Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/QcYGkUZQy1qA6g_5B02vFTvPF0Y.roa
File: QcYGkUZQy1qA6g_5B02vFTvPF0Y.roa (raw, json)
Hash identifier: Dpc9owQam5QRzvUv5gtycFjm/ejDcxRmcYrwHR0hX0c=
Subject key identifier: 41:C6:06:91:46:50:CB:5A:80:EA:0F:F9:07:4D:AF:15:3B:CF:17:46
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C278FDEA66A979DD821026C96808
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/QcYGkUZQy1qA6g_5B02vFTvPF0Y.roa
Signing time: Tue 02 Jan 2024 02:31:13 +0000
ROA not before: Tue 02 Jan 2024 02:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 188.214.141.0/24 maxlen: 24
31.14.20.0/24 maxlen: 24
188.241.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c2:78:fd:ea:66:a9:79:dd:82:10:26:c9:68:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c606914650cb5a80ea0ff9074daf153bcf1746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:59:f5:cd:b7:75:c7:bb:ba:d6:5d:1e:05:
fa:bb:25:ea:31:b9:3d:5f:21:91:2d:03:45:e2:8e:
ae:20:9a:20:36:50:cf:65:e1:6f:a4:8f:41:b6:2a:
d9:89:94:dc:c7:77:2f:46:ff:e4:77:31:ed:9b:0e:
c8:38:5b:68:83:79:75:8f:54:20:ab:b6:ea:6d:b0:
ae:e7:7d:6a:52:32:9a:be:59:5c:45:82:fe:e6:70:
4c:25:4c:48:5b:88:a6:56:5a:bd:cd:0a:81:4c:81:
08:14:85:68:cd:47:f5:38:89:ea:67:94:24:db:23:
5f:e2:e2:a9:a9:13:7b:b8:9c:23:7d:da:53:af:00:
89:47:70:36:cc:8c:72:44:0a:25:d8:19:fd:5d:f4:
61:08:d6:30:0f:d3:5e:1b:14:21:55:8a:25:82:ce:
01:88:0c:ac:59:74:26:3e:58:d8:8b:4d:4d:4e:be:
e0:07:4d:13:bb:7d:87:ae:3f:70:6f:5a:b8:db:05:
39:49:bb:19:5d:fb:17:c8:18:45:4f:ac:01:10:da:
fb:62:4b:fc:1e:ff:7e:67:de:5f:94:b2:1b:27:52:
aa:3a:93:6c:da:26:17:02:e0:72:61:6a:d9:5b:11:
3c:8f:9f:7c:45:2d:13:25:77:99:6b:8f:3c:f6:16:
95:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C6:06:91:46:50:CB:5A:80:EA:0F:F9:07:4D:AF:15:3B:CF:17:46
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/QcYGkUZQy1qA6g_5B02vFTvPF0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.20.0/24
188.214.141.0/24
188.241.7.0/24
Signature Algorithm: sha256WithRSAEncryption
82:61:cf:69:2d:93:f4:fa:05:35:95:d5:db:e5:0a:0b:b1:d6:
50:9d:71:da:4c:e6:79:87:84:b0:86:94:7c:5c:57:cd:d6:d4:
c0:b7:21:7b:50:6a:fc:e1:af:00:21:03:ce:08:80:75:a1:41:
07:6c:55:52:d8:21:1e:04:21:ba:c5:fb:0f:74:cf:fc:99:2a:
82:9d:03:5b:0f:b8:48:73:ea:f0:cb:e3:82:d4:f0:b2:cf:05:
f9:70:2b:12:d5:72:13:97:b6:85:ae:d3:8a:b7:b2:5e:72:15:
e8:d8:48:e0:8d:ef:d9:1f:98:fc:73:27:07:3f:40:c7:ab:8e:
5c:1b:62:2a:e5:5e:24:5f:03:bd:c6:c5:83:3c:3c:e8:13:99:
a9:06:1b:a5:04:70:e7:d7:60:1d:fb:4e:1a:18:82:35:82:86:
4c:db:56:fd:9d:83:29:39:9c:cf:15:59:90:a0:cd:21:14:52:
5c:a8:54:f9:55:00:c5:5d:1a:2d:1d:6e:74:9c:6b:bc:aa:6d:
47:7c:24:06:7a:40:6b:d9:72:75:98:a7:86:b2:3d:ae:4f:77:
9a:f3:33:ba:17:9a:d3:f0:5c:46:6e:38:34:36:74:3b:3c:79:
3c:34:08:24:78:77:c4:5e:da:d5:ae:05:06:d8:f2:0c:fe:e2:
e8:df:7d:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAsJ4/epmqXndghAmyWgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM2MDY5MTQ2NTBjYjVhODBlYTBmZjkwNzRkYWYxNTNiY2YxNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDFZ9c23dce7utZdHgX6uyXqMbk9
XyGRLQNF4o6uIJogNlDPZeFvpI9BtirZiZTcx3cvRv/kdzHtmw7IOFtog3l1j1Qg
q7bqbbCu531qUjKavllcRYL+5nBMJUxIW4imVlq9zQqBTIEIFIVozUf1OInqZ5Qk
2yNf4uKpqRN7uJwjfdpTrwCJR3A2zIxyRAol2Bn9XfRhCNYwD9NeGxQhVYolgs4B
iAysWXQmPljYi01NTr7gB00Tu32Hrj9wb1q42wU5SbsZXfsXyBhFT6wBENr7Ykv8
Hv9+Z95flLIbJ1KqOpNs2iYXAuByYWrZWxE8j598RS0TJXeZa4889haVKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEHGBpFGUMtagOoP+QdNrxU7zxdGMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvUWNZR2tVWlF5MXFBNmdfNUIwMnZGVHZQRjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHw4UAwQA
vNaNAwQAvPEHMA0GCSqGSIb3DQEBCwUAA4IBAQCCYc9pLZP0+gU1ldXb5QoLsdZQ
nXHaTOZ5h4SwhpR8XFfN1tTAtyF7UGr84a8AIQPOCIB1oUEHbFVS2CEeBCG6xfsP
dM/8mSqCnQNbD7hIc+rwy+OC1PCyzwX5cCsS1XITl7aFrtOKt7JechXo2Ejgje/Z
H5j8cycHP0DHq45cG2Iq5V4kXwO9xsWDPDzoE5mpBhulBHDn12Ad+04aGII1goZM
21b9nYMpOZzPFVmQoM0hFFJcqFT5VQDFXRotHW50nGu8qm1HfCQGekBr2XJ1mKeG
sj2uT3ea8zO6F5rT8FxGbjg0NnQ7PHk8NAgkeHfEXtrVrgUG2PIM/uLo331g
-----END CERTIFICATE-----
Generated at Mon May 20 16:16:51 2024 by rpki-client on console-fra.rpki-client.org