Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/qTd9HV14-BH0CuFzkTcPdmz3yws.roa
File: qTd9HV14-BH0CuFzkTcPdmz3yws.roa (raw, json)
Hash identifier: 4DFs5ALx30UN4GrAT+ZAH2HLHBlPyBWxn6bsoLy0Ve0=
Subject key identifier: A9:37:7D:1D:5D:78:F8:11:F4:0A:E1:73:91:37:0F:76:6C:F7:CB:0B
Certificate issuer: /CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Certificate serial: 018CC2DAEAE240D504B402D0B33759E33765
Authority key identifier: 6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/qTd9HV14-BH0CuFzkTcPdmz3yws.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24675
IP address blocks: 193.178.2.0/24 maxlen: 24
193.178.3.0/24 maxlen: 24
193.178.4.0/24 maxlen: 24
193.178.1.0/24 maxlen: 24
193.178.9.0/24 maxlen: 24
193.178.10.0/24 maxlen: 24
193.178.11.0/24 maxlen: 24
193.178.5.0/24 maxlen: 24
193.178.6.0/24 maxlen: 24
193.178.7.0/24 maxlen: 24
193.178.8.0/24 maxlen: 24
193.178.16.0/22 maxlen: 22
193.178.12.0/24 maxlen: 24
193.178.13.0/24 maxlen: 24
193.178.14.0/24 maxlen: 24
193.178.15.0/24 maxlen: 24
193.178.20.0/24 maxlen: 24
193.178.21.0/24 maxlen: 24
193.178.30.0/24 maxlen: 24
193.178.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 05:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ea:e2:40:d5:04:b4:02:d0:b3:37:59:e3:37:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c73a04a7d0eb2df47daf0c39fba75e365c8853d
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9377d1d5d78f811f40ae17391370f766cf7cb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:09:d8:43:a5:0a:48:1d:0e:67:eb:6d:a6:46:
91:b2:65:1f:25:d9:93:aa:40:a6:c9:64:bd:8a:53:
ff:47:44:69:9b:4a:60:f4:cc:04:39:b1:d4:4a:b7:
ae:58:91:a9:0f:f3:68:40:90:f4:df:2b:32:c5:44:
5a:88:98:12:14:ac:36:e8:1b:5b:95:9c:14:b8:6a:
ae:3e:7b:2b:f4:13:1d:83:2e:2b:37:9f:6f:8f:32:
4b:dc:61:e5:83:c5:8d:cc:70:0a:79:46:19:17:0f:
8e:a6:1b:89:3b:a2:39:12:6a:12:59:1b:6f:cc:cf:
a4:97:21:34:d8:12:bb:11:04:d4:12:84:07:82:be:
3c:45:13:33:b5:b9:aa:c3:5d:91:c2:b0:6f:59:60:
60:e1:49:33:62:1a:40:ac:c3:3e:d0:a2:8b:56:14:
84:e8:4f:5e:e6:58:df:1c:2e:dd:02:84:51:ee:5f:
3e:7d:56:83:6c:75:92:3e:1c:b2:5e:fa:78:18:d8:
85:45:bb:37:2b:6f:7a:c6:c0:e4:6d:c6:7d:28:16:
13:eb:40:0a:65:25:0e:d0:70:11:c8:96:f4:4f:f7:
b8:19:ea:12:f1:46:5f:e1:0e:53:8f:02:94:a8:58:
6e:06:6c:fa:45:e8:f5:5f:07:0c:c3:81:46:51:45:
85:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:37:7D:1D:5D:78:F8:11:F4:0A:E1:73:91:37:0F:76:6C:F7:CB:0B
X509v3 Authority Key Identifier:
keyid:6C:73:A0:4A:7D:0E:B2:DF:47:DA:F0:C3:9F:BA:75:E3:65:C8:85:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHOgSn0Ost9H2vDDn7p142XIhT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/qTd9HV14-BH0CuFzkTcPdmz3yws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/42af1e-d553-4fe6-9fc3-f9633292c977/1/bHOgSn0Ost9H2vDDn7p142XIhT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.1.0-193.178.21.255
193.178.29.0-193.178.30.255
Signature Algorithm: sha256WithRSAEncryption
16:57:bd:bc:4f:32:e8:df:11:44:cf:da:7a:94:13:a5:e9:f8:
19:cb:fd:16:93:11:de:52:18:5b:af:fd:c7:72:31:d8:be:09:
e7:07:a6:4c:34:22:6b:8f:58:5f:5b:1d:1f:f1:99:40:e0:2a:
67:24:5e:58:c6:43:3e:fb:da:d2:6b:51:f6:47:38:9a:06:9d:
39:ab:b8:6b:ec:da:96:52:d7:42:39:34:5d:2d:c0:49:81:71:
86:7c:df:20:c7:2d:7f:c8:03:13:43:f4:06:40:60:db:5e:57:
03:ae:be:98:d5:06:b4:0d:4a:bb:f4:7e:86:bc:0f:88:1b:d9:
27:09:01:0d:8a:63:47:a7:13:73:60:85:03:f9:b6:12:1f:25:
3c:ef:6d:25:71:2d:d4:38:46:ae:13:bb:3a:06:90:1d:cb:43:
a4:69:05:fe:85:a8:28:03:93:1d:2d:bf:25:c8:46:00:e7:3c:
67:84:ed:57:da:bf:8b:b6:e5:c4:57:df:a4:63:a9:ec:85:38:
98:f0:5b:b7:85:46:84:0b:3e:c0:12:39:28:25:66:d0:c4:49:
0e:7d:67:7d:31:27:60:b0:ef:3c:7f:7a:93:64:35:ef:1d:e0:
9b:df:7d:93:86:85:6e:40:96:08:18:b6:f4:78:96:06:2c:7e:
05:b2:63:ad
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzC2uriQNUEtALQszdZ4zdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNhMDRhN2QwZWIyZGY0N2RhZjBjMzlmYmE3NWUzNjVj
ODg1M2QwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM3N2QxZDVkNzhmODExZjQwYWUxNzM5MTM3MGY3NjZjZjdjYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQnYQ6UKSB0OZ+ttpkaRsmUfJdmT
qkCmyWS9ilP/R0Rpm0pg9MwEObHUSreuWJGpD/NoQJD03ysyxURaiJgSFKw26Btb
lZwUuGquPnsr9BMdgy4rN59vjzJL3GHlg8WNzHAKeUYZFw+OphuJO6I5EmoSWRtv
zM+klyE02BK7EQTUEoQHgr48RRMztbmqw12RwrBvWWBg4UkzYhpArMM+0KKLVhSE
6E9e5ljfHC7dAoRR7l8+fVaDbHWSPhyyXvp4GNiFRbs3K296xsDkbcZ9KBYT60AK
ZSUO0HARyJb0T/e4GeoS8UZf4Q5TjwKUqFhuBmz6Rej1XwcMw4FGUUWFxQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKk3fR1dePgR9Arhc5E3D3Zs98sLMB8GA1UdIwQY
MBaAFGxzoEp9DrLfR9rww5+6deNlyIU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMt
Zjk2MzMyOTJjOTc3LzEvcVRkOUhWMTQtQkgwQ3VGemtUY1BkbXozeXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MmFmMWUtZDU1My00ZmU2LTlmYzMtZjk2MzMyOTJjOTc3
LzEvYkhPZ1NuME9zdDlIMnZERG43cDE0MlhJaFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADBsgED
BAHBshQwDAMEAMGyHQMEAMGyHjANBgkqhkiG9w0BAQsFAAOCAQEAFle9vE8y6N8R
RM/aepQTpen4Gcv9FpMR3lIYW6/9x3Ix2L4J5wemTDQia49YX1sdH/GZQOAqZyRe
WMZDPvva0mtR9kc4mgadOau4a+zallLXQjk0XS3ASYFxhnzfIMctf8gDE0P0BkBg
215XA66+mNUGtA1Ku/R+hrwPiBvZJwkBDYpjR6cTc2CFA/m2Eh8lPO9tJXEt1DhG
rhO7OgaQHctDpGkF/oWoKAOTHS2/JchGAOc8Z4TtV9q/i7blxFffpGOp7IU4mPBb
t4VGhAs+wBI5KCVm0MRJDn1nfTEnYLDvPH96k2Q17x3gm999k4aFbkCWCBi29HiW
Bix+BbJjrQ==
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:11:01 2024 by rpki-client on console-fra.rpki-client.org