Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/qqBGBeLrwS4P6BsbgQoG46nXSO4.roa
File: qqBGBeLrwS4P6BsbgQoG46nXSO4.roa (raw, json)
Hash identifier: qJJC/spopEMc5ztpfRZbbvSoCP3MPk/mlGkpKdJdenw=
Subject key identifier: AA:A0:46:05:E2:EB:C1:2E:0F:E8:1B:1B:81:0A:06:E3:A9:D7:48:EE
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018DD0942D1EAD2A356190009F49E322B2F5
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/qqBGBeLrwS4P6BsbgQoG46nXSO4.roa
Signing time: Thu 22 Feb 2024 11:29:48 +0000
ROA not before: Thu 22 Feb 2024 11:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16223
IP address blocks: 5.58.0.0/16 maxlen: 23
185.53.79.0/24 maxlen: 24
217.196.160.0/20 maxlen: 20
2a00:1210:fffd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:94:2d:1e:ad:2a:35:61:90:00:9f:49:e3:22:b2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Feb 22 11:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaa04605e2ebc12e0fe81b1b810a06e3a9d748ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:54:e8:7d:f2:77:88:11:ae:3e:74:8c:45:52:
d0:b7:32:3f:f8:e7:5a:19:4a:da:02:22:40:19:97:
bc:62:8b:b3:8e:0b:fd:ab:7b:a5:12:da:3a:82:16:
75:e7:b2:88:fc:07:8b:22:cb:44:21:0d:06:a0:83:
54:06:f7:95:03:eb:c2:04:1d:e8:b1:07:21:67:55:
30:8d:c6:00:e2:6b:a8:e0:3b:31:ed:d5:36:92:b9:
11:b5:f7:4e:99:b1:7b:bc:d9:fe:be:14:17:9b:9f:
7c:ab:b0:19:67:52:7c:6f:87:60:90:44:82:1d:de:
12:a2:0f:ba:d9:05:20:2d:22:42:34:1c:f7:04:b2:
71:b2:78:c8:75:55:c6:d1:04:d2:f1:6b:e9:29:1d:
fa:5c:42:f8:8f:a9:93:41:ec:d4:34:46:79:a1:5b:
25:a9:32:26:5f:55:4b:c0:be:cb:71:ee:93:55:3a:
5f:84:c6:39:94:aa:92:17:d0:40:17:66:05:ed:6f:
86:5d:e7:13:3b:c6:fa:4d:79:4e:15:b6:30:d7:e7:
1f:04:fc:38:3c:fb:6c:e5:3a:2d:21:86:17:98:21:
90:2c:75:6c:8b:01:0a:da:96:b1:fb:5b:53:d1:21:
6c:82:f3:59:b8:64:ae:fd:f0:b9:6a:7b:e1:b7:a9:
c3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A0:46:05:E2:EB:C1:2E:0F:E8:1B:1B:81:0A:06:E3:A9:D7:48:EE
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/qqBGBeLrwS4P6BsbgQoG46nXSO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.58.0.0/16
185.53.79.0/24
217.196.160.0/20
IPv6:
2a00:1210:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
84:3b:58:b6:b5:70:aa:72:d4:93:15:ab:d4:f7:bf:8d:49:2f:
d4:00:3d:2e:94:6f:f0:a7:b8:c7:fe:0b:69:98:28:95:24:4d:
cd:3d:0f:fe:69:6a:47:c7:32:59:25:7e:d9:df:f0:88:5b:e8:
c9:ac:71:1b:0f:59:d0:92:7b:fe:28:fc:99:10:36:cc:15:d3:
4f:eb:d9:79:2d:b1:0a:ea:cc:b5:fc:5f:ed:f8:90:ed:37:70:
96:ff:d5:2e:51:a9:ba:c8:53:4d:4b:df:19:fe:8c:e7:10:46:
72:41:f9:ab:9a:62:35:8a:61:d2:25:0b:f8:d6:c8:bc:3a:12:
8c:c0:f0:d2:79:3a:d3:f6:89:25:c3:4d:fd:f3:41:d1:01:70:
3c:a2:7d:d1:7f:8c:4f:99:be:3e:f0:38:5a:db:9f:a5:22:19:
17:7c:c9:c9:4c:4f:e3:35:a2:94:1f:9a:8f:57:cd:4b:e0:dc:
72:36:27:6c:49:70:e7:50:8d:4b:34:65:f8:0f:32:d9:2f:1d:
ab:ff:db:b4:01:7b:f4:83:75:6e:05:58:76:70:17:eb:d7:f0:
c0:42:f3:c6:62:a6:51:98:9a:11:09:1d:16:40:17:e9:f8:b9:
ad:e3:4b:8c:58:10:4c:6f:47:2f:a5:6a:4c:6b:85:13:fd:6d:
79:bb:26:6f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY3QlC0erSo1YZAAn0njIrL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMjIyMTEyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWEwNDYwNWUyZWJjMTJlMGZlODFiMWI4MTBhMDZlM2E5ZDc0OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVToffJ3iBGuPnSMRVLQtzI/+Oda
GUraAiJAGZe8Youzjgv9q3ulEto6ghZ157KI/AeLIstEIQ0GoINUBveVA+vCBB3o
sQchZ1UwjcYA4muo4Dsx7dU2krkRtfdOmbF7vNn+vhQXm598q7AZZ1J8b4dgkESC
Hd4Sog+62QUgLSJCNBz3BLJxsnjIdVXG0QTS8WvpKR36XEL4j6mTQezUNEZ5oVsl
qTImX1VLwL7Lce6TVTpfhMY5lKqSF9BAF2YF7W+GXecTO8b6TXlOFbYw1+cfBPw4
PPts5TotIYYXmCGQLHVsiwEK2pax+1tT0SFsgvNZuGSu/fC5anvht6nDeQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKqgRgXi68EuD+gbG4EKBuOp10juMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvcXFCR0JlTHJ3UzRQNkJzYmdRb0c0Nm5YU080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAXBAIAATARAwMABToDBAC5
NU8DBATZxKAwDwQCAAIwCQMHACoAEhD//TANBgkqhkiG9w0BAQsFAAOCAQEAhDtY
trVwqnLUkxWr1Pe/jUkv1AA9LpRv8Ke4x/4LaZgolSRNzT0P/mlqR8cyWSV+2d/w
iFvoyaxxGw9Z0JJ7/ij8mRA2zBXTT+vZeS2xCurMtfxf7fiQ7Tdwlv/VLlGpushT
TUvfGf6M5xBGckH5q5piNYph0iUL+NbIvDoSjMDw0nk60/aJJcNN/fNB0QFwPKJ9
0X+MT5m+PvA4WtufpSIZF3zJyUxP4zWilB+aj1fNS+DccjYnbElw51CNSzRl+A8y
2S8dq//btAF79IN1bgVYdnAX69fwwELzxmKmUZiaEQkdFkAX6fi5reNLjFgQTG9H
L6VqTGuFE/1tebsmbw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:19:59 2024 by rpki-client on console-fra.rpki-client.org