiZDE5NzIz
YTVhNzcwHhcNMjQwMTI5MTcyNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE0MDM5OGIzMGVkYjViYTM0YTEyOGQ2NzJkMzU5ZGE3MTViNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0cl1kvWWXdFtWRi5KH07lq71hKG
rgkfnJy6Es/hera50e690Tr2b6R2zSkiQkBc1VL5coVIOlwQbvLTIn+B4Vb4xvu3
RK6kkLstH9QXnps44r2xG4ueG5V8+MnHgAdsY4qFVqnSl2KU+N+X0sX4qcJGhWxt
5cyb2isb8fajVw70EdtR7bxy+9ioBn/hE9r1WzMa36SxsXQD53PnSeOlk7CTlT2E
prsVl/UqjOjm/oALndOESH6e3sMsoQlycCkj4T3BxTPcipn/GVv9c22o77HFg4Ax
Q5avaq/2f3odirPuapyTmQxBiVyHo/X65jjbqZVmu7iMqCkTaWO7aEcQpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAakA5izDttbo0oSjWctNZ2nFbdaMB8GA1UdIwQY
MBaAFG+TBphzO60zwIFxnHtovRlyOlp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQt
ZmUxMDNmZDM4NTdjLzEvQnFRRG1MTU8yMXVqU2hLTlp5MDFuYWNWdDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZTYxZjctODM2My00YWNjLWI4YTQtZmUxMDNmZDM4NTdj
LzEvYjVNR21ITTdyVFBBZ1hHY2UyaTlHWEk2V25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwplMAwQB
wplmMA0GCSqGSIb3DQEBCwUAA4IBAQA5eWKAfG3/cgMLcg7RjlkZhVkmnBtsNkNx
PPz9V2ecHJHVPMOZoFIYWxsjcco/xgFcU2stpgGYsmzwMZ/Zd2JuuvEJK6WQsh4W
JhYgASAbw0iOB3HTDbxV28sNLu3663Xv8WzzsS9UeaRtf+NWTEiibY/xYD8onykh
0+QaihHE6X8riETAsPQppxNPxPZPu8UWSTKPCj6w4jzRNfYUhwlc2kTYOPnPhxtW
CyabwfgKg1J2lJviw5VTupd9+QaSFQGMYyACTwoe/3eoulIFQPQZh5tJcLq4X7Sq
cej5KZusoBhsQaqOl4AzwE8pgrvKdrqAsjHc86Bx/h9KTaNIU8qu
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:16:07 2024 by rpki-client on console-fra.rpki-client.org