Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/QEI21wgd6CGqV3wRnK_DeDNJa38.roa
File: QEI21wgd6CGqV3wRnK_DeDNJa38.roa (raw, json)
Hash identifier: J7n7b21iQixdjZbFjgvYBjJg0SMcswX+2qRZt9hfTvU=
Subject key identifier: 40:42:36:D7:08:1D:E8:21:AA:57:7C:11:9C:AF:C3:78:33:49:6B:7F
Certificate issuer: /CN=7b6d28404044239ef58242f210e0b16667eb40d0
Certificate serial: 018CC493326B3205388AC2E5E3F1BB6D1E94
Authority key identifier: 7B:6D:28:40:40:44:23:9E:F5:82:42:F2:10:E0:B1:66:67:EB:40:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e20oQEBEI571gkLyEOCxZmfrQNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/QEI21wgd6CGqV3wRnK_DeDNJa38.roa
Signing time: Mon 01 Jan 2024 10:30:30 +0000
ROA not before: Mon 01 Jan 2024 10:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 193.5.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/e20oQEBEI571gkLyEOCxZmfrQNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/e20oQEBEI571gkLyEOCxZmfrQNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/e20oQEBEI571gkLyEOCxZmfrQNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:32:6b:32:05:38:8a:c2:e5:e3:f1:bb:6d:1e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b6d28404044239ef58242f210e0b16667eb40d0
Validity
Not Before: Jan 1 10:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404236d7081de821aa577c119cafc37833496b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0a:8f:b3:c9:26:94:83:44:ce:3d:8f:5d:76:
04:e4:4a:9c:94:0b:11:72:dc:23:5a:1d:5c:e4:47:
dd:1d:cb:25:a5:87:ce:1b:2d:13:b7:d8:8e:c7:c2:
3e:fc:42:c8:2b:c2:79:82:5d:fd:5e:2b:f5:b0:c6:
8f:ed:85:59:d7:c2:57:1a:cd:26:c7:ab:a9:36:0e:
ca:03:c6:0c:c8:cd:86:b8:21:0d:e9:ce:dc:d0:be:
fe:ac:d6:b9:4e:a5:33:38:77:d4:1c:7e:df:89:9b:
a6:a1:ff:42:e6:6b:5a:5f:ec:3b:dd:09:0e:a9:b7:
b6:94:28:60:17:cb:87:df:ee:c3:d8:8e:2d:d9:ae:
f7:0b:9e:6c:fa:1e:b8:b9:99:da:b3:7c:42:75:c5:
ea:44:cf:72:b6:c7:4b:89:cd:b7:c9:cf:fb:20:c4:
79:a9:90:10:08:d3:94:01:e2:e7:b5:47:f8:ec:ff:
7b:65:62:32:4b:d4:af:cd:e0:68:82:ab:84:58:c4:
81:0c:a2:b1:cc:f1:30:59:30:95:9a:3c:c4:32:08:
11:50:2d:c2:da:9f:f8:f5:03:f8:90:3b:13:8d:24:
e7:6d:6d:1d:87:60:f3:a6:ea:f1:86:82:a0:d5:41:
3f:05:33:36:63:a3:07:5b:88:22:43:fc:f8:bd:f9:
2a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:42:36:D7:08:1D:E8:21:AA:57:7C:11:9C:AF:C3:78:33:49:6B:7F
X509v3 Authority Key Identifier:
keyid:7B:6D:28:40:40:44:23:9E:F5:82:42:F2:10:E0:B1:66:67:EB:40:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e20oQEBEI571gkLyEOCxZmfrQNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/QEI21wgd6CGqV3wRnK_DeDNJa38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c3289f-76e9-4893-9cd1-a65fbd830358/1/e20oQEBEI571gkLyEOCxZmfrQNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.53.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ac:e6:8c:9b:a8:56:c7:3a:83:42:83:82:a0:44:f0:e1:fb:
54:c3:75:25:06:3e:2e:7b:60:fa:11:74:90:e8:50:5a:9d:b7:
a9:b2:26:3d:14:c3:fe:f2:9b:3c:22:a3:30:19:47:b1:93:d4:
d7:d0:c1:3d:86:f7:1d:e3:63:ef:98:71:74:7c:72:bc:8c:15:
9a:a4:65:1b:b5:65:ab:2d:0f:39:99:48:11:12:90:62:06:08:
ae:1d:9a:b2:41:34:9d:08:c7:95:bf:b7:d9:7b:17:13:e0:84:
e3:44:54:7e:50:52:28:0e:61:4c:23:53:d3:10:b0:c5:c2:84:
23:0e:99:e1:7f:fb:83:82:94:ca:aa:11:e0:1e:6e:cf:64:3d:
34:ab:15:0a:e5:97:0c:b7:96:71:7c:ee:62:2c:a7:ec:5d:81:
c6:a5:a2:3e:05:3e:bb:86:fe:60:d1:4a:84:05:f6:b0:7c:fb:
8f:b3:fc:d7:11:cf:07:ba:46:26:db:bf:88:88:7f:39:7c:56:
c4:47:94:17:ff:56:76:a0:0d:10:ac:67:e0:6c:95:31:aa:a9:
bb:65:a7:2a:b1:84:bc:38:f2:99:a9:56:a1:03:f6:11:9c:bf:
a1:2e:6e:33:0e:cd:1b:1a:88:aa:44:a1:91:f4:a1:2b:38:45:
df:1d:fc:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzJrMgU4isLl4/G7bR6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNmQyODQwNDA0NDIzOWVmNTgyNDJmMjEwZTBiMTY2Njdl
YjQwZDAwHhcNMjQwMTAxMTAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQyMzZkNzA4MWRlODIxYWE1NzdjMTE5Y2FmYzM3ODMzNDk2YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAqPs8kmlINEzj2PXXYE5EqclAsR
ctwjWh1c5EfdHcslpYfOGy0Tt9iOx8I+/ELIK8J5gl39Xiv1sMaP7YVZ18JXGs0m
x6upNg7KA8YMyM2GuCEN6c7c0L7+rNa5TqUzOHfUHH7fiZumof9C5mtaX+w73QkO
qbe2lChgF8uH3+7D2I4t2a73C55s+h64uZnas3xCdcXqRM9ytsdLic23yc/7IMR5
qZAQCNOUAeLntUf47P97ZWIyS9SvzeBogquEWMSBDKKxzPEwWTCVmjzEMggRUC3C
2p/49QP4kDsTjSTnbW0dh2DzpurxhoKg1UE/BTM2Y6MHW4giQ/z4vfkq0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBCNtcIHeghqld8EZyvw3gzSWt/MB8GA1UdIwQY
MBaAFHttKEBARCOe9YJC8hDgsWZn60DQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTIwb1FFQkVJNTcxZ2tMeUVPQ3habWZyUU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMzI4OWYtNzZlOS00ODkzLTljZDEt
YTY1ZmJkODMwMzU4LzEvUUVJMjF3Z2Q2Q0dxVjN3Um5LX0RlRE5KYTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMzI4OWYtNzZlOS00ODkzLTljZDEtYTY1ZmJkODMwMzU4
LzEvZTIwb1FFQkVJNTcxZ2tMeUVPQ3habWZyUU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQU1MA0G
CSqGSIb3DQEBCwUAA4IBAQA/rOaMm6hWxzqDQoOCoETw4ftUw3UlBj4ue2D6EXSQ
6FBanbepsiY9FMP+8ps8IqMwGUexk9TX0ME9hvcd42PvmHF0fHK8jBWapGUbtWWr
LQ85mUgREpBiBgiuHZqyQTSdCMeVv7fZexcT4ITjRFR+UFIoDmFMI1PTELDFwoQj
Dpnhf/uDgpTKqhHgHm7PZD00qxUK5ZcMt5ZxfO5iLKfsXYHGpaI+BT67hv5g0UqE
BfawfPuPs/zXEc8HukYm27+IiH85fFbER5QX/1Z2oA0QrGfgbJUxqqm7ZacqsYS8
OPKZqVahA/YRnL+hLm4zDs0bGoiqRKGR9KErOEXfHfxk
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:30:59 2024 by rpki-client on console-fra.rpki-client.org