Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/_QEEguz0rsLjAlxLJrbXWOpbAqM.roa
File: _QEEguz0rsLjAlxLJrbXWOpbAqM.roa (raw, json)
Hash identifier: oAG9zjfg1Z9ShV7XKrL5zWlvMrG2NWInmeuK8dIOeKo=
Subject key identifier: FD:01:04:82:EC:F4:AE:C2:E3:02:5C:4B:26:B6:D7:58:EA:5B:02:A3
Certificate issuer: /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial: 018CC50151A115F6E61803C35AE6D09DCD95
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/_QEEguz0rsLjAlxLJrbXWOpbAqM.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204776
IP address blocks: 194.143.130.0/23 maxlen: 24
193.16.100.0/24 maxlen: 24
195.246.98.0/24 maxlen: 24
195.246.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.mft
rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 06:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:51:a1:15:f6:e6:18:03:c3:5a:e6:d0:9d:cd:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd010482ecf4aec2e3025c4b26b6d758ea5b02a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:8a:bb:a7:a2:ec:90:23:36:23:10:b0:d4:
70:c9:ff:b0:3d:e3:ff:9c:30:a2:c8:4c:d2:50:ad:
61:38:82:3c:49:62:b8:cf:91:4c:a0:57:9f:43:12:
91:df:05:69:f7:fb:bd:43:47:62:4e:42:a6:b6:e7:
8c:2d:5b:38:f5:46:9e:ef:e4:87:8a:fc:8a:06:5d:
c4:33:47:47:e0:92:ee:48:5e:bb:d6:f7:94:7a:43:
42:6e:bd:45:f8:ed:2c:05:e3:d3:1e:c9:fd:af:00:
0a:40:b4:ba:00:74:48:05:fc:f4:c6:12:df:ad:10:
3b:8e:51:db:0b:e7:83:78:6f:b2:f4:8b:86:33:f3:
18:17:54:fa:82:91:b5:c3:d2:0f:a9:df:ff:9b:4c:
c5:9f:bb:13:c6:12:a0:72:2b:3d:8e:bc:69:fa:ff:
d9:11:38:43:ec:5a:11:57:c2:34:df:c1:64:f9:a5:
d1:df:bb:9e:57:13:7e:0c:24:a2:b9:82:8c:d9:c7:
73:c2:49:f0:9e:0b:d0:bf:95:6b:a3:4f:72:6b:12:
86:a0:f9:5e:bc:6b:87:82:0e:9d:27:69:85:11:ff:
f2:c8:d5:7d:1f:0f:aa:cb:a0:31:0b:f1:04:fb:36:
ea:6f:1e:b8:f1:d2:ed:35:b0:ed:4f:43:f1:b7:2d:
9a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:01:04:82:EC:F4:AE:C2:E3:02:5C:4B:26:B6:D7:58:EA:5B:02:A3
X509v3 Authority Key Identifier:
keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/_QEEguz0rsLjAlxLJrbXWOpbAqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.100.0/24
194.143.130.0/23
195.246.98.0/23
Signature Algorithm: sha256WithRSAEncryption
51:b4:61:74:6d:0d:2c:55:1b:c5:0b:71:bb:f1:2e:2d:9f:15:
15:d8:11:63:15:b0:9a:2a:dd:5c:7f:0c:d7:8f:57:d8:45:6c:
ad:a6:d4:25:b7:d7:3e:d7:99:33:9e:6c:8b:f4:8b:b1:eb:f0:
c9:b2:15:57:5e:c2:30:dd:34:e5:01:f2:10:da:f4:bf:4b:b6:
4e:72:d9:99:6d:43:3e:6f:02:ae:ca:9d:ff:03:85:0b:8a:d8:
3f:2b:54:85:20:d8:47:cb:65:f4:1b:6b:68:42:78:44:7e:b8:
02:0c:50:b4:b6:07:d4:a0:7f:a8:47:66:d1:f6:a2:67:5f:78:
61:2c:e3:ab:24:af:06:cd:97:68:7b:f9:60:d6:c9:02:02:40:
74:bd:57:6f:fe:0d:bb:ae:f4:0b:e6:8a:ad:12:82:37:52:13:
b1:74:57:92:99:d1:49:6d:1a:ec:d3:ab:06:49:2d:51:4b:8b:
c2:04:86:01:63:a4:19:ff:f0:4d:ab:df:6e:6d:0f:bb:21:23:
27:77:d2:e0:b9:a0:57:f0:0b:00:c0:e8:31:e9:d3:db:22:5e:
06:b1:5b:b9:08:a0:25:04:b8:ca:6e:90:6d:44:a7:bb:a8:fc:
b4:10:4d:87:fc:c5:b8:bd:7f:95:c6:24:38:65:e2:5d:d4:92:
52:c4:49:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAVGhFfbmGAPDWubQnc2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkM2VlMWE1MmE1ZDY1YjkwOTFkZTVhNWI0NjRmYjk3MDMy
ZDBlOWIwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAxMDQ4MmVjZjRhZWMyZTMwMjVjNGIyNmI2ZDc1OGVhNWIwMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjweKu6ei7JAjNiMQsNRwyf+wPeP/
nDCiyEzSUK1hOII8SWK4z5FMoFefQxKR3wVp9/u9Q0diTkKmtueMLVs49Uae7+SH
ivyKBl3EM0dH4JLuSF671veUekNCbr1F+O0sBePTHsn9rwAKQLS6AHRIBfz0xhLf
rRA7jlHbC+eDeG+y9IuGM/MYF1T6gpG1w9IPqd//m0zFn7sTxhKgcis9jrxp+v/Z
EThD7FoRV8I038Fk+aXR37ueVxN+DCSiuYKM2cdzwknwngvQv5Vro09yaxKGoPle
vGuHgg6dJ2mFEf/yyNV9Hw+qy6AxC/EE+zbqbx648dLtNbDtT0Pxty2aWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP0BBILs9K7C4wJcSya211jqWwKjMB8GA1UdIwQY
MBaAFG0+4aUqXWW5CR3lpbRk+5cDLQ6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEt
MDU0MzVlZmQ4YmY2LzEvX1FFRWd1ejByc0xqQWx4TEpyYlhXT3BiQXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEtMDU0MzVlZmQ4YmY2
LzEvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRBkAwQB
wo+CAwQBw/ZiMA0GCSqGSIb3DQEBCwUAA4IBAQBRtGF0bQ0sVRvFC3G78S4tnxUV
2BFjFbCaKt1cfwzXj1fYRWytptQlt9c+15kznmyL9Iux6/DJshVXXsIw3TTlAfIQ
2vS/S7ZOctmZbUM+bwKuyp3/A4ULitg/K1SFINhHy2X0G2toQnhEfrgCDFC0tgfU
oH+oR2bR9qJnX3hhLOOrJK8GzZdoe/lg1skCAkB0vVdv/g27rvQL5oqtEoI3UhOx
dFeSmdFJbRrs06sGSS1RS4vCBIYBY6QZ//BNq99ubQ+7ISMnd9LguaBX8AsAwOgx
6dPbIl4GsVu5CKAlBLjKbpBtRKe7qPy0EE2H/MW4vX+VxiQ4ZeJd1JJSxEkS
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:18:36 2024 by rpki-client on console-fra.rpki-client.org