Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/QvXT26CBJOhY9PU5-s5Xj_qplxM.roa
File: QvXT26CBJOhY9PU5-s5Xj_qplxM.roa (raw, json)
Hash identifier: Sdh7mNsaPf//sOTtuyFGrPyb/X5NNTEMxSwwRJU5DTQ=
Subject key identifier: 42:F5:D3:DB:A0:81:24:E8:58:F4:F5:39:FA:CE:57:8F:FA:A9:97:13
Certificate issuer: /CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Certificate serial: 018CC49382ABC2EB687BA451E6865743D1C6
Authority key identifier: 91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/QvXT26CBJOhY9PU5-s5Xj_qplxM.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204732
IP address blocks: 185.242.70.0/24 maxlen: 24
185.242.70.0/23 maxlen: 23
185.242.68.0/23 maxlen: 23
185.242.68.0/24 maxlen: 24
185.242.68.0/22 maxlen: 22
185.242.71.0/24 maxlen: 24
185.242.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:82:ab:c2:eb:68:7b:a4:51:e6:86:57:43:d1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42f5d3dba08124e858f4f539face578ffaa99713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ac:3e:fc:19:ec:b1:97:20:b1:a7:12:09:b0:
43:86:29:fb:5c:e0:84:dd:d2:25:73:9f:33:6f:52:
95:17:71:e8:d7:7b:5f:c3:84:ce:f3:9c:48:b9:a9:
c6:82:1c:b6:f2:88:fd:9f:36:7a:ed:4d:13:b3:f7:
20:2f:34:26:95:d3:89:db:f9:e8:f0:be:55:e2:56:
fc:5c:7b:89:3e:12:91:f6:05:2b:a1:cd:ce:d8:c8:
a8:ee:e6:5e:2c:b3:ff:81:32:56:14:b3:81:dd:5b:
a5:2e:a9:6b:6a:8b:fb:64:5e:c9:98:58:31:47:3e:
04:12:4a:f6:53:a0:a1:61:10:02:9f:08:4d:df:fb:
ae:59:b0:3d:75:8d:aa:58:90:25:df:d8:f8:a1:13:
3f:85:43:f0:c3:21:73:4e:40:fd:76:ea:cd:9b:e6:
f0:1a:63:7e:ad:9f:44:5b:9e:c8:5a:e8:69:1a:ad:
4e:40:e4:1e:cb:57:be:d2:ac:17:92:11:4b:9f:3f:
15:8f:f7:c3:2f:03:81:82:45:44:f5:29:12:3e:64:
42:b7:1b:65:b7:cc:9f:ef:73:93:8f:5e:e1:64:e8:
5a:17:68:9d:b6:27:ff:16:d6:b4:24:d7:7e:3a:44:
80:37:f6:a9:43:89:ab:11:e0:01:58:c6:d0:85:18:
8a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F5:D3:DB:A0:81:24:E8:58:F4:F5:39:FA:CE:57:8F:FA:A9:97:13
X509v3 Authority Key Identifier:
keyid:91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/QvXT26CBJOhY9PU5-s5Xj_qplxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.68.0/22
Signature Algorithm: sha256WithRSAEncryption
62:63:20:5d:8d:f3:fe:61:4c:dd:77:54:7d:b1:58:e9:29:eb:
d3:4b:9b:60:fb:a0:bb:c7:17:91:49:8c:91:1b:02:7e:ee:9e:
2f:46:97:d3:80:13:14:3b:e7:af:7a:e4:ae:50:b2:ec:88:df:
8f:42:cf:02:d8:f8:66:1b:34:15:10:03:c7:70:51:26:62:28:
cf:f1:56:75:3e:ae:fe:fe:4d:f0:ac:05:bf:f8:b6:4f:39:b0:
94:d0:3e:a5:55:1e:fd:86:82:e8:0e:68:71:e9:45:b2:52:0e:
55:0c:ec:5c:a6:90:0f:55:0d:15:5c:7b:1c:a2:85:ba:76:7b:
a8:d8:a3:06:00:48:b5:b6:a2:9a:81:d9:c8:2e:2e:58:c2:08:
85:35:5f:73:d5:d5:6d:86:7b:e3:95:0d:44:92:db:b9:f9:47:
ad:e7:e5:e6:a6:55:18:88:72:ca:d9:51:da:2b:e2:51:c6:ac:
1b:9f:40:3d:64:d1:bb:6c:59:66:3c:1f:ed:a0:b4:12:9b:70:
ae:e2:eb:90:b0:4d:0b:53:94:72:6f:a6:86:a8:3b:a0:17:80:
36:96:7b:29:1b:2c:4e:c6:a3:d2:56:10:dd:51:74:9d:b2:68:
d9:9d:93:b9:15:55:bd:8d:a0:d6:a1:a4:03:c7:75:ef:a0:dd:
2a:74:7f:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4Krwutoe6RR5oZXQ9HGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZTZkMzI0MjI1N2IyOTY1YjYyNzhmZjhjMTdlMTZmZjNm
MDhiMjEwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY1ZDNkYmEwODEyNGU4NThmNGY1MzlmYWNlNTc4ZmZhYTk5NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaw+/BnssZcgsacSCbBDhin7XOCE
3dIlc58zb1KVF3Ho13tfw4TO85xIuanGghy28oj9nzZ67U0Ts/cgLzQmldOJ2/no
8L5V4lb8XHuJPhKR9gUroc3O2Mio7uZeLLP/gTJWFLOB3VulLqlraov7ZF7JmFgx
Rz4EEkr2U6ChYRACnwhN3/uuWbA9dY2qWJAl39j4oRM/hUPwwyFzTkD9durNm+bw
GmN+rZ9EW57IWuhpGq1OQOQey1e+0qwXkhFLnz8Vj/fDLwOBgkVE9SkSPmRCtxtl
t8yf73OTj17hZOhaF2idtif/Fta0JNd+OkSAN/apQ4mrEeABWMbQhRiKpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEL109uggSToWPT1OfrOV4/6qZcTMB8GA1UdIwQY
MBaAFJHm0yQiV7KWW2J4/4wX4W/z8IshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4Njct
N2U3NGE2YTk4ZWNkLzEvUXZYVDI2Q0JKT2hZOVBVNS1zNVhqX3FwbHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4NjctN2U3NGE2YTk4ZWNk
LzEva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJEMA0G
CSqGSIb3DQEBCwUAA4IBAQBiYyBdjfP+YUzdd1R9sVjpKevTS5tg+6C7xxeRSYyR
GwJ+7p4vRpfTgBMUO+eveuSuULLsiN+PQs8C2PhmGzQVEAPHcFEmYijP8VZ1Pq7+
/k3wrAW/+LZPObCU0D6lVR79hoLoDmhx6UWyUg5VDOxcppAPVQ0VXHscooW6dnuo
2KMGAEi1tqKagdnILi5YwgiFNV9z1dVthnvjlQ1Ektu5+Uet5+XmplUYiHLK2VHa
K+JRxqwbn0A9ZNG7bFlmPB/toLQSm3Cu4uuQsE0LU5Ryb6aGqDugF4A2lnspGyxO
xqPSVhDdUXSdsmjZnZO5FVW9jaDWoaQDx3XvoN0qdH85
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:36 2024 by rpki-client on console-ams.rpki-client.org