Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/qh_78Z8T-0tCBmCXyHRnTig-fXk.roa
File: qh_78Z8T-0tCBmCXyHRnTig-fXk.roa (raw, json)
Hash identifier: D50TJVZs4p+oPZgQ3m83Z9RVfgzTw4Y105WFzT7kphw=
Subject key identifier: AA:1F:FB:F1:9F:13:FB:4B:42:06:60:97:C8:74:67:4E:28:3E:7D:79
Certificate issuer: /CN=cf14fce9b19a5eea532e17d83da8c1dcd1de18c0
Certificate serial: 019053EC42940D0E6078DA4FA7A9710FA150
Authority key identifier: CF:14:FC:E9:B1:9A:5E:EA:53:2E:17:D8:3D:A8:C1:DC:D1:DE:18:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxT86bGaXupTLhfYPajB3NHeGMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/qh_78Z8T-0tCBmCXyHRnTig-fXk.roa
Signing time: Wed 26 Jun 2024 09:41:50 +0000
ROA not before: Wed 26 Jun 2024 09:41:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 193.219.118.0/24 maxlen: 24
2001:67c:788::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/zxT86bGaXupTLhfYPajB3NHeGMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/zxT86bGaXupTLhfYPajB3NHeGMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zxT86bGaXupTLhfYPajB3NHeGMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:ec:42:94:0d:0e:60:78:da:4f:a7:a9:71:0f:a1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf14fce9b19a5eea532e17d83da8c1dcd1de18c0
Validity
Not Before: Jun 26 09:41:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa1ffbf19f13fb4b42066097c874674e283e7d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bd:8d:3a:21:23:64:81:0b:c9:e4:b6:e0:84:
50:4c:59:97:cf:ee:a1:27:e5:5c:74:5e:9d:6c:99:
f6:fb:5e:3e:d8:90:f2:92:96:f6:30:b8:74:8c:12:
55:a5:e4:db:81:7e:80:85:61:67:ef:31:5c:54:be:
5c:3c:fc:6f:fb:19:63:c5:5a:1c:de:fe:3f:45:ad:
84:53:1c:61:0e:71:74:b8:f4:cd:6f:37:97:ab:75:
ce:a2:5d:09:14:0b:78:ab:34:26:d7:5b:12:3c:87:
d1:2b:ed:04:29:a7:86:a5:0c:d1:25:c1:33:70:d4:
86:1b:59:a7:65:f1:ac:c0:b2:08:6e:13:44:33:36:
86:14:d1:cb:2c:bf:03:75:3c:7c:ff:c1:b4:1d:0a:
18:75:73:d6:8d:b6:79:ee:5c:aa:b4:65:18:20:75:
a8:66:5c:79:75:84:d7:49:70:5c:25:8b:aa:11:4d:
3d:b6:b6:ab:07:1f:12:3f:53:dd:e8:06:8a:aa:c4:
e0:49:2c:0e:76:cb:29:a1:22:08:d2:9e:4d:99:24:
d9:a2:a4:ee:f3:50:08:01:8a:28:1d:6f:68:74:fb:
b1:d9:29:81:8d:e0:06:cc:c7:11:65:c9:fb:c5:0e:
ef:56:3c:3b:85:48:3b:2d:09:d8:d3:24:67:e9:8d:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:FB:F1:9F:13:FB:4B:42:06:60:97:C8:74:67:4E:28:3E:7D:79
X509v3 Authority Key Identifier:
keyid:CF:14:FC:E9:B1:9A:5E:EA:53:2E:17:D8:3D:A8:C1:DC:D1:DE:18:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxT86bGaXupTLhfYPajB3NHeGMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/qh_78Z8T-0tCBmCXyHRnTig-fXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ad3ae5-ce2a-485f-aab3-59c1087e4856/1/zxT86bGaXupTLhfYPajB3NHeGMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.118.0/24
IPv6:
2001:67c:788::/48
Signature Algorithm: sha256WithRSAEncryption
5d:b1:43:d6:7c:79:55:1a:f4:97:2d:f9:eb:61:49:cd:36:d5:
cb:83:03:52:da:86:5a:84:3e:a1:0c:17:53:fc:42:95:c0:5f:
f3:ef:5e:6f:07:20:54:88:51:8c:d7:fe:e0:c9:e7:94:7f:71:
2c:bf:3a:82:4c:2f:1b:b2:44:dd:de:19:44:a0:4d:99:52:3e:
0c:1f:51:6c:2f:ee:a7:51:ec:a4:0a:df:ce:6f:fd:8b:b0:0e:
84:8b:2f:50:25:f6:b4:41:2e:b8:de:31:d7:5a:2a:0f:c6:92:
73:b9:9f:ce:81:46:cd:f4:07:78:2e:40:e7:e5:6d:9d:aa:56:
54:18:18:00:43:ee:be:fd:7b:27:30:1f:99:2d:0c:93:90:cb:
c9:51:4e:18:57:fa:5c:c5:c2:64:39:83:4d:39:a7:52:b6:9d:
71:81:ed:54:b9:68:51:86:a8:96:f7:b8:75:d1:c1:c0:70:39:
ed:f3:0d:cd:25:b8:be:c8:9e:1a:5a:15:df:62:6e:fb:d2:80:
31:e9:6f:c7:48:0b:e7:6c:40:38:63:0e:47:e6:04:4d:d7:3f:
92:50:fa:32:f5:58:df:f0:e5:75:02:76:88:e3:0f:af:40:a7:
03:d1:47:12:76:fa:35:0b:b6:94:80:80:d0:21:ef:3a:b9:60:
ae:ba:a5:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBT7EKUDQ5geNpPp6lxD6FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTRmY2U5YjE5YTVlZWE1MzJlMTdkODNkYThjMWRjZDFk
ZTE4YzAwHhcNMjQwNjI2MDk0MTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFmZmJmMTlmMTNmYjRiNDIwNjYwOTdjODc0Njc0ZTI4M2U3ZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b2NOiEjZIELyeS24IRQTFmXz+6h
J+VcdF6dbJn2+14+2JDykpb2MLh0jBJVpeTbgX6AhWFn7zFcVL5cPPxv+xljxVoc
3v4/Ra2EUxxhDnF0uPTNbzeXq3XOol0JFAt4qzQm11sSPIfRK+0EKaeGpQzRJcEz
cNSGG1mnZfGswLIIbhNEMzaGFNHLLL8DdTx8/8G0HQoYdXPWjbZ57lyqtGUYIHWo
Zlx5dYTXSXBcJYuqEU09trarBx8SP1Pd6AaKqsTgSSwOdsspoSII0p5NmSTZoqTu
81AIAYooHW9odPux2SmBjeAGzMcRZcn7xQ7vVjw7hUg7LQnY0yRn6Y1XGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKof+/GfE/tLQgZgl8h0Z04oPn15MB8GA1UdIwQY
MBaAFM8U/Omxml7qUy4X2D2owdzR3hjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhUODZiR2FYdXBUTGhmWVBhakIzTkhlR01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hZDNhZTUtY2UyYS00ODVmLWFhYjMt
NTljMTA4N2U0ODU2LzEvcWhfNzhaOFQtMHRDQm1DWHlIUm5UaWctZlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hZDNhZTUtY2UyYS00ODVmLWFhYjMtNTljMTA4N2U0ODU2
LzEvenhUODZiR2FYdXBUTGhmWVBhakIzTkhlR01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwdt2MA8E
AgACMAkDBwAgAQZ8B4gwDQYJKoZIhvcNAQELBQADggEBAF2xQ9Z8eVUa9Jct+eth
Sc021cuDA1LahlqEPqEMF1P8QpXAX/PvXm8HIFSIUYzX/uDJ55R/cSy/OoJMLxuy
RN3eGUSgTZlSPgwfUWwv7qdR7KQK385v/YuwDoSLL1Al9rRBLrjeMddaKg/GknO5
n86BRs30B3guQOflbZ2qVlQYGABD7r79eycwH5ktDJOQy8lRThhX+lzFwmQ5g005
p1K2nXGB7VS5aFGGqJb3uHXRwcBwOe3zDc0luL7InhpaFd9ibvvSgDHpb8dIC+ds
QDhjDkfmBE3XP5JQ+jL1WN/w5XUCdojjD69ApwPRRxJ2+jULtpSAgNAh7zq5YK66
pTU=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:59:36 2024 by rpki-client on console-fra.rpki-client.org