Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qq-WV443VLoP8X_GfwnBzrtF2ck.roa
File: qq-WV443VLoP8X_GfwnBzrtF2ck.roa (raw, json)
Hash identifier: XTHMwTlFY5WmHJehZTtS+HupK1p/l8j6NQ90gSDz/os=
Subject key identifier: AA:AF:96:57:8E:37:54:BA:0F:F1:7F:C6:7F:09:C1:CE:BB:45:D9:C9
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018CC4255A9B26D4EA05950649F104D6AEC4
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qq-WV443VLoP8X_GfwnBzrtF2ck.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49157
IP address blocks: 185.131.176.0/24 maxlen: 24
185.131.178.0/24 maxlen: 24
185.131.177.0/24 maxlen: 24
185.131.179.0/24 maxlen: 24
83.136.237.0/24 maxlen: 24
185.151.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5a:9b:26:d4:ea:05:95:06:49:f1:04:d6:ae:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaaf96578e3754ba0ff17fc67f09c1cebb45d9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:24:6a:db:aa:9c:cf:fd:43:20:f1:3f:cf:a0:
2b:1f:78:16:45:20:82:d2:0b:d3:7c:d3:08:8b:91:
a4:ab:d2:28:85:e7:6d:f2:aa:5a:f3:ec:c1:88:70:
f0:0b:ed:24:e4:90:18:8d:29:c5:a0:0a:a2:d5:18:
68:af:a8:57:bd:c5:20:cc:31:49:fc:aa:91:ff:82:
67:df:46:bd:2d:f1:ea:5f:78:eb:84:1d:f2:fd:4b:
17:52:57:f2:1c:ac:f2:05:41:cb:06:c8:f2:5a:ab:
13:6c:fd:93:60:ad:6b:ad:ed:fa:7e:55:d5:7b:6f:
6c:d8:7b:85:74:82:0c:a2:9b:d0:c9:bd:91:d2:17:
02:17:b4:5e:99:42:e9:95:2c:78:69:fc:38:5e:60:
0b:2d:34:df:2f:06:b8:a1:83:bb:55:01:98:a7:e5:
dc:a1:1b:97:ff:47:aa:39:15:fd:f0:96:08:f5:35:
66:a2:83:8f:bd:2f:03:0c:f5:af:37:93:50:0e:8d:
bc:55:22:3e:d6:0c:ec:27:2d:ea:6a:0f:1b:9d:cf:
9f:91:38:0a:f1:fc:9c:c7:b7:2c:26:12:4a:24:05:
de:a3:59:02:1e:86:96:16:c3:48:a8:72:24:9a:29:
93:1a:d3:84:31:95:c9:1c:4e:19:c3:ff:a2:9b:87:
1c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AF:96:57:8E:37:54:BA:0F:F1:7F:C6:7F:09:C1:CE:BB:45:D9:C9
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qq-WV443VLoP8X_GfwnBzrtF2ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.237.0/24
185.131.176.0/22
185.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f7:7a:72:b1:e2:0f:19:5c:7f:69:9c:84:a8:67:53:b8:b0:
1d:a4:73:12:f7:e7:87:18:6d:44:53:13:8e:a6:60:fd:f6:31:
c1:67:9f:6f:bd:11:61:ef:f0:36:97:13:ec:1e:5e:af:33:11:
c5:c4:4c:f4:1b:eb:2d:2d:27:d2:60:08:1f:6d:cf:4b:08:db:
00:76:d0:f6:ed:dd:ce:b8:70:48:f8:43:50:0b:fa:4f:97:44:
10:ac:4a:d2:98:0c:60:c6:3a:87:a4:b1:d5:20:03:e3:58:85:
e6:ca:03:f0:b7:bb:00:2a:a3:72:20:2c:4a:73:2b:98:6f:7d:
0e:23:19:af:6a:44:05:95:4e:13:d5:3b:d3:93:e6:44:48:92:
12:da:45:0c:b3:f0:d4:75:05:07:20:ad:48:42:d9:38:3c:11:
5d:59:b8:3a:8d:cd:1e:a8:f4:8e:88:2c:1c:9b:70:94:1e:d8:
46:55:85:32:e0:a0:0b:70:2b:69:f2:75:72:4c:d1:ba:1f:62:
35:f9:2c:96:5b:39:88:38:d5:52:2a:7a:0e:8e:e5:d3:0c:7c:
7b:fb:b9:2e:c3:51:4e:66:10:9b:01:99:a9:ec:0f:98:99:fc:
ff:c6:52:07:fd:34:fb:0e:84:f2:e6:8f:95:f0:a1:48:11:15:
30:50:b4:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJVqbJtTqBZUGSfEE1q7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFmOTY1NzhlMzc1NGJhMGZmMTdmYzY3ZjA5YzFjZWJiNDVkOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyRq26qcz/1DIPE/z6ArH3gWRSCC
0gvTfNMIi5Gkq9Iohedt8qpa8+zBiHDwC+0k5JAYjSnFoAqi1Rhor6hXvcUgzDFJ
/KqR/4Jn30a9LfHqX3jrhB3y/UsXUlfyHKzyBUHLBsjyWqsTbP2TYK1rre36flXV
e29s2HuFdIIMopvQyb2R0hcCF7RemULplSx4afw4XmALLTTfLwa4oYO7VQGYp+Xc
oRuX/0eqORX98JYI9TVmooOPvS8DDPWvN5NQDo28VSI+1gzsJy3qag8bnc+fkTgK
8fycx7csJhJKJAXeo1kCHoaWFsNIqHIkmimTGtOEMZXJHE4Zw/+im4ccMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKqvlleON1S6D/F/xn8Jwc67RdnJMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvcXEtV1Y0NDNWTG9QOFhfR2Z3bkJ6cnRGMmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4jtAwQC
uYOwAwQAuZfHMA0GCSqGSIb3DQEBCwUAA4IBAQAK93pyseIPGVx/aZyEqGdTuLAd
pHMS9+eHGG1EUxOOpmD99jHBZ59vvRFh7/A2lxPsHl6vMxHFxEz0G+stLSfSYAgf
bc9LCNsAdtD27d3OuHBI+ENQC/pPl0QQrErSmAxgxjqHpLHVIAPjWIXmygPwt7sA
KqNyICxKcyuYb30OIxmvakQFlU4T1TvTk+ZESJIS2kUMs/DUdQUHIK1IQtk4PBFd
Wbg6jc0eqPSOiCwcm3CUHthGVYUy4KALcCtp8nVyTNG6H2I1+SyWWzmIONVSKnoO
juXTDHx7+7kuw1FOZhCbAZmp7A+Ymfz/xlIH/TT7DoTy5o+V8KFIERUwULS5
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:04 2024 by rpki-client on console-ams.rpki-client.org