Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/SQDJFyKznGtCKVmkEUnYaLhptpU.roa
File: SQDJFyKznGtCKVmkEUnYaLhptpU.roa (raw, json)
Hash identifier: XEPlk5OXn/XLJYfgloRDlJ7X9N7ypjZHyh9xzsTH0Bw=
Subject key identifier: 49:00:C9:17:22:B3:9C:6B:42:29:59:A4:11:49:D8:68:B8:69:B6:95
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 01958F131F210B8002460804FCC82F1B7599
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/SQDJFyKznGtCKVmkEUnYaLhptpU.roa
Signing time: Thu 13 Mar 2025 10:35:49 +0000
ROA not before: Thu 13 Mar 2025 10:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 89.222.36.0/24 maxlen: 24
89.222.37.0/24 maxlen: 24
89.222.38.0/24 maxlen: 24
89.222.39.0/24 maxlen: 24
89.222.40.0/24 maxlen: 24
89.222.41.0/24 maxlen: 24
89.222.42.0/24 maxlen: 24
89.222.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:13:1f:21:0b:80:02:46:08:04:fc:c8:2f:1b:75:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Mar 13 10:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4900c91722b39c6b422959a41149d868b869b695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c7:8f:81:c8:91:a3:3a:65:af:ab:62:9e:fb:
3d:13:ca:a9:03:a4:d3:7a:46:e3:e9:05:16:1a:fb:
26:71:4a:21:6e:e1:39:52:30:f9:0c:58:2c:dc:55:
7b:90:7c:2a:40:4f:87:39:91:35:31:e5:60:f6:ca:
a6:9b:1f:93:32:77:de:3c:8e:ba:25:6c:a3:f1:23:
ef:27:f7:e8:93:c6:65:75:3d:85:72:8d:10:e1:4d:
8f:bb:95:df:ac:16:56:87:5e:87:f8:74:8d:3b:60:
7a:50:92:d5:38:f4:96:aa:f2:ce:c1:0a:f9:21:a1:
7e:a0:16:c4:88:0f:39:db:a3:e2:9e:4d:0a:4b:24:
f2:5f:c7:ac:a9:41:25:ad:09:97:2a:8c:7e:d7:94:
5a:71:59:59:75:b2:c1:96:45:5b:8f:66:bb:b4:6d:
4b:d8:9a:f0:7a:58:e2:e1:2e:8d:29:92:cc:64:f2:
4e:26:ae:4c:30:95:53:30:e7:65:7c:5a:bb:de:d0:
26:0f:02:2d:c8:d8:d4:6e:48:9b:0c:36:08:f6:5a:
50:e7:71:e7:bb:04:92:b7:a3:90:32:88:8e:5e:47:
64:4e:a1:27:bc:15:ec:f2:ee:3b:a5:f2:e9:af:f8:
95:24:ac:b4:5a:ee:51:3e:dd:66:38:0b:ed:67:2f:
16:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:00:C9:17:22:B3:9C:6B:42:29:59:A4:11:49:D8:68:B8:69:B6:95
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/SQDJFyKznGtCKVmkEUnYaLhptpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.36.0-89.222.43.255
Signature Algorithm: sha256WithRSAEncryption
18:10:55:c4:cf:02:0a:d1:77:9e:b4:f7:71:54:29:94:39:65:
2d:7e:38:e0:b4:94:27:c1:77:f9:70:6c:81:17:b0:61:1f:c7:
76:f0:33:35:55:5c:0e:89:88:7c:84:9a:b9:8c:c6:b1:a9:ad:
6e:2b:6b:3c:ac:1e:37:31:28:1e:82:cc:51:54:67:19:db:1c:
3d:f7:84:2a:93:5d:cd:b3:b9:f9:45:6a:e2:a6:05:9d:d4:71:
26:da:ac:98:f6:b7:55:8f:fa:be:e2:b0:03:21:ad:06:c2:4b:
e7:f8:01:01:0a:fe:e2:01:76:2d:45:2e:c7:5c:cc:4f:a6:ad:
a7:9c:5a:11:46:70:32:f1:c0:a9:ae:c9:83:72:3f:2f:72:7f:
32:47:31:9a:6f:10:ff:55:e7:22:80:76:73:5c:34:f5:59:07:
83:78:17:c5:09:db:68:cd:7b:79:4c:59:8b:c2:7b:0f:d3:5b:
57:b0:8f:9b:3f:08:03:38:c8:36:bd:f0:34:4d:09:36:f2:3a:
4d:c7:fe:73:31:08:c0:60:2e:7f:f7:73:f1:ee:ee:ef:77:f4:
e7:9b:5a:f1:6b:0f:9a:fc:65:bc:62:a1:cf:3b:01:4d:e6:9c:
24:08:11:fc:8f:48:6c:a2:c3:e7:81:c9:bc:2e:cd:21:45:41:
1a:05:60:60
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZWPEx8hC4ACRggE/MgvG3WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjUwMzEzMTAzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAwYzkxNzIyYjM5YzZiNDIyOTU5YTQxMTQ5ZDg2OGI4NjliNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cePgciRozplr6tinvs9E8qpA6TT
ekbj6QUWGvsmcUohbuE5UjD5DFgs3FV7kHwqQE+HOZE1MeVg9sqmmx+TMnfePI66
JWyj8SPvJ/fok8ZldT2Fco0Q4U2Pu5XfrBZWh16H+HSNO2B6UJLVOPSWqvLOwQr5
IaF+oBbEiA8526Pink0KSyTyX8esqUElrQmXKox+15RacVlZdbLBlkVbj2a7tG1L
2Jrwelji4S6NKZLMZPJOJq5MMJVTMOdlfFq73tAmDwItyNjUbkibDDYI9lpQ53Hn
uwSSt6OQMoiOXkdkTqEnvBXs8u47pfLpr/iVJKy0Wu5RPt1mOAvtZy8WfQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEkAyRcis5xrQilZpBFJ2Gi4abaVMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvU1FESkZ5S3puR3RDS1Zta0VVbllhTGhwdHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ3iQD
BAJZ3igwDQYJKoZIhvcNAQELBQADggEBABgQVcTPAgrRd56093FUKZQ5ZS1+OOC0
lCfBd/lwbIEXsGEfx3bwMzVVXA6JiHyEmrmMxrGprW4razysHjcxKB6CzFFUZxnb
HD33hCqTXc2zuflFauKmBZ3UcSbarJj2t1WP+r7isAMhrQbCS+f4AQEK/uIBdi1F
LsdczE+mraecWhFGcDLxwKmuyYNyPy9yfzJHMZpvEP9V5yKAdnNcNPVZB4N4F8UJ
22jNe3lMWYvCew/TW1ewj5s/CAM4yDa98DRNCTbyOk3H/nMxCMBgLn/3c/Hu7u93
9OebWvFrD5r8Zbxioc87AU3mnCQIEfyPSGyiw+eBybwuzSFFQRoFYGA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:09 2025 by rpki-client