Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/QqXhU-lBdYXqZvz-cgaHILQ3TfM.roa
File: QqXhU-lBdYXqZvz-cgaHILQ3TfM.roa (raw, json)
Hash identifier: RrHeSjBXBLUwom4vgKVa94DN9nKAtgiED+L5EfDrWOM=
Subject key identifier: 42:A5:E1:53:E9:41:75:85:EA:66:FC:FE:72:06:87:20:B4:37:4D:F3
Certificate issuer: /CN=7a88d30d3502d1dfbae930d5ea9cc9d7263e9508
Certificate serial: 0192959C27BC03706F1753E3D15C789EA6B7
Authority key identifier: 7A:88:D3:0D:35:02:D1:DF:BA:E9:30:D5:EA:9C:C9:D7:26:3E:95:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eojTDTUC0d-66TDV6pzJ1yY-lQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/QqXhU-lBdYXqZvz-cgaHILQ3TfM.roa
Signing time: Wed 16 Oct 2024 13:54:51 +0000
ROA not before: Wed 16 Oct 2024 13:54:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209590
IP address blocks: 195.248.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/eojTDTUC0d-66TDV6pzJ1yY-lQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/eojTDTUC0d-66TDV6pzJ1yY-lQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/eojTDTUC0d-66TDV6pzJ1yY-lQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:9c:27:bc:03:70:6f:17:53:e3:d1:5c:78:9e:a6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a88d30d3502d1dfbae930d5ea9cc9d7263e9508
Validity
Not Before: Oct 16 13:54:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42a5e153e9417585ea66fcfe72068720b4374df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:b2:b2:bc:6b:e7:7f:0c:1e:af:fb:b7:c0:
a6:0a:a5:c3:79:c3:2d:bf:09:da:9f:da:8f:33:a2:
0a:cc:1d:21:2f:ea:07:b2:a0:57:45:c9:21:51:ce:
44:fa:b7:a0:42:28:16:26:6a:a7:e7:8a:1c:1c:60:
7e:9a:fd:c6:9c:2e:00:65:ea:aa:58:c4:01:cb:00:
39:13:6c:b6:af:dd:9b:f9:18:79:b1:47:bd:51:88:
5e:5c:c5:45:79:81:c7:a4:08:14:ed:2b:0e:55:8d:
e4:1b:5c:79:9f:ea:78:6b:be:42:86:26:69:e5:a3:
4e:48:ad:bd:23:66:08:fc:1e:97:95:21:b6:55:06:
1c:47:b1:82:bb:4b:29:48:87:86:01:9f:c7:6f:cc:
0a:3d:79:fe:7e:93:b7:b0:9c:ff:15:cd:9b:91:17:
63:1a:0f:e3:a6:7b:6a:c9:d2:38:1b:99:66:26:25:
29:cf:10:a1:68:60:97:d2:60:64:47:60:0e:77:04:
17:c6:2f:e4:a9:53:59:ca:44:d2:70:71:f5:d7:82:
61:ca:15:e4:70:a6:be:3e:04:c9:a1:d3:5f:01:fa:
8d:aa:f3:ef:5f:5a:6b:a0:75:1b:99:46:e9:ef:2d:
fa:82:5e:0f:21:4a:f5:86:34:6a:84:fd:2e:c6:27:
e2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A5:E1:53:E9:41:75:85:EA:66:FC:FE:72:06:87:20:B4:37:4D:F3
X509v3 Authority Key Identifier:
keyid:7A:88:D3:0D:35:02:D1:DF:BA:E9:30:D5:EA:9C:C9:D7:26:3E:95:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eojTDTUC0d-66TDV6pzJ1yY-lQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/QqXhU-lBdYXqZvz-cgaHILQ3TfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/88cbd2-51ab-4cd3-8d46-0a1c13a68be4/1/eojTDTUC0d-66TDV6pzJ1yY-lQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.77.0/24
Signature Algorithm: sha256WithRSAEncryption
18:de:bc:55:96:22:a9:9e:b1:31:69:64:50:36:c7:5a:06:96:
3f:9a:57:df:fa:98:0b:7f:f9:61:7c:2e:eb:46:ac:b8:31:67:
d6:e3:be:72:23:83:60:b9:e5:03:07:b8:c0:12:45:ac:82:56:
e4:8c:63:36:37:0b:c2:a6:0e:eb:0d:c2:cf:03:0f:ed:7d:a2:
57:b5:99:0a:8e:e5:d4:4d:3e:ba:5c:88:ff:eb:46:0f:34:fb:
0d:e2:31:ba:51:42:1d:83:d2:81:8f:f6:4f:0a:ee:80:50:68:
77:ce:ac:8b:b6:5f:bd:2f:cc:c7:6f:96:98:5d:e0:bf:45:e8:
1c:30:17:4f:1b:b9:47:80:40:5a:53:e9:bd:de:a5:a7:46:f7:
bc:25:39:81:55:dd:9f:1b:61:30:e0:b9:14:f4:70:da:1a:2e:
87:53:02:72:d0:c7:2d:a8:c6:b8:d5:d9:0f:f6:c7:e4:e0:6c:
66:7a:e7:76:9b:d4:b9:1f:99:a8:f2:f2:19:1d:97:f2:5a:97:
8a:6f:f2:10:16:e4:31:c8:c7:86:b3:8e:f4:68:d3:3f:51:1f:
50:86:03:05:dc:6a:6a:75:3f:7e:ec:20:f9:3c:62:3f:f9:f4:
bc:23:eb:aa:fb:33:10:2c:5c:d8:33:2b:7d:67:40:69:dd:bc:
c2:68:06:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKVnCe8A3BvF1Pj0Vx4nqa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODhkMzBkMzUwMmQxZGZiYWU5MzBkNWVhOWNjOWQ3MjYz
ZTk1MDgwHhcNMjQxMDE2MTM1NDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE1ZTE1M2U5NDE3NTg1ZWE2NmZjZmU3MjA2ODcyMGI0Mzc0ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt72ysrxr538MHq/7t8CmCqXDecMt
vwnan9qPM6IKzB0hL+oHsqBXRckhUc5E+regQigWJmqn54ocHGB+mv3GnC4AZeqq
WMQBywA5E2y2r92b+Rh5sUe9UYheXMVFeYHHpAgU7SsOVY3kG1x5n+p4a75ChiZp
5aNOSK29I2YI/B6XlSG2VQYcR7GCu0spSIeGAZ/Hb8wKPXn+fpO3sJz/Fc2bkRdj
Gg/jpntqydI4G5lmJiUpzxChaGCX0mBkR2AOdwQXxi/kqVNZykTScHH114JhyhXk
cKa+PgTJodNfAfqNqvPvX1proHUbmUbp7y36gl4PIUr1hjRqhP0uxifinwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKl4VPpQXWF6mb8/nIGhyC0N03zMB8GA1UdIwQY
MBaAFHqI0w01AtHfuukw1eqcydcmPpUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9qVERUVUMwZC02NlREVjZwekoxeVktbFFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84OGNiZDItNTFhYi00Y2QzLThkNDYt
MGExYzEzYTY4YmU0LzEvUXFYaFUtbEJkWVhxWnZ6LWNnYUhJTFEzVGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84OGNiZDItNTFhYi00Y2QzLThkNDYtMGExYzEzYTY4YmU0
LzEvZW9qVERUVUMwZC02NlREVjZwekoxeVktbFFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/hNMA0G
CSqGSIb3DQEBCwUAA4IBAQAY3rxVliKpnrExaWRQNsdaBpY/mlff+pgLf/lhfC7r
Rqy4MWfW475yI4NgueUDB7jAEkWsglbkjGM2NwvCpg7rDcLPAw/tfaJXtZkKjuXU
TT66XIj/60YPNPsN4jG6UUIdg9KBj/ZPCu6AUGh3zqyLtl+9L8zHb5aYXeC/Regc
MBdPG7lHgEBaU+m93qWnRve8JTmBVd2fG2Ew4LkU9HDaGi6HUwJy0MctqMa41dkP
9sfk4Gxmeud2m9S5H5mo8vIZHZfyWpeKb/IQFuQxyMeGs470aNM/UR9QhgMF3Gpq
dT9+7CD5PGI/+fS8I+uq+zMQLFzYMyt9Z0Bp3bzCaAYo
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:56:40 2024 by rpki-client on console-ams.rpki-client.org