Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Qp5SUCM1MRXK3_HKOn3GkKQmFJI.roa
File: Qp5SUCM1MRXK3_HKOn3GkKQmFJI.roa (raw, json)
Hash identifier: OO1BdbP6DzLCx9PqvcxU0wNudkGDTm1QdOCp43ZMNXg=
Subject key identifier: 42:9E:52:50:23:35:31:15:CA:DF:F1:CA:3A:7D:C6:90:A4:26:14:92
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 0192FBB785C6876001E79D78C6D7A8B88385
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Qp5SUCM1MRXK3_HKOn3GkKQmFJI.roa
Signing time: Tue 05 Nov 2024 09:46:01 +0000
ROA not before: Tue 05 Nov 2024 09:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 91.149.193.0/24 maxlen: 24
91.149.215.0/24 maxlen: 24
91.149.228.0/24 maxlen: 24
91.149.244.0/22 maxlen: 22
91.149.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:b7:85:c6:87:60:01:e7:9d:78:c6:d7:a8:b8:83:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Nov 5 09:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=429e525023353115cadff1ca3a7dc690a4261492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:9f:22:23:56:75:2d:29:ed:2a:2c:66:a1:
c1:30:2f:4d:93:af:94:4a:2c:40:ce:eb:b4:ee:7b:
08:b8:96:c6:67:b8:7c:47:7c:c4:b8:cc:60:90:aa:
5d:f8:cb:4c:2e:7d:71:4b:96:d3:bf:9f:0c:c5:7e:
41:c6:d5:1f:b4:56:8e:83:11:81:12:89:41:08:8e:
14:17:4d:d2:d6:76:bc:eb:30:3a:b7:a9:78:61:4b:
a0:d3:ff:22:a5:6a:6b:ed:2a:dc:be:f0:fd:b2:2d:
fb:5c:8f:92:57:3d:13:01:94:57:b8:ae:3d:7b:e4:
85:c9:46:25:3e:cc:e3:b1:84:5b:bb:37:b2:c3:dc:
3e:d2:ae:63:be:a7:90:38:a0:e7:59:0f:69:5d:20:
ad:f0:ba:9f:a6:77:13:7b:90:23:a3:66:a7:76:5b:
3a:09:5b:7b:57:58:e6:85:cd:a2:0b:82:71:d2:58:
6b:22:ca:2d:ed:29:90:ce:fb:6f:f1:70:97:99:58:
f4:19:b5:a2:50:af:12:a5:aa:c4:73:d7:73:d8:bb:
e5:68:aa:d9:5c:35:87:f4:10:df:e0:1c:69:91:67:
59:f3:cf:93:f4:1f:b2:ab:63:c8:46:e3:b6:89:85:
07:b5:91:2c:8c:36:29:b5:e7:a6:20:c1:c9:33:17:
ce:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9E:52:50:23:35:31:15:CA:DF:F1:CA:3A:7D:C6:90:A4:26:14:92
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/Qp5SUCM1MRXK3_HKOn3GkKQmFJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.193.0/24
91.149.215.0/24
91.149.228.0/24
91.149.244.0-91.149.251.255
Signature Algorithm: sha256WithRSAEncryption
3c:be:5e:ee:39:0d:28:15:9a:49:0e:f7:60:6d:a5:81:9a:a8:
9d:57:fc:00:aa:22:63:fd:16:59:ab:cd:0c:d3:b9:6a:58:52:
71:bd:63:55:88:93:b6:31:a9:36:64:3c:78:3a:49:82:01:81:
8d:d5:2d:df:cd:21:f9:de:ed:eb:b2:a8:e6:b0:90:50:86:2d:
6d:12:82:1b:72:0e:bc:b8:cf:09:20:54:30:98:7f:6a:93:d0:
c0:e2:18:09:b5:97:bc:45:cf:a3:70:d5:25:ee:83:ad:03:18:
8a:e3:45:be:db:ed:d8:07:9f:93:54:ea:12:14:a7:cb:2e:6f:
3f:f3:f9:a6:65:2e:06:20:9b:83:21:28:2a:e6:48:e7:c8:15:
70:98:19:b5:6b:6d:b0:56:67:2c:62:e5:9c:d6:43:b0:09:79:
a7:61:73:3f:2f:aa:3e:d9:72:38:b9:66:21:e7:fe:cc:e7:68:
0c:35:a5:a9:3d:20:49:97:2a:75:61:96:31:87:f6:90:5a:e7:
4b:28:f7:28:3b:c9:c7:6a:f7:04:bf:58:02:1f:44:fa:d2:ac:
c3:99:2e:35:a8:23:b8:5f:45:03:74:90:47:30:56:1a:bb:1b:
43:21:c3:e9:60:67:8c:45:df:39:62:a3:47:06:0a:64:3d:08:
da:5e:f9:44
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZL7t4XGh2AB5514xteouIOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQxMTA1MDk0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjllNTI1MDIzMzUzMTE1Y2FkZmYxY2EzYTdkYzY5MGE0MjYxNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopSfIiNWdS0p7SosZqHBMC9Nk6+U
SixAzuu07nsIuJbGZ7h8R3zEuMxgkKpd+MtMLn1xS5bTv58MxX5BxtUftFaOgxGB
EolBCI4UF03S1na86zA6t6l4YUug0/8ipWpr7SrcvvD9si37XI+SVz0TAZRXuK49
e+SFyUYlPszjsYRbuzeyw9w+0q5jvqeQOKDnWQ9pXSCt8LqfpncTe5Ajo2andls6
CVt7V1jmhc2iC4Jx0lhrIsot7SmQzvtv8XCXmVj0GbWiUK8SparEc9dz2LvlaKrZ
XDWH9BDf4BxpkWdZ88+T9B+yq2PIRuO2iYUHtZEsjDYpteemIMHJMxfOlQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEKeUlAjNTEVyt/xyjp9xpCkJhSSMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvUXA1U1VDTTFNUlhLM19IS09uM0drS1FtRkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW5XBAwQA
W5XXAwQAW5XkMAwDBAJblfQDBAJblfgwDQYJKoZIhvcNAQELBQADggEBADy+Xu45
DSgVmkkO92BtpYGaqJ1X/ACqImP9FlmrzQzTuWpYUnG9Y1WIk7YxqTZkPHg6SYIB
gY3VLd/NIfne7euyqOawkFCGLW0SghtyDry4zwkgVDCYf2qT0MDiGAm1l7xFz6Nw
1SXug60DGIrjRb7b7dgHn5NU6hIUp8subz/z+aZlLgYgm4MhKCrmSOfIFXCYGbVr
bbBWZyxi5ZzWQ7AJeadhcz8vqj7Zcji5ZiHn/sznaAw1pak9IEmXKnVhljGH9pBa
50so9yg7ycdq9wS/WAIfRPrSrMOZLjWoI7hfRQN0kEcwVhq7G0Mhw+lgZ4xF3zli
o0cGCmQ9CNpe+UQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:19:22 2024 by rpki-client on console-fra.rpki-client.org