Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Qznp5yrP0r8aImEQZiJSLMhm6go.roa
File: Qznp5yrP0r8aImEQZiJSLMhm6go.roa (raw, json)
Hash identifier: JyBmPvGPXCHz/2n8QL0MeYVtj012RJhDaaXqxRngEig=
Subject key identifier: 43:39:E9:E7:2A:CF:D2:BF:1A:22:61:10:66:22:52:2C:C8:66:EA:0A
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B732ADBC94157339D6AC0B6B120C94
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Qznp5yrP0r8aImEQZiJSLMhm6go.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25113
IP address blocks: 193.251.158.0/24 maxlen: 24
193.252.152.0/23 maxlen: 24
193.252.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:32:ad:bc:94:15:73:39:d6:ac:0b:6b:12:0c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4339e9e72acfd2bf1a2261106622522cc866ea0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d1:29:68:2b:8b:55:bd:21:97:bd:bc:0d:1e:
e6:4b:66:a6:1f:3a:99:6e:2b:f4:0b:6a:6b:70:12:
e1:3d:6b:9c:5a:e0:c8:7e:1c:61:53:07:59:01:ba:
2c:ea:63:27:36:47:5d:ad:55:96:db:56:a9:22:3c:
f3:fc:58:78:b0:04:dd:2d:1e:64:09:fe:1b:7e:99:
c1:61:af:f0:3e:1c:c8:85:55:9a:f6:80:c0:92:68:
80:26:a4:f5:3c:26:d6:bc:24:d6:c1:d8:b8:27:30:
f8:bf:90:6b:80:5c:96:57:04:b6:07:4e:71:8d:16:
03:ec:e9:b4:84:55:90:be:7b:b4:48:a6:63:a6:21:
b1:d0:83:cb:9c:4e:f2:94:84:c8:e8:52:7c:cf:ed:
69:2b:c4:32:05:f4:98:d5:52:35:52:8d:51:6e:63:
00:1b:29:63:af:ee:9e:44:cc:40:32:b5:2e:01:9c:
2d:35:cc:65:c8:c7:2c:36:38:ec:e6:d1:24:63:f1:
ea:ec:c5:3e:a9:d8:e7:42:7f:1a:e6:32:52:f6:a1:
71:08:da:a7:ae:61:02:2a:f5:88:ca:c3:fb:91:24:
83:f3:db:6d:b7:f8:34:cf:1c:20:fb:4e:fb:6a:4a:
45:9b:40:c7:68:fc:e5:d2:7b:56:e2:06:bc:1d:4f:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:39:E9:E7:2A:CF:D2:BF:1A:22:61:10:66:22:52:2C:C8:66:EA:0A
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Qznp5yrP0r8aImEQZiJSLMhm6go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.158.0/24
193.252.150.0-193.252.153.255
Signature Algorithm: sha256WithRSAEncryption
2d:21:81:ac:0d:58:0c:92:e4:92:42:fe:a2:29:eb:9a:35:f9:
64:e2:80:8e:46:84:22:bf:f7:38:85:79:88:d7:be:1c:81:c9:
1c:f3:5c:dd:fe:71:64:48:c4:c7:f7:63:8d:8c:41:bc:6a:58:
6f:61:02:59:73:37:96:9f:36:8d:bb:81:5a:8c:05:f5:6a:80:
ea:f0:6d:d8:c2:fd:7a:70:56:26:3f:6a:11:e1:0f:67:df:e8:
4e:23:f2:fb:15:74:9e:3d:e2:d6:49:f4:78:aa:28:b9:55:10:
8a:62:fc:0e:88:23:40:bb:22:12:61:43:60:1f:40:c6:05:80:
ab:69:ee:f2:8f:df:d0:05:21:28:ca:42:72:42:e1:79:ab:db:
60:05:c1:4f:b3:cf:df:06:ba:9b:68:5b:60:66:ac:22:19:d7:
63:2b:83:fe:3f:5e:d1:03:87:ec:67:a1:f3:a0:57:d0:54:98:
58:7d:77:8e:4d:1d:9b:87:70:8c:25:8e:a9:f4:a3:c7:25:80:
bf:35:19:6b:97:22:ad:96:d6:f4:fe:25:21:bb:9b:ff:1d:49:
54:eb:e6:7c:ea:4d:58:f4:e2:b7:22:52:75:70:79:14:54:52:
b0:83:3b:d3:24:cf:21:72:2c:01:17:07:8c:01:1f:d7:33:90:
37:cf:0a:32
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDtzKtvJQVcznWrAtrEgyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM5ZTllNzJhY2ZkMmJmMWEyMjYxMTA2NjIyNTIyY2M4NjZlYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9EpaCuLVb0hl728DR7mS2amHzqZ
biv0C2prcBLhPWucWuDIfhxhUwdZAbos6mMnNkddrVWW21apIjzz/Fh4sATdLR5k
Cf4bfpnBYa/wPhzIhVWa9oDAkmiAJqT1PCbWvCTWwdi4JzD4v5BrgFyWVwS2B05x
jRYD7Om0hFWQvnu0SKZjpiGx0IPLnE7ylITI6FJ8z+1pK8QyBfSY1VI1Uo1RbmMA
Gyljr+6eRMxAMrUuAZwtNcxlyMcsNjjs5tEkY/Hq7MU+qdjnQn8a5jJS9qFxCNqn
rmECKvWIysP7kSSD89ttt/g0zxwg+077akpFm0DHaPzl0ntW4ga8HU8J8wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEM56ecqz9K/GiJhEGYiUizIZuoKMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvUXpucDV5clAwcjhhSW1FUVppSlNMTWhtNmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwfueMAwD
BAHB/JYDBAHB/JgwDQYJKoZIhvcNAQELBQADggEBAC0hgawNWAyS5JJC/qIp65o1
+WTigI5GhCK/9ziFeYjXvhyByRzzXN3+cWRIxMf3Y42MQbxqWG9hAllzN5afNo27
gVqMBfVqgOrwbdjC/XpwViY/ahHhD2ff6E4j8vsVdJ494tZJ9HiqKLlVEIpi/A6I
I0C7IhJhQ2AfQMYFgKtp7vKP39AFISjKQnJC4Xmr22AFwU+zz98GuptoW2BmrCIZ
12Mrg/4/XtEDh+xnofOgV9BUmFh9d45NHZuHcIwljqn0o8clgL81GWuXIq2W1vT+
JSG7m/8dSVTr5nzqTVj04rciUnVweRRUUrCDO9MkzyFyLAEXB4wBH9czkDfPCjI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:00 2024 by rpki-client on console-fra.rpki-client.org