Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/BqnyAkj2JqnAfD3M0EiYyyJ3S1k.roa
File: BqnyAkj2JqnAfD3M0EiYyyJ3S1k.roa (raw, json)
Hash identifier: yvIOU80ghIqTp9N1PT1p+C2Gk8dnwDSwQgiKb0WdNkg=
Subject key identifier: 06:A9:F2:02:48:F6:26:A9:C0:7C:3D:CC:D0:48:98:CB:22:77:4B:59
Certificate issuer: /CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Certificate serial: 018CC72606EE6085F6EA69541F4B87055432
Authority key identifier: 41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/BqnyAkj2JqnAfD3M0EiYyyJ3S1k.roa
Signing time: Mon 01 Jan 2024 22:30:07 +0000
ROA not before: Mon 01 Jan 2024 22:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 195.142.244.0/24 maxlen: 24
195.142.245.0/24 maxlen: 24
195.142.246.0/24 maxlen: 24
195.142.247.0/24 maxlen: 24
195.142.202.0/24 maxlen: 24
195.142.203.0/24 maxlen: 24
195.142.200.0/24 maxlen: 24
195.142.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:06:ee:60:85:f6:ea:69:54:1f:4b:87:05:54:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41763db1ed334a7c5280ab9854742914ae0c4c52
Validity
Not Before: Jan 1 22:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a9f20248f626a9c07c3dccd04898cb22774b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:88:76:a9:cf:69:a8:dd:67:89:72:6d:0f:19:
f9:ec:0a:d2:cf:95:a1:bc:7d:d3:5c:5b:cc:4f:76:
76:6b:bb:77:60:e0:4b:c4:e9:90:af:d0:cf:e7:3e:
81:6e:d5:70:ff:9f:ad:5d:0b:af:4a:25:9b:85:4e:
d7:e2:db:4d:b9:ef:5e:ba:ed:74:7e:45:50:27:5b:
c2:c3:31:f6:65:c0:51:83:49:20:e3:0e:e1:a6:87:
78:c6:0b:11:c4:87:8d:03:6b:b6:91:62:9f:24:22:
41:72:f0:cd:7d:b7:33:1c:b0:a6:29:55:c4:b9:53:
9a:b0:72:02:c2:f8:36:21:9a:44:2d:67:f6:5a:18:
c6:d2:1c:72:db:32:50:ba:a6:03:5b:11:02:f9:6e:
bf:79:80:47:e6:53:50:43:19:cf:21:26:68:81:32:
48:51:71:d2:27:41:50:a0:a5:cd:d6:95:97:df:db:
3a:32:46:72:62:db:98:31:89:69:06:54:9c:f0:11:
ea:6e:64:75:bf:a1:bd:c8:91:7b:f9:f6:19:83:68:
c0:6d:55:56:fa:d6:8f:56:c3:d5:a2:1f:18:c1:cc:
e6:e5:8a:59:3c:48:16:80:3d:82:5a:56:2a:55:2f:
ef:5d:be:10:1b:3b:72:3d:8b:17:ec:94:43:aa:5c:
7c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A9:F2:02:48:F6:26:A9:C0:7C:3D:CC:D0:48:98:CB:22:77:4B:59
X509v3 Authority Key Identifier:
keyid:41:76:3D:B1:ED:33:4A:7C:52:80:AB:98:54:74:29:14:AE:0C:4C:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXY9se0zSnxSgKuYVHQpFK4MTFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/BqnyAkj2JqnAfD3M0EiYyyJ3S1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/efd094-4bc0-4ad0-aba3-49c95eeac812/1/QXY9se0zSnxSgKuYVHQpFK4MTFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.142.200.0/22
195.142.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:c4:7b:9f:6c:de:f3:34:97:e5:24:cd:a3:f2:22:56:3d:df:
79:dd:04:ac:f7:16:6c:73:32:8b:ea:38:3f:e6:39:d3:96:9f:
da:6b:83:74:f5:60:23:29:fc:89:31:11:d5:07:4a:df:d9:ad:
a2:46:44:9a:81:34:6c:56:92:7e:ac:82:cb:c0:d5:6f:d4:ae:
b4:cf:bb:b4:13:e5:1b:9b:62:16:ac:ce:7f:ff:3e:77:08:30:
26:34:85:7f:74:b4:23:17:dc:92:c4:80:ea:cd:16:3d:90:c6:
ed:ff:df:a5:7b:f3:4f:a4:91:68:fe:57:6a:23:7e:d6:e8:99:
b0:23:60:c8:95:fe:1a:8b:bf:0a:85:cc:ff:6e:fa:3a:a0:19:
c2:e0:d3:f4:4a:3e:d1:c2:d7:89:de:fa:a2:e1:d6:a0:ba:94:
9c:1a:e9:2b:8f:23:3b:d3:9f:72:d3:34:ab:d8:24:6b:22:31:
0e:0a:dd:d6:85:71:ed:e6:bb:3e:bd:d2:8a:d5:1e:eb:85:e9:
cd:e0:16:a7:7d:eb:37:b2:c0:6a:0f:43:af:46:f8:f2:f7:1a:
65:7d:55:52:27:79:b6:16:6d:4d:82:b0:c6:28:11:54:88:ab:
5c:38:45:20:f2:ef:e1:80:3a:ce:48:37:2d:aa:5d:a5:43:a5:
d6:84:7f:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJgbuYIX26mlUH0uHBVQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYzZGIxZWQzMzRhN2M1MjgwYWI5ODU0NzQyOTE0YWUw
YzRjNTIwHhcNMjQwMTAxMjIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE5ZjIwMjQ4ZjYyNmE5YzA3YzNkY2NkMDQ4OThjYjIyNzc0YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoh2qc9pqN1niXJtDxn57ArSz5Wh
vH3TXFvMT3Z2a7t3YOBLxOmQr9DP5z6BbtVw/5+tXQuvSiWbhU7X4ttNue9euu10
fkVQJ1vCwzH2ZcBRg0kg4w7hpod4xgsRxIeNA2u2kWKfJCJBcvDNfbczHLCmKVXE
uVOasHICwvg2IZpELWf2WhjG0hxy2zJQuqYDWxEC+W6/eYBH5lNQQxnPISZogTJI
UXHSJ0FQoKXN1pWX39s6MkZyYtuYMYlpBlSc8BHqbmR1v6G9yJF7+fYZg2jAbVVW
+taPVsPVoh8Ywczm5YpZPEgWgD2CWlYqVS/vXb4QGztyPYsX7JRDqlx8JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAap8gJI9iapwHw9zNBImMsid0tZMB8GA1UdIwQY
MBaAFEF2PbHtM0p8UoCrmFR0KRSuDExSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMt
NDljOTVlZWFjODEyLzEvQnFueUFrajJKcW5BZkQzTTBFaVl5eUozUzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lZmQwOTQtNGJjMC00YWQwLWFiYTMtNDljOTVlZWFjODEy
LzEvUVhZOXNlMHpTbnhTZ0t1WVZIUXBGSzRNVEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw47IAwQC
w470MA0GCSqGSIb3DQEBCwUAA4IBAQChxHufbN7zNJflJM2j8iJWPd953QSs9xZs
czKL6jg/5jnTlp/aa4N09WAjKfyJMRHVB0rf2a2iRkSagTRsVpJ+rILLwNVv1K60
z7u0E+Ubm2IWrM5//z53CDAmNIV/dLQjF9ySxIDqzRY9kMbt/9+le/NPpJFo/ldq
I37W6JmwI2DIlf4ai78Khcz/bvo6oBnC4NP0Sj7RwteJ3vqi4dagupScGukrjyM7
059y0zSr2CRrIjEOCt3WhXHt5rs+vdKK1R7rhenN4Banfes3ssBqD0OvRvjy9xpl
fVVSJ3m2Fm1NgrDGKBFUiKtcOEUg8u/hgDrOSDctql2lQ6XWhH9L
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:53 2024 by rpki-client on console-fra.rpki-client.org