Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/dqiXa-_ZV52hke_US630uJBHSGI.roa
File: dqiXa-_ZV52hke_US630uJBHSGI.roa (raw, json)
Hash identifier: F9K5U7zF3pm61pfHNh8BT6LB+njv608OXqzIPhgvNM4=
Subject key identifier: 76:A8:97:6B:EF:D9:57:9D:A1:91:EF:D4:4B:AD:F4:B8:90:47:48:62
Certificate issuer: /CN=29187f811597dd03513be42f43155bc15a3a0b3f
Certificate serial: 018CC8DD20709D536FE800988EED05120874
Authority key identifier: 29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/dqiXa-_ZV52hke_US630uJBHSGI.roa
Signing time: Tue 02 Jan 2024 06:29:44 +0000
ROA not before: Tue 02 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58012
IP address blocks: 193.17.70.0/24 maxlen: 24
193.17.179.0/24 maxlen: 24
193.17.193.0/24 maxlen: 24
193.17.220.0/24 maxlen: 24
2a0f:7540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:20:70:9d:53:6f:e8:00:98:8e:ed:05:12:08:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29187f811597dd03513be42f43155bc15a3a0b3f
Validity
Not Before: Jan 2 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76a8976befd9579da191efd44badf4b890474862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:03:14:c1:8f:f5:da:3d:86:68:2a:20:90:ab:
c9:e4:63:66:fe:4b:c3:c8:a5:b8:62:57:3b:b3:e7:
d5:dd:89:e8:fa:ed:46:88:c7:1f:35:d1:49:b3:77:
76:de:b9:63:94:fb:41:da:39:41:7c:d7:87:35:04:
e6:56:bc:1a:9d:c9:b5:b7:71:90:f4:29:85:4a:bb:
0b:14:59:02:c4:12:1f:14:60:02:16:6c:e3:d0:ba:
5a:0a:ef:d7:cb:0c:71:69:fd:5f:21:fd:39:81:71:
0b:e6:71:c7:25:0a:2e:bc:93:ef:9c:92:93:d2:9c:
ad:10:f4:31:a8:f5:6a:51:7d:16:b4:c5:47:57:56:
8b:4a:a4:18:93:ef:48:d6:5f:ee:9a:c3:8d:45:8e:
6f:3a:f1:46:51:3c:6c:fe:0c:90:13:b7:bc:91:54:
45:6d:e9:b1:6c:d0:b7:83:38:3e:5c:eb:eb:0c:d7:
7d:70:63:f1:9c:6d:9a:21:93:50:13:07:fc:5a:f3:
5b:4a:96:e0:ba:f5:a6:44:76:6c:8c:7d:74:07:28:
5d:c0:29:d7:8a:ab:8b:eb:66:34:cb:97:c6:33:47:
64:ec:0d:81:66:10:32:6c:db:07:4b:31:b8:bb:f9:
d9:69:83:eb:54:59:10:b3:55:bc:ab:e2:cc:78:39:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A8:97:6B:EF:D9:57:9D:A1:91:EF:D4:4B:AD:F4:B8:90:47:48:62
X509v3 Authority Key Identifier:
keyid:29:18:7F:81:15:97:DD:03:51:3B:E4:2F:43:15:5B:C1:5A:3A:0B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/dqiXa-_ZV52hke_US630uJBHSGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8c006d-50f5-445d-b7e8-24994b040f41/1/KRh_gRWX3QNRO-QvQxVbwVo6Cz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.70.0/24
193.17.179.0/24
193.17.193.0/24
193.17.220.0/24
IPv6:
2a0f:7540::/29
Signature Algorithm: sha256WithRSAEncryption
26:7e:7a:c9:de:3a:c9:cd:70:8d:2d:a3:7c:3a:e3:3a:95:e0:
49:38:b7:66:f9:a2:64:17:19:31:dd:8c:88:92:f2:04:64:0c:
69:9a:13:ec:7d:9b:58:a4:e3:45:e5:6f:1c:04:63:5c:ae:2a:
7a:3a:cc:ac:06:9d:d3:75:4a:1a:59:ee:49:11:d4:76:ac:7f:
1d:47:e2:0c:36:be:49:39:78:f9:44:03:81:3f:4f:01:f5:87:
3a:0e:07:97:3c:88:45:0a:6c:86:87:c1:9d:87:04:4e:51:4e:
a1:37:b5:d4:4a:06:9b:11:42:e0:55:aa:37:0a:77:44:85:24:
38:68:38:ee:7a:fe:90:06:96:0f:d3:51:b3:e7:d6:8a:ce:1a:
4c:ea:b4:1c:6b:79:ba:8c:f6:0a:2e:a7:a3:c1:bb:26:81:52:
da:2b:ef:04:41:32:f3:4c:ce:23:60:dd:38:50:8e:18:9a:07:
5e:d8:a4:08:7c:ee:06:5e:f6:ea:2c:7e:24:1a:ab:50:d2:14:
7e:3c:e0:ca:6f:56:e0:68:6f:d5:19:3d:31:d5:8a:60:53:3d:
2b:bf:98:10:32:0a:ec:7b:bb:02:8c:57:f4:f1:18:90:be:9b:
01:d8:17:98:02:17:f2:4f:30:62:f4:b8:77:f6:25:f6:a5:44:
b8:a5:20:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3SBwnVNv6ACYju0FEgh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg3ZjgxMTU5N2RkMDM1MTNiZTQyZjQzMTU1YmMxNWEz
YTBiM2YwHhcNMjQwMTAyMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE4OTc2YmVmZDk1NzlkYTE5MWVmZDQ0YmFkZjRiODkwNDc0ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswMUwY/12j2GaCogkKvJ5GNm/kvD
yKW4Ylc7s+fV3Yno+u1GiMcfNdFJs3d23rljlPtB2jlBfNeHNQTmVrwancm1t3GQ
9CmFSrsLFFkCxBIfFGACFmzj0LpaCu/Xywxxaf1fIf05gXEL5nHHJQouvJPvnJKT
0pytEPQxqPVqUX0WtMVHV1aLSqQYk+9I1l/umsONRY5vOvFGUTxs/gyQE7e8kVRF
bemxbNC3gzg+XOvrDNd9cGPxnG2aIZNQEwf8WvNbSpbguvWmRHZsjH10ByhdwCnX
iquL62Y0y5fGM0dk7A2BZhAybNsHSzG4u/nZaYPrVFkQs1W8q+LMeDmzeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHaol2vv2VedoZHv1Eut9LiQR0hiMB8GA1UdIwQY
MBaAFCkYf4EVl90DUTvkL0MVW8FaOgs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgt
MjQ5OTRiMDQwZjQxLzEvZHFpWGEtX1pWNTJoa2VfVVM2MzB1SkJIU0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84YzAwNmQtNTBmNS00NDVkLWI3ZTgtMjQ5OTRiMDQwZjQx
LzEvS1JoX2dSV1gzUU5STy1RdlF4VmJ3Vm82Q3o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRFGAwQA
wRGzAwQAwRHBAwQAwRHcMA0EAgACMAcDBQMqD3VAMA0GCSqGSIb3DQEBCwUAA4IB
AQAmfnrJ3jrJzXCNLaN8OuM6leBJOLdm+aJkFxkx3YyIkvIEZAxpmhPsfZtYpONF
5W8cBGNcrip6OsysBp3TdUoaWe5JEdR2rH8dR+IMNr5JOXj5RAOBP08B9Yc6DgeX
PIhFCmyGh8GdhwROUU6hN7XUSgabEULgVao3CndEhSQ4aDjuev6QBpYP01Gz59aK
zhpM6rQca3m6jPYKLqejwbsmgVLaK+8EQTLzTM4jYN04UI4Ymgde2KQIfO4GXvbq
LH4kGqtQ0hR+PODKb1bgaG/VGT0x1YpgUz0rv5gQMgrse7sCjFf08RiQvpsB2BeY
AhfyTzBi9Lh39iX2pUS4pSCg
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:49 2024 by rpki-client on console-ams.rpki-client.org