Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/GZTpWqHvdUggYV9uuQTeHMnscuA.roa
File: GZTpWqHvdUggYV9uuQTeHMnscuA.roa (raw, json)
Hash identifier: QB8KsqPtiEsZrFiuuIn+Qc9pQZe6n5ugC3gsYDlDgNE=
Subject key identifier: 19:94:E9:5A:A1:EF:75:48:20:61:5F:6E:B9:04:DE:1C:C9:EC:72:E0
Certificate issuer: /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Certificate serial: 018DC12AC40598386EFEE18AECC107FAC8A8
Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/GZTpWqHvdUggYV9uuQTeHMnscuA.roa
Signing time: Mon 19 Feb 2024 11:40:21 +0000
ROA not before: Mon 19 Feb 2024 11:40:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207697
IP address blocks: 91.209.97.0/24 maxlen: 24
193.22.136.0/24 maxlen: 24
193.22.137.0/24 maxlen: 24
193.22.138.0/24 maxlen: 24
193.22.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.mft
rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:2a:c4:05:98:38:6e:fe:e1:8a:ec:c1:07:fa:c8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Validity
Not Before: Feb 19 11:40:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1994e95aa1ef754820615f6eb904de1cc9ec72e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f1:5d:c2:1d:e8:c7:77:ea:70:44:bd:f6:ea:
85:f3:7b:15:68:34:b6:77:88:5c:b3:1f:fa:13:a5:
8d:04:c8:75:5a:1f:8c:68:9f:d5:b0:37:d2:41:a0:
10:9a:03:6b:b0:cc:29:09:15:bb:57:32:90:4e:07:
47:11:25:05:65:0d:db:3c:5b:8c:df:9e:00:b3:4f:
95:04:0d:8e:83:1c:7e:81:b3:0c:28:b8:39:b8:94:
5f:05:03:c8:d5:eb:f4:8c:ff:b4:c3:31:96:16:21:
bf:da:1d:04:7b:b7:33:1c:28:65:12:04:c2:ea:b5:
de:98:c7:18:44:1b:9d:1c:23:29:9b:54:3b:70:09:
32:e1:ec:24:45:b3:67:b3:a7:4d:39:fb:ec:00:8b:
b4:11:d4:f4:1e:d9:b7:d0:8a:7a:f4:8d:01:11:7e:
ed:7a:c6:bb:8f:e9:42:f8:26:ad:ce:b4:db:94:b9:
16:79:5f:9c:d6:15:74:50:67:cf:25:32:44:c8:cd:
b3:2a:1c:47:42:a6:01:f7:f3:37:09:2e:b5:1a:d0:
a0:54:38:57:59:78:35:72:d5:40:58:a0:66:aa:bc:
f0:d9:0b:eb:ff:55:b8:89:6d:81:32:b9:81:ea:bb:
75:40:bd:7d:7b:d5:8b:73:73:a0:a6:87:9e:c0:d9:
0d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:94:E9:5A:A1:EF:75:48:20:61:5F:6E:B9:04:DE:1C:C9:EC:72:E0
X509v3 Authority Key Identifier:
keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/GZTpWqHvdUggYV9uuQTeHMnscuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.97.0/24
193.22.136.0/22
Signature Algorithm: sha256WithRSAEncryption
23:70:18:12:cb:a9:b4:10:ea:f1:00:7c:ef:6c:40:1a:73:de:
6d:13:e1:ba:15:8c:84:a3:0e:2e:1f:2f:37:c3:65:b8:0f:4d:
d8:67:82:09:08:df:45:c6:cb:e9:a5:48:c7:de:b8:c4:46:d0:
97:3a:4a:ae:c4:44:2a:fd:3c:6e:99:01:93:79:d7:79:e0:7c:
f3:e5:61:db:79:a0:4e:c7:ee:00:18:be:90:f6:f4:3d:3b:5f:
16:04:c6:fa:f0:14:c6:0e:6a:9d:5e:df:eb:9f:92:9d:f3:51:
da:b3:db:79:23:28:c3:67:52:56:80:ac:d6:f7:b3:82:41:7f:
e5:26:93:10:19:60:3c:93:78:a4:ab:98:23:12:43:e1:09:b5:
81:64:7a:df:2f:c3:a6:87:cd:33:c2:fa:38:67:02:e2:93:86:
0f:45:7e:26:fc:6b:2c:cb:2f:19:d3:de:3f:90:21:61:7f:87:
2c:4e:6b:8f:fc:19:c6:17:2b:3b:92:be:64:3d:47:83:4d:b1:
7f:53:ce:da:5f:3d:61:bf:5b:59:8a:69:6e:1c:d0:39:03:87:
c8:98:36:ff:cc:df:c3:db:43:f3:31:3d:03:92:2b:f8:23:a4:
64:34:79:24:63:23:d1:b8:a1:30:a0:78:ad:ed:18:fc:0c:31:
28:44:27:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3BKsQFmDhu/uGK7MEH+sioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3
Y2ZkNGIwHhcNMjQwMjE5MTE0MDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk0ZTk1YWExZWY3NTQ4MjA2MTVmNmViOTA0ZGUxY2M5ZWM3MmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Fdwh3ox3fqcES99uqF83sVaDS2
d4hcsx/6E6WNBMh1Wh+MaJ/VsDfSQaAQmgNrsMwpCRW7VzKQTgdHESUFZQ3bPFuM
354As0+VBA2Ogxx+gbMMKLg5uJRfBQPI1ev0jP+0wzGWFiG/2h0Ee7czHChlEgTC
6rXemMcYRBudHCMpm1Q7cAky4ewkRbNns6dNOfvsAIu0EdT0Htm30Ip69I0BEX7t
esa7j+lC+CatzrTblLkWeV+c1hV0UGfPJTJEyM2zKhxHQqYB9/M3CS61GtCgVDhX
WXg1ctVAWKBmqrzw2Qvr/1W4iW2BMrmB6rt1QL19e9WLc3OgpoeewNkNVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBmU6Vqh73VIIGFfbrkE3hzJ7HLgMB8GA1UdIwQY
MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt
YWNkNzJkMmM2Y2I2LzEvR1pUcFdxSHZkVWdnWVY5dXVRVGVITW5zY3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2
LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9FhAwQC
wRaIMA0GCSqGSIb3DQEBCwUAA4IBAQAjcBgSy6m0EOrxAHzvbEAac95tE+G6FYyE
ow4uHy83w2W4D03YZ4IJCN9FxsvppUjH3rjERtCXOkquxEQq/TxumQGTedd54Hzz
5WHbeaBOx+4AGL6Q9vQ9O18WBMb68BTGDmqdXt/rn5Kd81Has9t5IyjDZ1JWgKzW
97OCQX/lJpMQGWA8k3ikq5gjEkPhCbWBZHrfL8Omh80zwvo4ZwLik4YPRX4m/Gss
yy8Z094/kCFhf4csTmuP/BnGFys7kr5kPUeDTbF/U87aXz1hv1tZimluHNA5A4fI
mDb/zN/D20PzMT0Dkiv4I6RkNHkkYyPRuKEwoHit7Rj8DDEoRCf9
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:34 2024 by rpki-client on console-fra.rpki-client.org