Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/QmlXxflJkt_fFVq2C1zRMxXieDg.roa
File: QmlXxflJkt_fFVq2C1zRMxXieDg.roa (raw, json)
Hash identifier: SIqdEtrHHNbtKuXCYM8lg0OJ244TpdjoFBoYig2EKRg=
Subject key identifier: 42:69:57:C5:F9:49:92:DF:DF:15:5A:B6:0B:5C:D1:33:15:E2:78:38
Certificate issuer: /CN=24d906b90c1d856673e414f39805be583d230ba7
Certificate serial: 018CCA2A803FE0B8267BDDDB4563A0428FE9
Authority key identifier: 24:D9:06:B9:0C:1D:85:66:73:E4:14:F3:98:05:BE:58:3D:23:0B:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNkGuQwdhWZz5BTzmAW-WD0jC6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/QmlXxflJkt_fFVq2C1zRMxXieDg.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50434
IP address blocks: 195.254.184.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/JNkGuQwdhWZz5BTzmAW-WD0jC6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/JNkGuQwdhWZz5BTzmAW-WD0jC6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/JNkGuQwdhWZz5BTzmAW-WD0jC6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:80:3f:e0:b8:26:7b:dd:db:45:63:a0:42:8f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d906b90c1d856673e414f39805be583d230ba7
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=426957c5f94992dfdf155ab60b5cd13315e27838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c6:8a:28:6f:53:ae:75:41:79:36:8c:59:8b:
99:e8:3c:c9:3e:f2:63:a7:3c:59:d3:d4:fd:a0:00:
5c:4d:ac:e4:61:6f:8d:7b:85:a3:96:24:1d:d3:1b:
ee:44:eb:51:36:a6:76:b5:af:d9:59:7d:24:1c:9d:
cb:90:c3:25:e7:50:05:b3:1a:81:f8:1e:e9:c3:76:
c7:07:7a:a3:51:0a:60:c0:33:bc:b0:6d:ab:63:19:
08:fd:af:e0:58:b9:9a:19:07:96:8e:d3:90:62:e5:
5e:2a:2a:c2:53:3d:49:2c:60:11:26:16:04:5c:4d:
ff:16:32:a7:53:61:93:af:b7:64:93:a0:20:ee:12:
1a:4f:34:13:2c:55:07:37:ff:d7:b2:5f:af:f3:b2:
ed:5a:35:66:2b:78:f8:18:06:66:6d:7d:50:7e:1a:
3d:18:bd:f4:9c:6f:57:27:d6:51:88:cc:15:98:e0:
c1:17:30:a0:60:a4:7d:a2:46:5c:9c:4d:27:a3:6c:
e9:89:f4:e1:5f:a3:69:5f:39:73:56:9d:e2:31:e5:
c7:3f:9b:5a:8e:c2:d8:c3:28:a1:06:a4:92:37:d9:
94:a6:dc:b0:1b:7e:66:54:91:77:4a:50:62:5c:f2:
5d:0f:d6:99:2f:84:37:8a:7b:73:13:50:e8:af:9e:
78:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:69:57:C5:F9:49:92:DF:DF:15:5A:B6:0B:5C:D1:33:15:E2:78:38
X509v3 Authority Key Identifier:
keyid:24:D9:06:B9:0C:1D:85:66:73:E4:14:F3:98:05:BE:58:3D:23:0B:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNkGuQwdhWZz5BTzmAW-WD0jC6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/QmlXxflJkt_fFVq2C1zRMxXieDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b53db1-1e0e-44d0-a131-4fc28e5098c7/1/JNkGuQwdhWZz5BTzmAW-WD0jC6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.184.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:4f:19:8a:79:76:04:4b:53:b8:ee:e4:e1:06:8b:b6:05:bc:
7b:55:46:e6:19:dd:bd:a6:be:99:f5:a5:c8:06:a7:ee:31:6c:
c7:20:a2:b4:a4:c1:49:2c:70:ca:52:81:4d:f5:71:30:a8:7d:
79:b6:41:ad:f3:ba:23:fa:05:95:72:34:86:ee:61:0a:55:d8:
b3:5c:a4:a5:88:ff:0a:89:8a:bd:1f:91:d0:dc:99:1f:ec:20:
12:84:55:54:b4:ac:0b:58:90:92:9a:5b:64:91:bd:46:ac:86:
6a:7c:85:b8:e9:2e:f5:84:05:65:c2:3a:cb:83:cd:80:36:07:
e4:b7:42:b8:2c:09:07:93:b1:cc:56:6d:fa:4a:f3:a6:e9:72:
be:ce:90:1c:24:ef:04:7f:72:5c:95:0d:32:64:35:49:c8:63:
75:be:48:10:ec:62:b8:40:f2:a1:5d:d3:92:ba:a8:19:b1:b2:
1e:29:f1:88:02:36:12:2e:d8:5f:e1:36:6b:48:f6:3d:4f:44:
d0:17:7f:7f:b8:67:9d:47:68:ba:8c:5b:d7:ea:eb:e2:bb:cf:
41:9c:67:22:16:e4:9b:63:5c:e1:fe:ee:6e:d6:23:35:6c:82:
ca:0f:9c:57:14:df:2d:35:85:4f:5c:a1:03:38:b7:9b:22:54:
a6:82:9b:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKoA/4Lgme93bRWOgQo/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDkwNmI5MGMxZDg1NjY3M2U0MTRmMzk4MDViZTU4M2Qy
MzBiYTcwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY5NTdjNWY5NDk5MmRmZGYxNTVhYjYwYjVjZDEzMzE1ZTI3ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8aKKG9TrnVBeTaMWYuZ6DzJPvJj
pzxZ09T9oABcTazkYW+Ne4WjliQd0xvuROtRNqZ2ta/ZWX0kHJ3LkMMl51AFsxqB
+B7pw3bHB3qjUQpgwDO8sG2rYxkI/a/gWLmaGQeWjtOQYuVeKirCUz1JLGARJhYE
XE3/FjKnU2GTr7dkk6Ag7hIaTzQTLFUHN//Xsl+v87LtWjVmK3j4GAZmbX1Qfho9
GL30nG9XJ9ZRiMwVmODBFzCgYKR9okZcnE0no2zpifThX6NpXzlzVp3iMeXHP5ta
jsLYwyihBqSSN9mUptywG35mVJF3SlBiXPJdD9aZL4Q3intzE1Dor554+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJpV8X5SZLf3xVatgtc0TMV4ng4MB8GA1UdIwQY
MBaAFCTZBrkMHYVmc+QU85gFvlg9IwunMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5rR3VRd2RoV1p6NUJUem1BVy1XRDBqQzZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iNTNkYjEtMWUwZS00NGQwLWExMzEt
NGZjMjhlNTA5OGM3LzEvUW1sWHhmbEprdF9mRlZxMkMxelJNeFhpZURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iNTNkYjEtMWUwZS00NGQwLWExMzEtNGZjMjhlNTA5OGM3
LzEvSk5rR3VRd2RoV1p6NUJUem1BVy1XRDBqQzZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/64MA0G
CSqGSIb3DQEBCwUAA4IBAQCsTxmKeXYES1O47uThBou2Bbx7VUbmGd29pr6Z9aXI
BqfuMWzHIKK0pMFJLHDKUoFN9XEwqH15tkGt87oj+gWVcjSG7mEKVdizXKSliP8K
iYq9H5HQ3Jkf7CAShFVUtKwLWJCSmltkkb1GrIZqfIW46S71hAVlwjrLg82ANgfk
t0K4LAkHk7HMVm36SvOm6XK+zpAcJO8Ef3JclQ0yZDVJyGN1vkgQ7GK4QPKhXdOS
uqgZsbIeKfGIAjYSLthf4TZrSPY9T0TQF39/uGedR2i6jFvX6uviu89BnGciFuSb
Y1zh/u5u1iM1bILKD5xXFN8tNYVPXKEDOLebIlSmgpt5
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:41:29 2024 by rpki-client on console-ams.rpki-client.org