Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/Q7Z_C-47mFmBzVPPKt9ndhGkngA.roa
File: Q7Z_C-47mFmBzVPPKt9ndhGkngA.roa (raw, json)
Hash identifier: 5hjev1gTkriUrKnc1kjfdGceLbBmLUEmu+DPWLn6kqU=
Subject key identifier: 43:B6:7F:0B:EE:3B:98:59:81:CD:53:CF:2A:DF:67:76:11:A4:9E:00
Certificate issuer: /CN=bc69e6902d4e1c41246f4a121b4a5bdecf86e388
Certificate serial: 018CC8030D3D13207EA3BAA12E35D0B29281
Authority key identifier: BC:69:E6:90:2D:4E:1C:41:24:6F:4A:12:1B:4A:5B:DE:CF:86:E3:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGnmkC1OHEEkb0oSG0pb3s-G44g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/Q7Z_C-47mFmBzVPPKt9ndhGkngA.roa
Signing time: Tue 02 Jan 2024 02:31:32 +0000
ROA not before: Tue 02 Jan 2024 02:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201746
IP address blocks: 193.5.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/vGnmkC1OHEEkb0oSG0pb3s-G44g.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/vGnmkC1OHEEkb0oSG0pb3s-G44g.mft
rsync://rpki.ripe.net/repository/DEFAULT/vGnmkC1OHEEkb0oSG0pb3s-G44g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:0d:3d:13:20:7e:a3:ba:a1:2e:35:d0:b2:92:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc69e6902d4e1c41246f4a121b4a5bdecf86e388
Validity
Not Before: Jan 2 02:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b67f0bee3b985981cd53cf2adf677611a49e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:77:4f:90:fa:e5:dc:5c:ec:63:3b:91:55:
ba:6c:6b:66:70:1d:ce:b7:e8:4b:b4:7a:92:57:72:
0d:82:b9:52:e5:5e:a2:ee:c4:eb:04:ed:76:e6:9b:
a4:b2:c1:61:84:cb:80:87:d9:de:d0:7d:de:8b:70:
13:85:43:ec:3f:e5:11:e9:a6:56:21:0d:92:1c:0b:
6b:41:6c:4a:0a:bf:32:0f:04:7b:4b:eb:ab:c0:89:
a1:df:58:23:a5:a1:6a:d3:e6:b5:01:37:77:54:5d:
5b:00:ec:fb:cb:dc:cd:2e:a4:46:93:c2:e6:34:77:
b0:bf:ea:e6:52:30:0e:83:93:6e:84:ca:85:3b:fc:
8c:14:37:c1:42:9e:0c:36:c9:db:62:bd:87:04:cf:
cd:1b:ee:56:b8:c3:66:1a:7f:3f:3f:52:de:c2:44:
63:ad:d7:05:0e:d2:f1:06:b9:b7:43:82:6f:29:8c:
a1:b9:d5:5c:77:8e:b6:10:77:2c:28:c3:b1:53:f3:
e5:2e:7d:b3:5e:f5:7d:10:3a:7b:e5:84:9b:ef:43:
e0:e8:e4:43:aa:45:17:ac:ce:36:05:b6:22:8b:4d:
54:08:02:f1:5d:2b:da:3f:65:83:81:85:3f:55:da:
18:b9:7c:3f:02:8f:ee:14:8b:f8:0a:fe:92:94:c0:
0c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B6:7F:0B:EE:3B:98:59:81:CD:53:CF:2A:DF:67:76:11:A4:9E:00
X509v3 Authority Key Identifier:
keyid:BC:69:E6:90:2D:4E:1C:41:24:6F:4A:12:1B:4A:5B:DE:CF:86:E3:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGnmkC1OHEEkb0oSG0pb3s-G44g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/Q7Z_C-47mFmBzVPPKt9ndhGkngA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e05ab2-23b8-4af2-b488-d3d03797259d/1/vGnmkC1OHEEkb0oSG0pb3s-G44g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.150.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ac:6b:10:a7:b1:7d:e7:99:bd:d2:a6:bd:b3:d1:7d:78:be:
bd:95:f7:46:26:54:89:7c:b0:e9:4f:a5:c4:b2:e7:f9:47:ad:
91:36:32:9f:21:c6:27:a4:74:9b:b3:f5:25:5f:27:31:75:ba:
b4:eb:f7:d7:76:ec:73:ec:b6:a4:a9:01:f1:7f:2f:5d:56:50:
81:86:69:84:bb:9c:79:0e:cd:16:b8:4e:ec:ab:30:eb:a5:08:
05:06:91:91:2c:32:2c:2a:d8:de:b9:c8:8b:0b:d4:de:4c:53:
f5:8a:be:02:15:49:ee:8d:f1:70:06:de:fe:61:74:ee:4d:7c:
b3:16:5d:36:a5:d4:b4:74:ab:11:47:0f:d5:47:02:4d:02:fb:
1e:dd:4b:5d:6b:1e:11:b9:20:02:44:b4:b6:fe:9d:99:aa:5a:
0a:e5:1f:a6:16:02:78:24:ee:51:bf:78:c9:1c:8b:db:b2:04:
e3:cd:7f:0d:3b:97:87:c4:e6:c0:8d:76:d2:c5:05:c3:a8:c9:
ca:bd:df:59:2a:f5:4b:b1:85:86:61:30:e0:4b:db:5b:8a:67:
45:d1:cd:56:20:2d:18:7f:b9:be:6d:3b:cd:09:76:33:f8:1e:
76:46:23:0a:8f:bf:13:21:cd:2d:e1:58:28:e9:b7:3b:b3:50:
7e:06:25:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAw09EyB+o7qhLjXQspKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjllNjkwMmQ0ZTFjNDEyNDZmNGExMjFiNGE1YmRlY2Y4
NmUzODgwHhcNMjQwMTAyMDIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I2N2YwYmVlM2I5ODU5ODFjZDUzY2YyYWRmNjc3NjExYTQ5ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldN3T5D65dxc7GM7kVW6bGtmcB3O
t+hLtHqSV3INgrlS5V6i7sTrBO125pukssFhhMuAh9ne0H3ei3AThUPsP+UR6aZW
IQ2SHAtrQWxKCr8yDwR7S+urwImh31gjpaFq0+a1ATd3VF1bAOz7y9zNLqRGk8Lm
NHewv+rmUjAOg5NuhMqFO/yMFDfBQp4MNsnbYr2HBM/NG+5WuMNmGn8/P1LewkRj
rdcFDtLxBrm3Q4JvKYyhudVcd462EHcsKMOxU/PlLn2zXvV9EDp75YSb70Pg6ORD
qkUXrM42BbYii01UCALxXSvaP2WDgYU/VdoYuXw/Ao/uFIv4Cv6SlMAMRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO2fwvuO5hZgc1TzyrfZ3YRpJ4AMB8GA1UdIwQY
MBaAFLxp5pAtThxBJG9KEhtKW97PhuOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdubWtDMU9IRUVrYjBvU0cwcGIzcy1HNDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lMDVhYjItMjNiOC00YWYyLWI0ODgt
ZDNkMDM3OTcyNTlkLzEvUTdaX0MtNDdtRm1CelZQUEt0OW5kaEdrbmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lMDVhYjItMjNiOC00YWYyLWI0ODgtZDNkMDM3OTcyNTlk
LzEvdkdubWtDMU9IRUVrYjBvU0cwcGIzcy1HNDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQWWMA0G
CSqGSIb3DQEBCwUAA4IBAQAPrGsQp7F955m90qa9s9F9eL69lfdGJlSJfLDpT6XE
suf5R62RNjKfIcYnpHSbs/UlXycxdbq06/fXduxz7LakqQHxfy9dVlCBhmmEu5x5
Ds0WuE7sqzDrpQgFBpGRLDIsKtjeuciLC9TeTFP1ir4CFUnujfFwBt7+YXTuTXyz
Fl02pdS0dKsRRw/VRwJNAvse3Utdax4RuSACRLS2/p2ZqloK5R+mFgJ4JO5Rv3jJ
HIvbsgTjzX8NO5eHxObAjXbSxQXDqMnKvd9ZKvVLsYWGYTDgS9tbimdF0c1WIC0Y
f7m+bTvNCXYz+B52RiMKj78TIc0t4Vgo6bc7s1B+BiWH
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:34 2024 by rpki-client on console-ams.rpki-client.org