Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/QWpSggiTDCWnhAYYJDNXPP0JHIg.roa
File: QWpSggiTDCWnhAYYJDNXPP0JHIg.roa (raw, json)
Hash identifier: OPcBEqTRb+3r1g6ZPtl7Y51KJhBgW4E6d4xPM0+VWRQ=
Subject key identifier: 41:6A:52:82:08:93:0C:25:A7:84:06:18:24:33:57:3C:FD:09:1C:88
Certificate issuer: /CN=744aea53ef60f8a8a9345e582982a9a59bc13767
Certificate serial: 018CC8DF4F76026CB4A676A0F222D0B106C9
Authority key identifier: 74:4A:EA:53:EF:60:F8:A8:A9:34:5E:58:29:82:A9:A5:9B:C1:37:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dErqU-9g-KipNF5YKYKppZvBN2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/QWpSggiTDCWnhAYYJDNXPP0JHIg.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197301
IP address blocks: 194.62.168.0/22 maxlen: 23
80.71.128.0/20 maxlen: 21
2a01:7a80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/dErqU-9g-KipNF5YKYKppZvBN2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/dErqU-9g-KipNF5YKYKppZvBN2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/dErqU-9g-KipNF5YKYKppZvBN2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:4f:76:02:6c:b4:a6:76:a0:f2:22:d0:b1:06:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=744aea53ef60f8a8a9345e582982a9a59bc13767
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=416a528208930c25a78406182433573cfd091c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:4a:23:95:cd:30:44:4e:27:2a:30:06:81:
8c:bb:a2:ca:ad:88:be:85:83:d8:cf:c8:f3:a6:cd:
8c:25:fb:7c:18:ab:f3:87:8d:39:de:0c:7e:83:6a:
90:15:da:2b:2b:42:30:c3:51:06:bb:1d:ed:53:3c:
b5:a4:d5:cb:f6:39:44:9b:33:ca:db:25:1f:66:a0:
86:2b:53:ea:e9:6b:70:35:72:94:a2:f8:6b:de:a3:
81:8b:79:f6:e9:ec:64:84:73:ac:55:2d:e4:5b:64:
07:ce:54:59:1c:1b:0b:2a:d3:ec:29:cf:2b:e8:fe:
e9:35:59:ba:ef:4e:44:56:52:9a:ed:43:ad:23:16:
4a:d5:40:14:3c:3c:ae:b9:08:d7:6b:7f:a5:71:ef:
e0:b5:b9:78:8d:3f:c6:d2:19:25:84:39:78:ce:bc:
b5:50:6a:05:66:7c:ac:e3:61:f4:db:73:70:11:22:
bb:d6:42:2e:df:b1:67:69:7b:58:74:f9:31:f0:45:
a4:dd:54:b3:4c:a1:db:b2:7d:22:33:28:aa:f1:01:
b3:dd:6a:b5:e6:ae:0b:11:51:10:9c:2f:83:f2:97:
a4:fb:f6:f2:8a:c3:d0:fd:5a:01:05:c4:a2:aa:1c:
34:b1:6f:2e:75:9b:06:a1:a0:8c:31:79:fb:66:92:
1d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6A:52:82:08:93:0C:25:A7:84:06:18:24:33:57:3C:FD:09:1C:88
X509v3 Authority Key Identifier:
keyid:74:4A:EA:53:EF:60:F8:A8:A9:34:5E:58:29:82:A9:A5:9B:C1:37:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dErqU-9g-KipNF5YKYKppZvBN2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/QWpSggiTDCWnhAYYJDNXPP0JHIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6d38cc-c0f6-4018-b929-9b64c25156b9/1/dErqU-9g-KipNF5YKYKppZvBN2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.128.0/20
194.62.168.0/22
IPv6:
2a01:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
34:fa:ce:1f:2c:a4:da:50:b1:40:c9:4d:2e:1b:bf:58:85:93:
5b:32:72:19:e5:37:60:88:cb:ab:10:cf:e0:76:af:40:82:2b:
de:02:5b:43:60:64:39:6e:12:89:91:d5:4c:cd:ed:60:d0:b7:
9d:d4:a1:09:7b:a3:3f:9c:6f:b5:92:aa:b6:55:4f:5b:b7:5c:
03:7a:b7:50:b7:62:94:b6:b8:2f:88:41:95:91:49:0b:90:67:
d3:0e:dd:07:9e:eb:fd:9d:a4:f3:41:bc:17:09:5c:99:c7:2a:
00:44:77:70:80:fa:ed:e4:97:a2:ee:81:65:8d:d0:8b:5f:ff:
2e:4c:42:2a:bf:26:bd:4b:67:32:fe:87:6a:a0:6c:e8:ed:33:
16:85:b3:26:65:39:cd:63:0a:d3:9d:12:91:e2:1a:1a:31:b1:
03:14:ef:33:05:e1:8a:90:76:06:da:fe:85:11:13:da:23:8a:
58:93:49:bc:06:63:a7:95:ee:e8:de:da:95:65:a6:c8:54:24:
c0:6f:2d:c0:fa:f3:43:42:2d:d6:c1:99:88:aa:b6:fd:82:9f:
1a:2a:33:15:cb:45:83:6d:f4:16:cc:df:68:8f:28:b9:48:d1:
63:1d:07:82:18:57:b8:61:b1:d6:46:98:93:fd:58:70:76:0f:
e2:6b:cb:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3092Amy0pnag8iLQsQbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NGFlYTUzZWY2MGY4YThhOTM0NWU1ODI5ODJhOWE1OWJj
MTM3NjcwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTZhNTI4MjA4OTMwYzI1YTc4NDA2MTgyNDMzNTczY2ZkMDkxYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/9KI5XNMEROJyowBoGMu6LKrYi+
hYPYz8jzps2MJft8GKvzh4053gx+g2qQFdorK0Iww1EGux3tUzy1pNXL9jlEmzPK
2yUfZqCGK1Pq6WtwNXKUovhr3qOBi3n26exkhHOsVS3kW2QHzlRZHBsLKtPsKc8r
6P7pNVm6705EVlKa7UOtIxZK1UAUPDyuuQjXa3+lce/gtbl4jT/G0hklhDl4zry1
UGoFZnys42H023NwESK71kIu37FnaXtYdPkx8EWk3VSzTKHbsn0iMyiq8QGz3Wq1
5q4LEVEQnC+D8pek+/byisPQ/VoBBcSiqhw0sW8udZsGoaCMMXn7ZpIdvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEFqUoIIkwwlp4QGGCQzVzz9CRyIMB8GA1UdIwQY
MBaAFHRK6lPvYPioqTReWCmCqaWbwTdnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVycVUtOWctS2lwTkY1WUtZS3BwWnZCTjJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82ZDM4Y2MtYzBmNi00MDE4LWI5Mjkt
OWI2NGMyNTE1NmI5LzEvUVdwU2dnaVREQ1duaEFZWUpETlhQUDBKSElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82ZDM4Y2MtYzBmNi00MDE4LWI5MjktOWI2NGMyNTE1NmI5
LzEvZEVycVUtOWctS2lwTkY1WUtZS3BwWnZCTjJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEeAAwQC
wj6oMA0EAgACMAcDBQMqAXqAMA0GCSqGSIb3DQEBCwUAA4IBAQA0+s4fLKTaULFA
yU0uG79YhZNbMnIZ5TdgiMurEM/gdq9AgiveAltDYGQ5bhKJkdVMze1g0Led1KEJ
e6M/nG+1kqq2VU9bt1wDerdQt2KUtrgviEGVkUkLkGfTDt0Hnuv9naTzQbwXCVyZ
xyoARHdwgPrt5Jei7oFljdCLX/8uTEIqvya9S2cy/odqoGzo7TMWhbMmZTnNYwrT
nRKR4hoaMbEDFO8zBeGKkHYG2v6FERPaI4pYk0m8BmOnle7o3tqVZabIVCTAby3A
+vNDQi3WwZmIqrb9gp8aKjMVy0WDbfQWzN9ojyi5SNFjHQeCGFe4YbHWRpiT/Vhw
dg/ia8su
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:02:16 2024 by rpki-client on console-fra.rpki-client.org