Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/7Qn70K6sKN07RLab4rdz2Df-CNQ.roa
File: 7Qn70K6sKN07RLab4rdz2Df-CNQ.roa (raw, json)
Hash identifier: AJyttIS04Ok58Lx6NF0ts2j3z/4shXqx2wbtnj8YMqw=
Subject key identifier: ED:09:FB:D0:AE:AC:28:DD:3B:44:B6:9B:E2:B7:73:D8:37:FE:08:D4
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802CF877C12095768F6F3567173F993
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/7Qn70K6sKN07RLab4rdz2Df-CNQ.roa
Signing time: Tue 02 Jan 2024 02:31:16 +0000
ROA not before: Tue 02 Jan 2024 02:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208179
IP address blocks: 31.14.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:cf:87:7c:12:09:57:68:f6:f3:56:71:73:f9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed09fbd0aeac28dd3b44b69be2b773d837fe08d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:06:98:aa:99:8e:9e:ae:0f:f1:7b:8e:13:
fd:d1:b9:72:a0:f7:37:4f:69:77:e9:bd:df:24:85:
7e:bc:9f:7a:a2:b6:25:c6:4d:cf:4e:74:ff:b2:ed:
45:f2:b5:cb:55:74:44:e2:62:ba:55:44:a3:95:7a:
d7:34:dc:f7:90:b9:c5:cd:d0:75:c0:70:d3:44:50:
5b:f3:1c:b4:1b:8c:a4:0d:41:c6:b4:bc:9a:14:10:
fd:86:5f:0e:fb:7e:de:43:e7:d2:17:d2:de:66:8a:
2e:16:12:fe:2c:4b:53:bc:71:8e:3c:90:d2:29:62:
13:d2:d6:0a:a5:f9:7e:1c:61:91:65:6d:57:15:00:
0b:91:fa:3d:03:3e:8a:1c:9b:0b:03:9f:b7:25:9f:
45:00:25:20:74:b7:7a:d0:de:0e:bb:3b:f0:64:04:
7d:d9:1c:5c:23:74:67:c9:0d:b8:04:46:c9:1b:21:
fb:0a:3d:76:cd:2d:5c:1f:dc:12:a3:a0:60:4c:1e:
d4:99:d9:78:d4:2f:85:d5:c1:18:8d:61:9a:09:01:
a0:c5:b4:6a:73:14:b5:fc:28:eb:cf:ea:b2:fc:c9:
3a:14:67:9f:06:41:f0:08:c3:1e:7a:ad:21:15:4f:
d7:44:a3:89:c8:a5:66:6f:d5:64:2a:ad:62:c7:15:
a0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:09:FB:D0:AE:AC:28:DD:3B:44:B6:9B:E2:B7:73:D8:37:FE:08:D4
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/7Qn70K6sKN07RLab4rdz2Df-CNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.55.0/24
Signature Algorithm: sha256WithRSAEncryption
71:52:b8:da:33:46:63:6c:55:96:f6:b2:5f:ab:ef:3f:cd:a9:
1f:57:70:86:3e:b1:82:9f:30:f5:c3:6e:fa:74:5f:2d:05:79:
1a:ae:a1:02:b3:e5:c1:88:8c:34:a7:ef:32:0b:3e:f2:0a:f5:
d5:d3:9d:2b:ca:f9:47:6d:3b:83:e3:a0:0a:4a:18:22:dc:64:
2d:68:c0:d8:5a:78:c3:c8:9d:3c:c3:46:be:44:53:2a:c9:01:
96:30:be:c2:9b:19:18:9d:eb:cb:3d:22:b0:1e:03:88:fa:6a:
9e:39:3b:8b:ab:b8:2a:a0:0d:16:df:3f:3f:cf:72:ab:b1:20:
03:ba:15:d0:02:16:12:d5:a5:bd:39:ec:15:56:64:1d:5d:69:
fd:f2:53:56:63:90:50:63:6b:b0:2e:ab:12:5f:0d:43:ba:bf:
ee:2b:8a:93:9c:e0:b6:d6:0a:5e:79:2c:67:90:aa:96:7f:da:
7a:17:c7:34:1c:2b:dc:c6:13:89:85:f0:59:af:53:3a:db:11:
80:5f:ac:b6:f7:ea:b1:e2:56:b8:0c:fd:96:b6:36:7a:e2:83:
31:c2:35:9c:fe:16:62:01:ee:07:e0:4d:31:1e:02:be:87:be:
a5:b5:d8:50:24:07:45:25:e6:a7:29:45:49:57:17:69:3d:5b:
b8:b2:68:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAs+HfBIJV2j281Zxc/mTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA5ZmJkMGFlYWMyOGRkM2I0NGI2OWJlMmI3NzNkODM3ZmUwOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXAGmKqZjp6uD/F7jhP90blyoPc3
T2l36b3fJIV+vJ96orYlxk3PTnT/su1F8rXLVXRE4mK6VUSjlXrXNNz3kLnFzdB1
wHDTRFBb8xy0G4ykDUHGtLyaFBD9hl8O+37eQ+fSF9LeZoouFhL+LEtTvHGOPJDS
KWIT0tYKpfl+HGGRZW1XFQALkfo9Az6KHJsLA5+3JZ9FACUgdLd60N4OuzvwZAR9
2RxcI3RnyQ24BEbJGyH7Cj12zS1cH9wSo6BgTB7Umdl41C+F1cEYjWGaCQGgxbRq
cxS1/Cjrz+qy/Mk6FGefBkHwCMMeeq0hFU/XRKOJyKVmb9VkKq1ixxWgKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0J+9CurCjdO0S2m+K3c9g3/gjUMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvN1FuNzBLNnNLTjA3UkxhYjRyZHoyRGYtQ05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw43MA0G
CSqGSIb3DQEBCwUAA4IBAQBxUrjaM0ZjbFWW9rJfq+8/zakfV3CGPrGCnzD1w276
dF8tBXkarqECs+XBiIw0p+8yCz7yCvXV050ryvlHbTuD46AKShgi3GQtaMDYWnjD
yJ08w0a+RFMqyQGWML7CmxkYnevLPSKwHgOI+mqeOTuLq7gqoA0W3z8/z3KrsSAD
uhXQAhYS1aW9OewVVmQdXWn98lNWY5BQY2uwLqsSXw1Dur/uK4qTnOC21gpeeSxn
kKqWf9p6F8c0HCvcxhOJhfBZr1M62xGAX6y29+qx4la4DP2WtjZ64oMxwjWc/hZi
Ae4H4E0xHgK+h76ltdhQJAdFJeanKUVJVxdpPVu4smgz
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org