Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/QnA_9GIkcmJJqPS_fmbK6VwKMcQ.roa
File: QnA_9GIkcmJJqPS_fmbK6VwKMcQ.roa (raw, json)
Hash identifier: HvEY9U3+aPEd3GRsve5klekiYAFYCIMGzIYkILB9tBw=
Subject key identifier: 42:70:3F:F4:62:24:72:62:49:A8:F4:BF:7E:66:CA:E9:5C:0A:31:C4
Certificate issuer: /CN=278901c061a355a3fdaace0c80b967ad1cd3717a
Certificate serial: 018CC94D6DC09033A3AE1FBE805789A8FB1F
Authority key identifier: 27:89:01:C0:61:A3:55:A3:FD:AA:CE:0C:80:B9:67:AD:1C:D3:71:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4kBwGGjVaP9qs4MgLlnrRzTcXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/QnA_9GIkcmJJqPS_fmbK6VwKMcQ.roa
Signing time: Tue 02 Jan 2024 08:32:23 +0000
ROA not before: Tue 02 Jan 2024 08:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207799
IP address blocks: 194.49.71.0/24 maxlen: 24
194.49.76.0/24 maxlen: 24
194.49.84.0/24 maxlen: 24
194.49.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/J4kBwGGjVaP9qs4MgLlnrRzTcXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/J4kBwGGjVaP9qs4MgLlnrRzTcXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4kBwGGjVaP9qs4MgLlnrRzTcXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:6d:c0:90:33:a3:ae:1f:be:80:57:89:a8:fb:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278901c061a355a3fdaace0c80b967ad1cd3717a
Validity
Not Before: Jan 2 08:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42703ff46224726249a8f4bf7e66cae95c0a31c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c0:39:c2:f8:74:9f:d5:eb:0b:d9:63:5c:83:
19:b0:98:64:26:9e:4e:d9:94:a5:4c:dd:4a:c8:83:
41:47:a7:41:d2:17:bf:8e:52:79:89:03:ac:3e:17:
d8:ee:eb:48:d7:48:e7:a6:89:f9:81:4a:9f:20:1b:
61:dc:7f:bd:fe:9e:0c:ec:08:04:5c:28:07:cd:f0:
b7:64:f3:eb:d9:73:91:e5:24:08:f3:90:58:09:07:
13:4b:64:73:b3:04:b1:83:69:5c:ec:5a:61:95:b2:
a5:b5:04:43:6c:5e:ea:e6:2d:44:4c:32:db:10:35:
ad:ec:50:3e:c7:9f:55:e0:3d:a2:cc:8b:21:63:b5:
a4:8a:1b:bb:ae:45:19:54:a0:58:01:f4:11:c5:ab:
7f:f6:fd:7e:7e:ae:07:8e:3e:c3:71:18:74:6b:68:
43:4c:8d:df:a8:f2:af:4e:72:6c:c8:a5:c0:21:52:
80:7f:0d:1f:e8:dd:8f:23:df:9d:f6:cd:65:0a:cd:
10:a8:30:d7:67:38:be:a9:90:f6:60:57:ae:b3:0e:
89:e9:c2:0a:70:6e:99:e3:ed:08:e3:eb:a1:c5:12:
be:c8:1d:5f:88:be:91:0f:6f:4d:90:0c:0e:43:db:
e1:24:d5:5b:9b:d3:1d:44:8e:8d:46:0b:e5:78:1d:
b7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:70:3F:F4:62:24:72:62:49:A8:F4:BF:7E:66:CA:E9:5C:0A:31:C4
X509v3 Authority Key Identifier:
keyid:27:89:01:C0:61:A3:55:A3:FD:AA:CE:0C:80:B9:67:AD:1C:D3:71:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4kBwGGjVaP9qs4MgLlnrRzTcXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/QnA_9GIkcmJJqPS_fmbK6VwKMcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/902599-48d6-4a89-8724-9c7a7bcaaf36/1/J4kBwGGjVaP9qs4MgLlnrRzTcXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.71.0/24
194.49.76.0/24
194.49.84.0/24
194.49.93.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:28:79:f9:11:38:17:d8:41:d2:7b:5b:3f:a1:44:06:bf:66:
74:a8:ad:05:5b:89:3d:91:cd:94:87:84:1f:33:d7:60:6a:a6:
02:2f:e4:2a:cb:f9:c4:ee:ca:f0:7a:01:4b:3d:2d:eb:d4:11:
0b:77:5b:ef:73:79:ac:4b:29:66:50:7d:6b:e0:f3:0d:c8:b8:
1d:d4:65:b0:fa:4c:f9:2a:a8:dc:94:66:9f:fa:1a:79:09:8d:
fa:06:ba:92:6b:0c:55:98:61:73:fe:8b:63:a3:91:a1:16:20:
20:c2:85:ac:78:02:42:eb:cb:b6:c9:5e:b3:a1:c7:c2:2b:a6:
c8:5d:98:b7:b5:49:fd:6b:8f:fb:6f:63:98:59:3f:00:12:95:
44:50:b7:7a:3c:49:33:90:69:46:02:72:d3:0e:e5:bd:8c:bb:
ae:d0:af:8f:24:93:28:5a:17:bc:e7:2f:6a:37:12:ec:c6:ed:
ab:4c:46:0b:df:44:6f:f7:1b:fa:1a:0c:e2:48:c0:3b:59:91:
3f:6b:eb:52:98:2e:93:70:25:29:f2:d8:e9:38:c1:eb:04:0e:
55:77:0d:2e:47:16:67:ed:cc:88:4d:ac:0b:a0:14:80:2f:3e:
08:7e:0e:32:fa:66:43:6a:27:75:aa:72:8e:b3:d2:bb:64:73:
aa:47:70:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTW3AkDOjrh++gFeJqPsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ODkwMWMwNjFhMzU1YTNmZGFhY2UwYzgwYjk2N2FkMWNk
MzcxN2EwHhcNMjQwMTAyMDgzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcwM2ZmNDYyMjQ3MjYyNDlhOGY0YmY3ZTY2Y2FlOTVjMGEzMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMA5wvh0n9XrC9ljXIMZsJhkJp5O
2ZSlTN1KyINBR6dB0he/jlJ5iQOsPhfY7utI10jnpon5gUqfIBth3H+9/p4M7AgE
XCgHzfC3ZPPr2XOR5SQI85BYCQcTS2RzswSxg2lc7FphlbKltQRDbF7q5i1ETDLb
EDWt7FA+x59V4D2izIshY7Wkihu7rkUZVKBYAfQRxat/9v1+fq4Hjj7DcRh0a2hD
TI3fqPKvTnJsyKXAIVKAfw0f6N2PI9+d9s1lCs0QqDDXZzi+qZD2YFeusw6J6cIK
cG6Z4+0I4+uhxRK+yB1fiL6RD29NkAwOQ9vhJNVbm9MdRI6NRgvleB230wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEJwP/RiJHJiSaj0v35myulcCjHEMB8GA1UdIwQY
MBaAFCeJAcBho1Wj/arODIC5Z60c03F6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjRrQndHR2pWYVA5cXM0TWdMbG5yUnpUY1hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85MDI1OTktNDhkNi00YTg5LTg3MjQt
OWM3YTdiY2FhZjM2LzEvUW5BXzlHSWtjbUpKcVBTX2ZtYks2VndLTWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85MDI1OTktNDhkNi00YTg5LTg3MjQtOWM3YTdiY2FhZjM2
LzEvSjRrQndHR2pWYVA5cXM0TWdMbG5yUnpUY1hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjFHAwQA
wjFMAwQAwjFUAwQAwjFdMA0GCSqGSIb3DQEBCwUAA4IBAQCiKHn5ETgX2EHSe1s/
oUQGv2Z0qK0FW4k9kc2Uh4QfM9dgaqYCL+Qqy/nE7srwegFLPS3r1BELd1vvc3ms
SylmUH1r4PMNyLgd1GWw+kz5KqjclGaf+hp5CY36BrqSawxVmGFz/otjo5GhFiAg
woWseAJC68u2yV6zocfCK6bIXZi3tUn9a4/7b2OYWT8AEpVEULd6PEkzkGlGAnLT
DuW9jLuu0K+PJJMoWhe85y9qNxLsxu2rTEYL30Rv9xv6GgziSMA7WZE/a+tSmC6T
cCUp8tjpOMHrBA5Vdw0uRxZn7cyITawLoBSALz4Ifg4y+mZDaid1qnKOs9K7ZHOq
R3A/
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:57 2024 by rpki-client on console-ams.rpki-client.org