Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/boqnAyftTJxYkrklggQuSaE7RzI.roa
File: boqnAyftTJxYkrklggQuSaE7RzI.roa (raw, json)
Hash identifier: 72hznPwDwrXx1Z8EBDRnMrqo1g3yNxuei7ijr4gtpsY=
Subject key identifier: 6E:8A:A7:03:27:ED:4C:9C:58:92:B9:25:82:04:2E:49:A1:3B:47:32
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018CC86F6EB827E4021A9E6DA00E6A15BFD7
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/boqnAyftTJxYkrklggQuSaE7RzI.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 57.250.40.0/24 maxlen: 24
57.250.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6e:b8:27:e4:02:1a:9e:6d:a0:0e:6a:15:bf:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e8aa70327ed4c9c5892b92582042e49a13b4732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:11:5b:58:f5:6a:53:63:a1:78:7a:4d:38:
35:49:d3:6a:58:83:bc:2d:0d:30:48:8d:2e:22:30:
99:94:aa:13:47:9e:f6:b6:8d:cc:10:77:26:7f:f4:
cd:03:14:4c:37:cd:74:e4:52:81:14:3e:f3:91:dc:
eb:14:b0:57:ad:cc:45:93:41:31:1d:ed:83:ad:8e:
e3:cd:95:a3:91:5a:73:e7:27:f6:a6:2d:c6:ab:63:
39:bd:9e:12:da:5f:c6:ff:1f:69:fe:2b:5a:11:43:
d0:e9:9e:ed:2b:c3:32:0d:7d:01:af:f2:47:2c:8d:
23:88:e1:11:28:f8:2c:47:b6:d1:e4:ce:95:c1:8d:
24:d0:5c:f6:64:7e:48:46:42:29:af:0f:cc:fc:f7:
86:d7:6d:e2:a0:79:70:c1:14:c2:e2:58:90:3a:ed:
bc:b6:68:50:03:23:b3:81:c6:f8:ee:bc:83:5e:c4:
06:da:a3:2b:ec:96:e9:f7:5b:bc:44:68:3e:ab:f0:
73:6e:6a:ae:2d:22:23:63:0e:f5:3c:e9:56:97:9a:
b7:dd:ee:68:c6:27:93:6d:d8:5d:4f:c2:22:05:4c:
9b:11:83:c8:4e:83:23:e0:b6:e6:e4:c8:68:62:9a:
18:51:bc:c4:da:04:8b:d5:52:39:63:00:5b:36:e1:
1d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8A:A7:03:27:ED:4C:9C:58:92:B9:25:82:04:2E:49:A1:3B:47:32
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/boqnAyftTJxYkrklggQuSaE7RzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.40.0/24
57.250.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:8a:79:a4:22:41:eb:a6:64:58:57:16:f8:f7:7f:ff:7e:5b:
42:b8:a8:a5:74:b9:91:3b:60:65:29:f7:5e:99:9d:83:b4:22:
84:e0:1a:df:6d:43:de:02:2e:6c:bc:ee:1f:81:bd:21:d5:87:
15:17:33:c4:7e:7c:93:a8:5f:c1:46:03:68:a5:16:76:22:11:
72:b8:7e:f7:9d:05:75:ea:40:e4:90:c3:85:1d:62:34:a8:d4:
2c:71:9c:c2:0d:c6:fc:0c:70:ae:d6:f4:fc:54:65:02:9b:76:
e1:7c:ef:d9:d5:85:5b:3f:15:73:4a:41:ba:d3:2a:96:a1:ef:
28:f6:80:e3:98:31:11:99:41:4d:cf:f9:a2:e7:12:87:d9:e3:
4e:cf:fa:a4:d3:78:1d:9e:e8:93:e0:c5:3f:09:e4:94:f8:27:
49:c6:30:6b:f6:86:c6:e4:20:b1:d8:41:42:72:88:19:7a:77:
35:e2:89:14:e3:9d:42:0e:9a:48:7c:90:77:bd:a2:12:86:d4:
01:03:2b:25:67:08:b7:5a:06:e0:99:f1:31:76:ed:c7:38:d2:
fe:66:3e:08:25:89:2d:aa:59:7a:9b:4a:c1:28:5b:b7:ee:29:
d7:e0:3c:f1:12:84:d4:b5:96:72:99:1f:30:bb:36:d4:d4:da:
0c:78:df:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb264J+QCGp5toA5qFb/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThhYTcwMzI3ZWQ0YzljNTg5MmI5MjU4MjA0MmU0OWExM2I0NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiURW1j1alNjoXh6TTg1SdNqWIO8
LQ0wSI0uIjCZlKoTR572to3MEHcmf/TNAxRMN8105FKBFD7zkdzrFLBXrcxFk0Ex
He2DrY7jzZWjkVpz5yf2pi3Gq2M5vZ4S2l/G/x9p/itaEUPQ6Z7tK8MyDX0Br/JH
LI0jiOERKPgsR7bR5M6VwY0k0Fz2ZH5IRkIprw/M/PeG123ioHlwwRTC4liQOu28
tmhQAyOzgcb47ryDXsQG2qMr7Jbp91u8RGg+q/BzbmquLSIjYw71POlWl5q33e5o
xieTbdhdT8IiBUybEYPIToMj4Lbm5MhoYpoYUbzE2gSL1VI5YwBbNuEd5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG6KpwMn7UycWJK5JYIELkmhO0cyMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvYm9xbkF5ZnRUSnhZa3JrbGdnUXVTYUU3UnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfooAwQA
OfoqMA0GCSqGSIb3DQEBCwUAA4IBAQCminmkIkHrpmRYVxb493//fltCuKildLmR
O2BlKfdemZ2DtCKE4BrfbUPeAi5svO4fgb0h1YcVFzPEfnyTqF/BRgNopRZ2IhFy
uH73nQV16kDkkMOFHWI0qNQscZzCDcb8DHCu1vT8VGUCm3bhfO/Z1YVbPxVzSkG6
0yqWoe8o9oDjmDERmUFNz/mi5xKH2eNOz/qk03gdnuiT4MU/CeSU+CdJxjBr9obG
5CCx2EFCcogZenc14okU451CDppIfJB3vaIShtQBAyslZwi3WgbgmfExdu3HONL+
Zj4IJYktqll6m0rBKFu37inX4DzxEoTUtZZymR8wuzbU1NoMeN/h
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:03 2024 by rpki-client on console-fra.rpki-client.org