Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/qfne_wHkXaph5QRvfE_9JhwM1Vs.roa
File: qfne_wHkXaph5QRvfE_9JhwM1Vs.roa (raw, json)
Hash identifier: 1CaeNbIHi2Fdvj28q2J2kDMTBRSGlQB9XbdoHuKx3kk=
Subject key identifier: A9:F9:DE:FF:01:E4:5D:AA:61:E5:04:6F:7C:4F:FD:26:1C:0C:D5:5B
Certificate issuer: /CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Certificate serial: 018CC3B6A0AF8F9B5A394D60B0EA8A87AFEC
Authority key identifier: A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/qfne_wHkXaph5QRvfE_9JhwM1Vs.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 185.232.200.0/22 maxlen: 22
2a0d:9bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a0:af:8f:9b:5a:39:4d:60:b0:ea:8a:87:af:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9f9deff01e45daa61e5046f7c4ffd261c0cd55b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:73:5c:2c:84:57:1e:2f:fa:9e:1d:84:1b:47:
55:24:a5:b7:0a:a8:ac:a9:f7:53:f3:9c:b2:c0:61:
6a:e5:45:88:4f:91:71:2b:12:71:07:5c:77:1e:06:
0a:cb:24:ad:1c:d6:d1:0c:7a:bd:cc:bc:ef:28:80:
2e:fa:41:44:00:b1:35:84:95:ed:d1:69:ee:33:f2:
c9:12:d0:cc:37:95:19:56:27:82:78:cd:2e:40:bb:
e1:c3:66:28:7a:cb:9e:df:71:5b:cd:42:5a:bc:9b:
f2:5d:1c:41:a3:72:20:e2:b0:53:25:7d:bb:ab:88:
f8:51:40:e4:a4:0b:70:18:05:f6:89:23:f2:a0:aa:
34:aa:2d:45:53:10:09:30:c0:93:46:3e:6c:3b:81:
a1:da:79:b8:31:78:d2:f7:1d:8e:7d:21:34:fd:c6:
79:83:79:8d:96:8b:c0:2c:22:19:80:9f:62:97:08:
fa:8a:14:16:08:10:8e:5b:4c:3f:52:c1:0f:86:40:
eb:d6:2a:9f:6b:bd:81:a9:cb:76:3b:cb:67:13:47:
cc:37:42:a9:a7:96:b1:4b:77:08:9e:49:60:ec:40:
0a:5d:b5:74:96:ce:ac:b4:b2:d8:bd:07:44:a0:36:
a8:c7:10:e8:e4:51:6e:9d:6f:86:06:b2:bd:8a:df:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F9:DE:FF:01:E4:5D:AA:61:E5:04:6F:7C:4F:FD:26:1C:0C:D5:5B
X509v3 Authority Key Identifier:
keyid:A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/qfne_wHkXaph5QRvfE_9JhwM1Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.200.0/22
IPv6:
2a0d:9bc0::/32
Signature Algorithm: sha256WithRSAEncryption
31:32:2f:02:58:ce:0a:07:91:21:59:ac:52:25:52:23:ed:12:
a7:80:1c:4f:c9:a9:d1:f7:f4:5a:ab:42:ae:94:da:a9:8f:f1:
35:cd:32:b7:07:5c:9c:9e:22:4a:a1:f2:ea:96:3d:f8:a1:15:
ee:5f:d1:3b:f0:4e:ad:8e:d1:14:79:db:fd:44:65:c0:45:a7:
e8:f6:2c:cc:1c:19:b1:a9:33:66:af:a2:fb:f2:34:d5:35:6f:
7f:4e:46:1d:07:19:32:0a:17:c5:1d:3d:39:54:91:58:8e:6b:
c6:7a:16:19:f9:48:58:ab:95:55:76:b2:d9:b6:c5:af:67:c5:
85:41:4a:19:e0:1d:9d:8a:bc:14:50:a4:94:2a:6e:b0:9c:22:
a7:e6:c9:85:4f:18:d0:47:af:e5:c4:9f:b8:bf:96:79:14:80:
14:5b:e3:bc:61:9e:45:fc:52:06:4b:da:a1:21:e6:1e:7e:74:
1c:1b:ca:28:b9:3a:93:62:d5:b3:b1:db:05:cf:21:87:dd:6a:
9a:9b:fc:f2:b6:10:f7:58:ed:9f:d3:ea:f8:c2:62:88:c1:06:
b5:18:c7:8a:bf:2e:68:74:1b:e1:6f:49:56:29:0e:1e:3d:cb:
3c:3e:28:8a:de:86:ff:cc:41:18:44:ba:c1:cc:3c:79:f3:38:
25:da:3c:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtqCvj5taOU1gsOqKh6/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MGNkM2I5ZmI2NDY0OTE1YWQwZDM3NjA5MzRjMDE4Mjg4
OWYxZmIwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY5ZGVmZjAxZTQ1ZGFhNjFlNTA0NmY3YzRmZmQyNjFjMGNkNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3NcLIRXHi/6nh2EG0dVJKW3Cqis
qfdT85yywGFq5UWIT5FxKxJxB1x3HgYKyyStHNbRDHq9zLzvKIAu+kFEALE1hJXt
0WnuM/LJEtDMN5UZVieCeM0uQLvhw2Yoesue33FbzUJavJvyXRxBo3Ig4rBTJX27
q4j4UUDkpAtwGAX2iSPyoKo0qi1FUxAJMMCTRj5sO4Gh2nm4MXjS9x2OfSE0/cZ5
g3mNlovALCIZgJ9ilwj6ihQWCBCOW0w/UsEPhkDr1iqfa72Bqct2O8tnE0fMN0Kp
p5axS3cInklg7EAKXbV0ls6stLLYvQdEoDaoxxDo5FFunW+GBrK9it9vDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKn53v8B5F2qYeUEb3xP/SYcDNVbMB8GA1UdIwQY
MBaAFKUM07n7ZGSRWtDTdgk0wBgoifH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTct
MzdlOWU4NmE5Mjc5LzEvcWZuZV93SGtYYXBoNVFSdmZFXzlKaHdNMVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTctMzdlOWU4NmE5Mjc5
LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuejIMA0E
AgACMAcDBQAqDZvAMA0GCSqGSIb3DQEBCwUAA4IBAQAxMi8CWM4KB5EhWaxSJVIj
7RKngBxPyanR9/Raq0KulNqpj/E1zTK3B1ycniJKofLqlj34oRXuX9E78E6tjtEU
edv9RGXARafo9izMHBmxqTNmr6L78jTVNW9/TkYdBxkyChfFHT05VJFYjmvGehYZ
+UhYq5VVdrLZtsWvZ8WFQUoZ4B2dirwUUKSUKm6wnCKn5smFTxjQR6/lxJ+4v5Z5
FIAUW+O8YZ5F/FIGS9qhIeYefnQcG8oouTqTYtWzsdsFzyGH3Wqam/zythD3WO2f
0+r4wmKIwQa1GMeKvy5odBvhb0lWKQ4ePcs8PiiK3ob/zEEYRLrBzDx58zgl2jz7
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:49:57 2024 by rpki-client on console-ams.rpki-client.org