Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/Qh6IfNNXYuQApptQvtGhingRs5o.roa
File: Qh6IfNNXYuQApptQvtGhingRs5o.roa (raw, json)
Hash identifier: tSYNomvgnaP2JvI3uOIiCeg2OHXB/BVGD8DkwHscgPo=
Subject key identifier: 42:1E:88:7C:D3:57:62:E4:00:A6:9B:50:BE:D1:A1:8A:78:11:B3:9A
Certificate issuer: /CN=88d5e09af82a96918c86a647b4edcd8ebb23820d
Certificate serial: 018CC8DF58D68230965E4537E75585F1DC78
Authority key identifier: 88:D5:E0:9A:F8:2A:96:91:8C:86:A6:47:B4:ED:CD:8E:BB:23:82:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iNXgmvgqlpGMhqZHtO3Njrsjgg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/Qh6IfNNXYuQApptQvtGhingRs5o.roa
Signing time: Tue 02 Jan 2024 06:32:09 +0000
ROA not before: Tue 02 Jan 2024 06:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30761
IP address blocks: 185.73.252.0/24 maxlen: 24
185.73.253.0/24 maxlen: 24
185.73.254.0/24 maxlen: 24
193.22.7.0/24 maxlen: 24
2a05:4780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/iNXgmvgqlpGMhqZHtO3Njrsjgg0.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/iNXgmvgqlpGMhqZHtO3Njrsjgg0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iNXgmvgqlpGMhqZHtO3Njrsjgg0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:58:d6:82:30:96:5e:45:37:e7:55:85:f1:dc:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88d5e09af82a96918c86a647b4edcd8ebb23820d
Validity
Not Before: Jan 2 06:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=421e887cd35762e400a69b50bed1a18a7811b39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:dd:fc:52:e7:83:bf:4c:c5:d9:c7:99:45:a5:
9a:0b:9f:5d:f7:15:80:97:93:76:61:38:8a:5a:fd:
59:d4:41:3f:5d:df:ec:6f:93:da:7b:75:f9:73:8f:
31:d6:3f:d0:bc:ad:83:11:b4:63:bd:03:d4:b3:da:
57:2a:fa:58:ad:6f:d5:54:08:24:39:1b:ba:d2:0f:
46:d8:e6:dc:c6:25:7e:26:e9:3e:59:36:a2:a7:b6:
bf:93:7a:1e:87:2c:c1:73:47:d2:e5:13:16:a0:02:
59:41:5c:db:8b:59:1d:f0:e3:2a:61:67:a9:39:33:
e7:48:b1:c8:f8:e3:f7:fc:82:1d:9f:b8:1c:d7:07:
c1:55:be:c6:cf:09:66:2c:47:e8:47:b0:74:84:37:
f7:b1:91:48:b8:95:70:6f:41:ba:26:49:f6:64:32:
80:15:1a:b5:2e:88:6f:3f:49:28:96:5c:0d:00:c2:
41:1c:b4:8e:aa:90:39:d8:f0:05:14:48:b8:0c:7b:
90:91:0f:39:0e:35:5c:c9:8d:4a:fc:38:06:2a:aa:
38:81:80:e9:46:07:21:0f:f8:bb:2b:bd:24:0f:0c:
67:26:a6:9c:69:47:e8:21:71:af:d7:df:52:c0:a6:
01:4a:03:fa:48:a6:e3:a1:19:9d:eb:4d:91:75:91:
8f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1E:88:7C:D3:57:62:E4:00:A6:9B:50:BE:D1:A1:8A:78:11:B3:9A
X509v3 Authority Key Identifier:
keyid:88:D5:E0:9A:F8:2A:96:91:8C:86:A6:47:B4:ED:CD:8E:BB:23:82:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iNXgmvgqlpGMhqZHtO3Njrsjgg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/Qh6IfNNXYuQApptQvtGhingRs5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/iNXgmvgqlpGMhqZHtO3Njrsjgg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.252.0-185.73.254.255
193.22.7.0/24
IPv6:
2a05:4780::/29
Signature Algorithm: sha256WithRSAEncryption
72:33:7f:97:05:28:c9:4d:86:3e:cc:a7:b1:d2:68:da:14:a5:
71:ff:7a:a6:6e:2e:04:eb:9f:f0:90:78:bd:aa:15:9f:03:bb:
b5:58:89:08:79:7a:10:d1:72:b5:7a:cb:02:d5:08:b4:3b:7a:
16:59:76:53:74:2f:8e:e2:bd:12:b1:76:22:f4:a3:41:2d:52:
c9:f1:e5:c5:73:4a:1e:d1:1b:86:f8:48:1d:48:10:2e:be:41:
7b:a8:d0:51:18:88:96:26:f8:1f:4f:c2:86:39:8e:01:4d:1a:
99:b1:16:fb:9c:01:3f:e5:40:f7:7f:78:20:47:78:c1:46:35:
81:4d:64:3b:91:0a:c2:73:80:af:07:89:4b:a5:9a:07:06:fb:
fa:52:96:dd:1f:e5:cd:48:69:cb:65:0a:e8:0b:33:84:43:bf:
75:f2:99:c8:e3:d8:11:8c:01:85:ce:da:2d:2a:c4:6b:58:e8:
da:aa:e7:9f:54:89:54:60:b6:35:8c:6c:26:54:5d:d0:81:f3:
5f:68:0f:99:6d:18:90:6b:09:d7:a3:1b:d3:f1:12:ad:35:41:
fd:66:c5:34:31:0f:ca:16:28:c4:38:cd:d9:79:9b:41:16:db:
6a:f4:b6:b6:e9:5d:82:71:36:06:0e:fd:e2:af:36:c0:f0:eb:
b5:2e:b3:17
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzI31jWgjCWXkU351WF8dx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZDVlMDlhZjgyYTk2OTE4Yzg2YTY0N2I0ZWRjZDhlYmIy
MzgyMGQwHhcNMjQwMTAyMDYzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjFlODg3Y2QzNTc2MmU0MDBhNjliNTBiZWQxYTE4YTc4MTFiMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/N38UueDv0zF2ceZRaWaC59d9xWA
l5N2YTiKWv1Z1EE/Xd/sb5Pae3X5c48x1j/QvK2DEbRjvQPUs9pXKvpYrW/VVAgk
ORu60g9G2ObcxiV+Juk+WTaip7a/k3oehyzBc0fS5RMWoAJZQVzbi1kd8OMqYWep
OTPnSLHI+OP3/IIdn7gc1wfBVb7GzwlmLEfoR7B0hDf3sZFIuJVwb0G6Jkn2ZDKA
FRq1LohvP0kollwNAMJBHLSOqpA52PAFFEi4DHuQkQ85DjVcyY1K/DgGKqo4gYDp
RgchD/i7K70kDwxnJqacaUfoIXGv199SwKYBSgP6SKbjoRmd602RdZGPJQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEIeiHzTV2LkAKabUL7RoYp4EbOaMB8GA1UdIwQY
MBaAFIjV4Jr4KpaRjIamR7TtzY67I4INMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU5YZ212Z3FscEdNaHFaSHRPM05qcnNqZ2cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83ZGJlOTMtNWRmOC00OGEzLTg2MTMt
MjkzYjYyNzk0ODUwLzEvUWg2SWZOTlhZdVFBcHB0UXZ0R2hpbmdSczVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83ZGJlOTMtNWRmOC00OGEzLTg2MTMtMjkzYjYyNzk0ODUw
LzEvaU5YZ212Z3FscEdNaHFaSHRPM05qcnNqZ2cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5SfwD
BAC5Sf4DBADBFgcwDQQCAAIwBwMFAyoFR4AwDQYJKoZIhvcNAQELBQADggEBAHIz
f5cFKMlNhj7Mp7HSaNoUpXH/eqZuLgTrn/CQeL2qFZ8Du7VYiQh5ehDRcrV6ywLV
CLQ7ehZZdlN0L47ivRKxdiL0o0EtUsnx5cVzSh7RG4b4SB1IEC6+QXuo0FEYiJYm
+B9PwoY5jgFNGpmxFvucAT/lQPd/eCBHeMFGNYFNZDuRCsJzgK8HiUulmgcG+/pS
lt0f5c1IactlCugLM4RDv3Xymcjj2BGMAYXO2i0qxGtY6Nqq559UiVRgtjWMbCZU
XdCB819oD5ltGJBrCdejG9PxEq01Qf1mxTQxD8oWKMQ4zdl5m0EW22r0trbpXYJx
NgYO/eKvNsDw67Uusxc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:52 2024 by rpki-client on console-fra.rpki-client.org