Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/qPAY_HSenfLnLArZ1Wp6tkYlx4Q.roa
File: qPAY_HSenfLnLArZ1Wp6tkYlx4Q.roa (raw, json)
Hash identifier: C8S5a7XhZCezXDngpv/yOJWrQfaLqGP4KVogw88t+L4=
Subject key identifier: A8:F0:18:FC:74:9E:9D:F2:E7:2C:0A:D9:D5:6A:7A:B6:46:25:C7:84
Certificate issuer: /CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Certificate serial: 018F099D8284479A200602B59976E972EABF
Authority key identifier: 20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/qPAY_HSenfLnLArZ1Wp6tkYlx4Q.roa
Signing time: Tue 23 Apr 2024 06:21:08 +0000
ROA not before: Tue 23 Apr 2024 06:21:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201434
IP address blocks: 91.194.138.0/24 maxlen: 24
185.75.36.0/22 maxlen: 22
193.29.207.0/24 maxlen: 24
194.126.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:9d:82:84:47:9a:20:06:02:b5:99:76:e9:72:ea:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2091a77f7c424e9127398473bfa3a2b9727ebb45
Validity
Not Before: Apr 23 06:21:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8f018fc749e9df2e72c0ad9d56a7ab64625c784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ba:0c:5a:f3:5c:d5:da:5f:8f:74:c3:9d:05:
e9:15:1c:4e:54:fc:f1:dd:2c:91:e3:32:a4:7b:12:
85:1f:c0:de:08:11:d3:dd:c2:43:9c:2f:f8:5b:0d:
64:a5:a2:93:e8:1c:de:31:85:41:a3:8f:dc:56:1c:
d2:7e:98:e5:d5:5e:33:f8:1c:d5:ca:a8:91:67:6b:
a6:10:f0:63:61:19:0f:63:82:82:10:46:5f:ad:30:
cc:f0:cb:ea:f1:ba:8b:3b:5c:f6:ab:42:1c:bb:25:
04:c5:32:dd:d1:d3:f3:c5:ce:d4:16:60:3e:87:fc:
db:36:b3:53:e5:b9:39:d5:a0:5b:86:8f:4c:e4:2e:
74:2d:7d:d3:4b:df:28:30:0f:a4:9d:c5:c6:cd:9a:
49:de:e8:e2:7c:5e:f1:69:a3:a3:88:1e:a0:e2:79:
7f:29:11:7b:fe:d9:e4:a4:ab:7e:ed:5e:de:69:40:
52:58:a2:da:4d:fe:c5:34:1b:70:09:11:1f:0a:cc:
0c:de:e9:a2:ab:4d:23:0e:b4:a8:a2:8f:c4:b6:8a:
89:f6:63:40:dd:70:6a:8a:2e:dd:4c:4d:7a:69:d8:
09:0a:92:e0:bd:a1:4e:0e:f5:61:ca:33:15:ec:56:
ce:77:7a:5e:ec:29:cf:d9:37:8b:06:7a:de:b8:19:
5e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F0:18:FC:74:9E:9D:F2:E7:2C:0A:D9:D5:6A:7A:B6:46:25:C7:84
X509v3 Authority Key Identifier:
keyid:20:91:A7:7F:7C:42:4E:91:27:39:84:73:BF:A3:A2:B9:72:7E:BB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/qPAY_HSenfLnLArZ1Wp6tkYlx4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06b317-9114-426b-9983-9a229780e0be/1/IJGnf3xCTpEnOYRzv6OiuXJ-u0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.138.0/24
185.75.36.0/22
193.29.207.0/24
194.126.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ea:0f:e8:7c:5e:af:6e:6e:68:b6:1c:08:39:fd:8d:d2:53:
2e:0d:52:65:4c:2f:58:6f:c1:64:fc:1c:f9:35:c1:b7:69:d6:
c7:89:c0:94:c0:45:a0:02:41:63:33:0a:06:15:61:71:ff:ca:
08:cd:82:ff:d4:5f:a9:57:58:28:23:cd:04:13:88:0c:5e:aa:
26:e4:49:56:18:58:e2:f9:fc:56:35:64:56:63:d6:ed:ce:ac:
c7:04:f7:8e:1c:d9:8f:5c:68:73:c4:0e:c6:29:11:8b:d2:e6:
5f:07:3c:df:e0:f8:3d:23:ae:ff:54:c8:76:c2:81:4c:ed:22:
4e:28:af:f1:b1:ad:ac:bc:c3:1b:85:8e:2b:2f:58:4c:b7:60:
d0:bc:20:1b:92:d4:d2:4c:ad:9a:92:78:5b:4e:07:fc:a9:94:
f9:f7:7e:8a:97:aa:ee:e2:3b:b8:af:ac:92:b5:cc:66:23:ab:
ab:c5:b1:5b:78:8e:eb:34:a2:34:20:42:4c:34:16:26:c0:85:
ba:af:06:a4:90:68:74:3f:b8:f0:d8:6d:3f:12:d5:bc:30:dc:
21:4b:91:e2:01:ca:af:2f:bb:06:b1:2b:e3:bc:db:ff:08:7b:
ef:1b:aa:93:77:6f:33:ac:d5:3d:db:83:a2:88:2e:ab:0b:ba:
d2:c2:4c:b9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8JnYKER5ogBgK1mXbpcuq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOTFhNzdmN2M0MjRlOTEyNzM5ODQ3M2JmYTNhMmI5NzI3
ZWJiNDUwHhcNMjQwNDIzMDYyMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGYwMThmYzc0OWU5ZGYyZTcyYzBhZDlkNTZhN2FiNjQ2MjVjNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwroMWvNc1dpfj3TDnQXpFRxOVPzx
3SyR4zKkexKFH8DeCBHT3cJDnC/4Ww1kpaKT6BzeMYVBo4/cVhzSfpjl1V4z+BzV
yqiRZ2umEPBjYRkPY4KCEEZfrTDM8Mvq8bqLO1z2q0IcuyUExTLd0dPzxc7UFmA+
h/zbNrNT5bk51aBbho9M5C50LX3TS98oMA+kncXGzZpJ3ujifF7xaaOjiB6g4nl/
KRF7/tnkpKt+7V7eaUBSWKLaTf7FNBtwCREfCswM3umiq00jDrSooo/EtoqJ9mNA
3XBqii7dTE16adgJCpLgvaFODvVhyjMV7FbOd3pe7CnP2TeLBnreuBle3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKjwGPx0np3y5ywK2dVqerZGJceEMB8GA1UdIwQY
MBaAFCCRp398Qk6RJzmEc7+jorlyfrtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMt
OWEyMjk3ODBlMGJlLzEvcVBBWV9IU2VuZkxuTEFyWjFXcDZ0a1lseDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNmIzMTctOTExNC00MjZiLTk5ODMtOWEyMjk3ODBlMGJl
LzEvSUpHbmYzeENUcEVuT1lSenY2T2l1WEotdTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8KKAwQC
uUskAwQAwR3PAwQAwn7uMA0GCSqGSIb3DQEBCwUAA4IBAQB96g/ofF6vbm5othwI
Of2N0lMuDVJlTC9Yb8Fk/Bz5NcG3adbHicCUwEWgAkFjMwoGFWFx/8oIzYL/1F+p
V1goI80EE4gMXqom5ElWGFji+fxWNWRWY9btzqzHBPeOHNmPXGhzxA7GKRGL0uZf
Bzzf4Pg9I67/VMh2woFM7SJOKK/xsa2svMMbhY4rL1hMt2DQvCAbktTSTK2aknhb
Tgf8qZT5936Kl6ru4ju4r6yStcxmI6urxbFbeI7rNKI0IEJMNBYmwIW6rwakkGh0
P7jw2G0/EtW8MNwhS5HiAcqvL7sGsSvjvNv/CHvvG6qTd28zrNU924OiiC6rC7rS
wky5
-----END CERTIFICATE-----
Generated at Tue May 21 02:15:47 2024 by rpki-client on console-fra.rpki-client.org