Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FQqrVaWrjwGbwrQKWFwL-ALxue0.roa
File: FQqrVaWrjwGbwrQKWFwL-ALxue0.roa (raw, json)
Hash identifier: Y21wnJ7WUmqlJg6zD0OtGsbthsIYepPEi/nFJcnb1eU=
Subject key identifier: 15:0A:AB:55:A5:AB:8F:01:9B:C2:B4:0A:58:5C:0B:F8:02:F1:B9:ED
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B97DC91CFFBE7C4C090009C973BD8
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FQqrVaWrjwGbwrQKWFwL-ALxue0.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201337
IP address blocks: 84.236.137.0/24 maxlen: 24
84.236.184.0/24 maxlen: 24
84.236.189.0/24 maxlen: 24
178.156.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:97:dc:91:cf:fb:e7:c4:c0:90:00:9c:97:3b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=150aab55a5ab8f019bc2b40a585c0bf802f1b9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:d8:4b:10:3d:c8:2b:91:92:cc:44:2c:a7:
98:ea:19:05:7c:5a:66:23:18:84:71:16:fd:16:90:
40:9b:34:f2:1a:a3:58:91:56:5b:6c:94:98:d7:69:
64:b8:0e:fd:61:a7:dd:0b:d0:d3:58:32:2b:75:84:
7e:87:bb:b1:ea:9a:5a:0e:17:b1:62:d2:b1:25:5c:
83:0b:76:b3:43:95:d5:83:1d:74:58:06:12:fa:b5:
fc:4b:4c:44:62:de:0d:71:8b:46:33:ad:2b:cb:6a:
30:56:8e:2d:46:a7:4a:b2:b6:7f:46:7c:14:f7:ea:
e1:b9:27:39:eb:e1:cc:55:40:7c:2b:53:cf:f0:20:
9b:fe:8c:8f:1b:e8:f1:96:66:75:5d:ed:26:2a:08:
bd:fe:92:97:49:d8:60:b3:4e:ff:76:0e:f0:81:7b:
30:cb:69:94:f2:cf:b5:ec:ae:fd:8b:c8:61:0f:57:
56:d3:df:17:ec:33:78:67:15:3b:3b:9d:19:70:32:
b4:a8:41:45:4e:3d:cd:01:6a:36:47:40:76:4f:0f:
cf:69:28:d2:6d:3f:9e:ed:c8:ec:93:7a:1e:c3:87:
3e:6e:07:fb:ff:f0:c3:32:3b:b9:f3:26:77:c5:2e:
fe:92:18:03:54:7d:5d:06:97:82:ab:24:5a:18:87:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0A:AB:55:A5:AB:8F:01:9B:C2:B4:0A:58:5C:0B:F8:02:F1:B9:ED
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/FQqrVaWrjwGbwrQKWFwL-ALxue0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.137.0/24
84.236.184.0/24
84.236.189.0/24
178.156.75.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c7:a8:11:d4:1c:a7:a7:2b:d9:a9:18:ba:28:80:bf:dd:d4:
cd:31:2d:1e:c5:be:74:c1:c1:15:9f:60:cd:cd:cd:fa:2d:a3:
cc:16:0d:00:9b:c6:aa:cd:41:e4:92:8e:5e:ea:41:fe:fb:e3:
19:42:9c:56:f4:ae:97:56:1f:82:92:8d:9d:7a:c8:c9:64:0a:
d6:c4:5a:c1:a1:31:7b:7f:64:67:df:11:9c:2c:73:2b:bc:23:
a8:d6:13:61:b3:44:93:e5:f0:19:d0:fb:8e:b4:e8:9a:b4:ad:
db:ef:84:87:9b:b7:36:d9:aa:2e:64:3e:23:d9:90:d1:b9:7b:
6e:ca:9f:8a:66:07:84:17:18:ed:da:3c:13:b6:7a:a8:4d:41:
23:9b:cd:dd:ff:2a:0c:45:81:51:5d:f3:ff:0c:18:21:c4:6e:
69:6f:2c:b4:9c:6d:f1:7e:12:ce:6a:8e:2f:18:27:e3:ff:bc:
ff:e1:80:aa:e1:5a:6b:72:c0:67:e3:42:31:66:5c:19:b4:58:
c1:b9:6f:fd:36:6b:02:74:1b:ac:bc:3e:bc:d3:59:87:25:41:
5a:bb:13:6c:42:7a:87:50:d6:d7:1b:6d:39:3d:73:53:d6:7b:
5a:00:ac:85:66:83:48:7c:1f:fe:14:96:5c:73:b7:ed:3c:d6:
de:3e:0f:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQma5fckc/758TAkACclzvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBhYWI1NWE1YWI4ZjAxOWJjMmI0MGE1ODVjMGJmODAyZjFiOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQfYSxA9yCuRksxELKeY6hkFfFpm
IxiEcRb9FpBAmzTyGqNYkVZbbJSY12lkuA79YafdC9DTWDIrdYR+h7ux6ppaDhex
YtKxJVyDC3azQ5XVgx10WAYS+rX8S0xEYt4NcYtGM60ry2owVo4tRqdKsrZ/RnwU
9+rhuSc56+HMVUB8K1PP8CCb/oyPG+jxlmZ1Xe0mKgi9/pKXSdhgs07/dg7wgXsw
y2mU8s+17K79i8hhD1dW098X7DN4ZxU7O50ZcDK0qEFFTj3NAWo2R0B2Tw/PaSjS
bT+e7cjsk3oew4c+bgf7//DDMju58yZ3xS7+khgDVH1dBpeCqyRaGId+hwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUKq1Wlq48Bm8K0ClhcC/gC8bntMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvRlFxclZhV3Jqd0did3JRS1dGd0wtQUx4dWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOyJAwQA
VOy4AwQAVOy9AwQAspxLMA0GCSqGSIb3DQEBCwUAA4IBAQCDx6gR1BynpyvZqRi6
KIC/3dTNMS0exb50wcEVn2DNzc36LaPMFg0Am8aqzUHkko5e6kH+++MZQpxW9K6X
Vh+Cko2desjJZArWxFrBoTF7f2Rn3xGcLHMrvCOo1hNhs0ST5fAZ0PuOtOiatK3b
74SHm7c22aouZD4j2ZDRuXtuyp+KZgeEFxjt2jwTtnqoTUEjm83d/yoMRYFRXfP/
DBghxG5pbyy0nG3xfhLOao4vGCfj/7z/4YCq4VprcsBn40IxZlwZtFjBuW/9NmsC
dBusvD6801mHJUFauxNsQnqHUNbXG205PXNT1ntaAKyFZoNIfB/+FJZcc7ftPNbe
Pg/V
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:42:03 2025 by rpki-client