Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/Q7IfWocra-mTc3cj3Yz03mwL_HQ.roa
File: Q7IfWocra-mTc3cj3Yz03mwL_HQ.roa (raw, json)
Hash identifier: d6XrVutZZsMBkcJIr5SxkjADv/dlXFtXWPt/2zl7zgE=
Subject key identifier: 43:B2:1F:5A:87:2B:6B:E9:93:73:77:23:DD:8C:F4:DE:6C:0B:FC:74
Certificate issuer: /CN=f159077e043877059603caa0e3e584b1626e8f7b
Certificate serial: 018CC64B39B7C7A63BF5780420B0C2117491
Authority key identifier: F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/Q7IfWocra-mTc3cj3Yz03mwL_HQ.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30879
IP address blocks: 195.34.200.0/22 maxlen: 24
83.97.8.0/21 maxlen: 24
2a11:d940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 04:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:39:b7:c7:a6:3b:f5:78:04:20:b0:c2:11:74:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f159077e043877059603caa0e3e584b1626e8f7b
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b21f5a872b6be993737723dd8cf4de6c0bfc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fa:54:c8:8b:64:6d:1f:ce:c9:be:39:2e:80:
09:7a:da:e9:a3:e6:82:db:84:24:ea:33:f3:a7:86:
f5:77:ce:38:f6:47:44:e0:b1:f5:44:2e:bc:68:26:
39:e3:d4:89:f5:ba:51:ee:57:3c:09:06:78:ca:ae:
1f:28:66:3b:11:e0:d7:1e:d0:1a:80:c0:4f:5b:7a:
5c:42:c5:b9:db:10:6e:d3:f5:e4:78:b5:b5:18:8f:
0a:aa:31:eb:e8:38:a8:37:99:74:cf:e3:eb:f7:05:
61:8d:64:db:3e:fb:32:37:79:c7:67:a2:95:1f:18:
ad:19:da:69:3f:37:1d:0e:1d:ce:e4:e5:81:97:43:
31:8b:d9:35:b3:de:46:ab:ab:75:4e:dd:f2:41:46:
a2:3c:fe:b7:83:7a:03:2b:8c:00:19:62:04:32:54:
e1:3a:29:6e:62:cf:6b:c6:bf:0d:a9:43:e6:58:92:
e0:74:c5:65:da:a6:e3:29:91:07:95:87:ca:99:da:
64:77:ef:79:af:03:22:c5:b4:ed:e5:2f:34:da:75:
25:68:3b:61:6b:cf:0d:c9:03:27:07:bf:74:87:2f:
23:5a:46:33:cc:2d:ef:5d:25:84:8e:70:91:48:7e:
bc:6b:69:92:9a:d4:db:9b:6d:d6:90:9d:39:5c:8e:
43:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B2:1F:5A:87:2B:6B:E9:93:73:77:23:DD:8C:F4:DE:6C:0B:FC:74
X509v3 Authority Key Identifier:
keyid:F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/Q7IfWocra-mTc3cj3Yz03mwL_HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.8.0/21
195.34.200.0/22
IPv6:
2a11:d940::/29
Signature Algorithm: sha256WithRSAEncryption
06:db:be:33:e1:5e:bc:ce:22:1f:01:f1:b6:ea:76:9d:a8:c0:
4a:d2:73:48:ee:db:6a:13:3b:b5:3d:44:7b:51:d5:d6:30:97:
89:17:19:00:bd:62:f1:4c:38:3e:ed:31:bf:42:8a:8c:9d:0a:
ea:f1:3a:fe:44:12:df:df:a8:98:c7:72:86:19:88:6b:76:dd:
63:43:32:f7:15:1a:7c:8c:aa:f5:62:ed:30:e3:00:2c:f2:6a:
c2:01:6b:fe:59:94:52:66:af:a8:77:29:d8:4e:f2:de:b7:05:
bf:6c:5b:21:bb:9c:e9:7b:ef:54:0e:06:62:69:9d:3a:5b:1c:
2f:7d:79:5f:d5:7b:6d:d4:5f:21:5b:85:fc:bc:11:1d:15:e7:
9c:a0:ba:c1:b8:31:88:b4:44:4a:0e:6f:a4:5a:c2:0a:69:5a:
46:0f:b1:5b:69:70:7e:15:2b:c3:b4:d5:af:db:60:0e:62:ea:
82:79:19:86:c9:1e:07:4c:86:d1:39:94:7e:90:ec:27:52:e4:
da:c7:f9:af:f5:1b:de:b4:0b:a4:a4:2a:3e:ae:70:fa:c4:5e:
42:29:9e:eb:f4:7e:95:71:ff:7a:26:21:b2:3b:24:7f:8f:78:
78:fb:e4:a7:9d:d8:85:d1:b2:84:fc:05:1d:a0:ce:ef:9d:0e:
82:4e:8a:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSzm3x6Y79XgEILDCEXSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNTkwNzdlMDQzODc3MDU5NjAzY2FhMGUzZTU4NGIxNjI2
ZThmN2IwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IyMWY1YTg3MmI2YmU5OTM3Mzc3MjNkZDhjZjRkZTZjMGJmYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/pUyItkbR/Oyb45LoAJetrpo+aC
24Qk6jPzp4b1d8449kdE4LH1RC68aCY549SJ9bpR7lc8CQZ4yq4fKGY7EeDXHtAa
gMBPW3pcQsW52xBu0/XkeLW1GI8KqjHr6DioN5l0z+Pr9wVhjWTbPvsyN3nHZ6KV
HxitGdppPzcdDh3O5OWBl0Mxi9k1s95Gq6t1Tt3yQUaiPP63g3oDK4wAGWIEMlTh
OiluYs9rxr8NqUPmWJLgdMVl2qbjKZEHlYfKmdpkd+95rwMixbTt5S802nUlaDth
a88NyQMnB790hy8jWkYzzC3vXSWEjnCRSH68a2mSmtTbm23WkJ05XI5D1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEOyH1qHK2vpk3N3I92M9N5sC/x0MB8GA1UdIwQY
MBaAFPFZB34EOHcFlgPKoOPlhLFibo97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZrSGZnUTRkd1dXQThxZzQtV0VzV0p1ajNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wYWE1NDEtZTkwZi00NmZkLWEwZGMt
MDNkOTA0YzgwMmNlLzEvUTdJZldvY3JhLW1UYzNjajNZejAzbXdMX0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wYWE1NDEtZTkwZi00NmZkLWEwZGMtMDNkOTA0YzgwMmNl
LzEvOFZrSGZnUTRkd1dXQThxZzQtV0VzV0p1ajNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU2EIAwQC
wyLIMA0EAgACMAcDBQMqEdlAMA0GCSqGSIb3DQEBCwUAA4IBAQAG274z4V68ziIf
AfG26nadqMBK0nNI7ttqEzu1PUR7UdXWMJeJFxkAvWLxTDg+7TG/QoqMnQrq8Tr+
RBLf36iYx3KGGYhrdt1jQzL3FRp8jKr1Yu0w4wAs8mrCAWv+WZRSZq+odynYTvLe
twW/bFshu5zpe+9UDgZiaZ06WxwvfXlf1Xtt1F8hW4X8vBEdFeecoLrBuDGItERK
Dm+kWsIKaVpGD7FbaXB+FSvDtNWv22AOYuqCeRmGyR4HTIbROZR+kOwnUuTax/mv
9RvetAukpCo+rnD6xF5CKZ7r9H6Vcf96JiGyOyR/j3h4++SnndiF0bKE/AUdoM7v
nQ6CToro
-----END CERTIFICATE-----
Generated at Sat May 25 08:49:46 2024 by rpki-client on console-ams.rpki-client.org