Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4-QYv6cnrGMAMZyiOazshtnhaSw.roa
File: 4-QYv6cnrGMAMZyiOazshtnhaSw.roa (raw, json)
Hash identifier: dA6S1CpNrC7LkN2xOPB+ym46vEyZybVEr8DPE70P0xo=
Subject key identifier: E3:E4:18:BF:A7:27:AC:63:00:31:9C:A2:39:AC:EC:86:D9:E1:69:2C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EE65B2C288CA5253CA436B385C53
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4-QYv6cnrGMAMZyiOazshtnhaSw.roa
Signing time: Thu 02 Jan 2025 01:48:13 +0000
ROA not before: Thu 02 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43188
IP address blocks: 85.254.156.0/23 maxlen: 23
85.254.156.0/24 maxlen: 24
85.254.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ee:65:b2:c2:88:ca:52:53:ca:43:6b:38:5c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e418bfa727ac6300319ca239acec86d9e1692c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:cd:10:4e:a4:02:a2:d3:c3:6a:77:31:ef:
e1:47:41:be:e3:f4:7d:a4:3d:d5:d6:c9:5b:77:21:
b5:98:fa:07:00:cf:f3:06:f3:ca:41:01:0c:19:0c:
72:17:f9:67:76:92:63:47:6b:79:7e:3b:93:61:ca:
55:ff:d5:ed:8b:58:f2:82:1f:da:8c:a3:a6:e5:89:
9b:34:46:97:75:19:a5:18:35:28:88:75:90:69:7a:
6d:d1:82:9a:c0:e6:f1:ab:21:20:24:8a:47:9a:91:
bd:34:a2:42:76:d0:af:d8:87:74:1a:a7:4e:79:74:
84:79:19:b0:74:3c:cc:46:9a:94:ba:39:52:95:05:
e4:d7:93:f4:ec:df:23:cb:44:47:74:1d:2e:d3:60:
30:eb:b0:9e:cd:ed:31:1d:21:2a:e3:c5:3b:a6:a1:
8c:0a:21:e3:e8:e9:4c:2b:f9:33:d8:ea:c5:61:1f:
c7:c4:3e:1a:f0:90:4a:b8:8e:ef:b1:b3:2d:c3:35:
84:b6:4e:73:c1:86:1b:f7:d6:a4:6f:f6:4e:b3:ba:
e1:7b:09:0e:39:25:66:93:91:a3:5d:0d:4b:c6:71:
be:4f:2b:57:37:f3:10:d1:28:56:2a:42:e5:8f:a0:
41:04:f2:a9:57:fc:12:d1:b3:88:6d:25:56:25:d4:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E4:18:BF:A7:27:AC:63:00:31:9C:A2:39:AC:EC:86:D9:E1:69:2C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4-QYv6cnrGMAMZyiOazshtnhaSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.156.0/23
Signature Algorithm: sha256WithRSAEncryption
25:bd:95:fa:85:09:bb:eb:1b:b5:0a:15:3d:7d:6a:45:ea:ae:
69:44:9f:02:ea:9f:74:3e:b0:2f:0c:a6:71:38:b0:35:21:5f:
ea:82:f9:4c:63:dd:7f:75:db:d7:9a:e4:07:21:40:71:ed:e5:
71:4b:55:76:f1:47:12:09:06:c6:67:f3:b7:a3:e6:1e:19:f7:
5b:b2:a8:f7:50:2d:0b:86:ea:c7:48:fe:dd:9f:26:5f:e4:9f:
60:bb:2d:67:e9:01:00:54:0b:4b:94:1e:65:f1:6a:37:f6:d3:
a1:e1:a3:34:41:ff:9f:b8:81:7d:ac:0b:33:b6:61:12:2c:d2:
20:75:d8:32:4b:e7:ed:fc:72:14:77:b9:30:0b:1f:f1:78:f2:
ab:53:a6:bd:8f:6d:ac:4c:fc:56:a2:5b:5e:42:d4:15:6f:86:
f1:28:4b:02:62:15:64:9e:3c:ee:4f:61:ab:96:82:8c:c1:04:
d0:18:f1:5b:2d:e3:78:07:ff:5c:3d:18:43:1a:44:30:17:91:
8a:f8:85:5e:6b:9d:82:ed:b4:41:e6:ac:a7:5f:2b:b0:f6:c8:
58:db:e8:b7:4c:ac:23:87:3d:55:8d:f1:52:c5:a6:83:a0:bb:
da:0a:d1:3f:55:84:39:4b:64:71:15:91:17:62:de:60:0e:c3:
ab:41:bb:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksu5lssKIylJTykNrOFxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U0MThiZmE3MjdhYzYzMDAzMTljYTIzOWFjZWM4NmQ5ZTE2OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4LNEE6kAqLTw2p3Me/hR0G+4/R9
pD3V1slbdyG1mPoHAM/zBvPKQQEMGQxyF/lndpJjR2t5fjuTYcpV/9Xti1jygh/a
jKOm5YmbNEaXdRmlGDUoiHWQaXpt0YKawObxqyEgJIpHmpG9NKJCdtCv2Id0GqdO
eXSEeRmwdDzMRpqUujlSlQXk15P07N8jy0RHdB0u02Aw67Ceze0xHSEq48U7pqGM
CiHj6OlMK/kz2OrFYR/HxD4a8JBKuI7vsbMtwzWEtk5zwYYb99akb/ZOs7rhewkO
OSVmk5GjXQ1LxnG+TytXN/MQ0ShWKkLlj6BBBPKpV/wS0bOIbSVWJdQTywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPkGL+nJ6xjADGcojms7IbZ4WksMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNC1RWXY2Y25yR01BTVp5aU9henNodG5oYVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVf6cMA0G
CSqGSIb3DQEBCwUAA4IBAQAlvZX6hQm76xu1ChU9fWpF6q5pRJ8C6p90PrAvDKZx
OLA1IV/qgvlMY91/ddvXmuQHIUBx7eVxS1V28UcSCQbGZ/O3o+YeGfdbsqj3UC0L
hurHSP7dnyZf5J9guy1n6QEAVAtLlB5l8Wo39tOh4aM0Qf+fuIF9rAsztmESLNIg
ddgyS+ft/HIUd7kwCx/xePKrU6a9j22sTPxWolteQtQVb4bxKEsCYhVknjzuT2Gr
loKMwQTQGPFbLeN4B/9cPRhDGkQwF5GK+IVea52C7bRB5qynXyuw9shY2+i3TKwj
hz1VjfFSxaaDoLvaCtE/VYQ5S2RxFZEXYt5gDsOrQbvy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:57 2025 by rpki-client