Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/Q8-T8rHgFoT7CVxsMFqUQCc8JdY.roa
File: Q8-T8rHgFoT7CVxsMFqUQCc8JdY.roa (raw, json)
Hash identifier: RshmXbtDnZ3rOqJWlQSI0/TW/t+laA0v6rWUW/sLLhQ=
Subject key identifier: 43:CF:93:F2:B1:E0:16:84:FB:09:5C:6C:30:5A:94:40:27:3C:25:D6
Certificate issuer: /CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Certificate serial: 01941FFA703532336450C7F7626355F04C20
Authority key identifier: E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/Q8-T8rHgFoT7CVxsMFqUQCc8JdY.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43530
IP address blocks: 5.35.128.0/19 maxlen: 19
37.75.192.0/21 maxlen: 21
46.245.128.0/21 maxlen: 21
78.110.144.0/20 maxlen: 20
176.62.240.0/20 maxlen: 20
185.222.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/4Q-7mzzRwhatxpnl7a1fUx2a_LY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/4Q-7mzzRwhatxpnl7a1fUx2a_LY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:70:35:32:33:64:50:c7:f7:62:63:55:f0:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10fbb9b3cd1c216adc699e5edad5f531d9afcb6
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43cf93f2b1e01684fb095c6c305a9440273c25d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:db:6e:be:0c:96:fb:83:17:00:8f:d9:da:
5c:09:d1:fc:41:21:44:ab:fb:dc:8a:78:f1:26:79:
e0:6c:9e:92:54:78:c6:03:8a:4f:17:c7:c6:ec:f2:
b1:3b:93:e2:48:51:e0:5c:f4:01:80:09:51:90:63:
86:c7:ae:91:a4:a3:ab:83:5b:fb:68:b6:dc:8d:35:
0f:eb:2a:72:c0:22:ed:31:e3:2a:14:4c:40:bf:52:
9e:ed:b2:84:26:72:ac:23:51:41:b1:3e:f5:57:61:
3e:87:f2:50:8a:75:6e:41:0a:ff:7c:35:d6:61:b4:
86:af:6f:3d:c2:4c:77:81:67:d4:65:26:c1:54:3a:
72:5c:93:61:27:9c:47:93:c4:4d:32:55:75:35:da:
3d:b2:41:f9:90:ca:82:b4:c8:7d:b9:45:a1:bd:f1:
42:f9:ec:62:72:c4:5c:9d:d4:e4:b6:45:28:e4:66:
e7:5b:8b:8c:27:71:7e:dd:4d:d6:a1:9d:dc:fa:67:
33:50:e4:c2:df:fa:37:3a:c2:5f:2b:56:b3:2e:87:
22:07:c0:83:f1:be:6f:1d:99:e0:e7:18:e9:33:46:
dd:6d:eb:3c:5d:b9:72:25:53:a9:3b:28:89:e4:1c:
ce:77:ca:42:71:57:aa:04:7e:4b:2d:08:c6:73:5f:
ee:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CF:93:F2:B1:E0:16:84:FB:09:5C:6C:30:5A:94:40:27:3C:25:D6
X509v3 Authority Key Identifier:
keyid:E1:0F:BB:9B:3C:D1:C2:16:AD:C6:99:E5:ED:AD:5F:53:1D:9A:FC:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q-7mzzRwhatxpnl7a1fUx2a_LY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/Q8-T8rHgFoT7CVxsMFqUQCc8JdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/83ff8f-16ca-4249-b774-62a28f3e001c/1/4Q-7mzzRwhatxpnl7a1fUx2a_LY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.128.0/19
37.75.192.0/21
46.245.128.0/21
78.110.144.0/20
176.62.240.0/20
185.222.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:d3:4e:c9:05:5a:87:d5:f0:2e:f2:d2:7d:bf:60:b2:7d:3f:
54:54:86:fa:65:0e:6e:79:8a:73:48:d2:a1:1b:bb:e5:bd:71:
29:2b:d0:c3:7d:66:cb:49:e3:8f:cd:fe:5d:98:58:d1:cd:b2:
80:2b:17:45:05:11:a6:1e:e1:2d:a6:e7:1a:b1:6d:95:c5:61:
98:c2:d3:ff:54:3c:bd:cd:30:00:11:99:84:11:75:98:75:80:
06:28:20:9b:3e:bb:c6:a2:6a:10:cf:3c:9f:3a:85:55:80:a3:
ab:c2:79:ea:ee:27:b9:5f:9e:66:5b:09:f1:13:88:cb:8d:97:
6f:6b:1b:39:49:1f:30:dc:4a:86:99:76:82:d7:22:1d:64:03:
79:82:98:8b:23:25:ff:af:f6:e9:a0:c8:b5:9f:b4:de:8c:2f:
2b:d7:02:ad:11:9f:96:be:17:9e:f2:f4:48:e8:65:bb:26:82:
35:ce:d9:90:5c:f5:6f:af:5c:c5:b1:5c:2f:b9:10:41:de:22:
20:2c:83:8d:e7:2c:a2:a0:c4:e2:01:cb:bf:c3:5b:76:c0:4c:
9a:c1:a6:02:ad:d3:e4:a1:e7:60:08:e2:28:c4:53:1f:4b:09:
f5:8f:28:83:23:cd:10:ca:a7:20:6a:b5:f2:bf:57:f6:8d:ac:
a5:28:2f:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+nA1MjNkUMf3YmNV8EwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGZiYjliM2NkMWMyMTZhZGM2OTllNWVkYWQ1ZjUzMWQ5
YWZjYjYwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NmOTNmMmIxZTAxNjg0ZmIwOTVjNmMzMDVhOTQ0MDI3M2MyNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWTbbr4MlvuDFwCP2dpcCdH8QSFE
q/vcinjxJnngbJ6SVHjGA4pPF8fG7PKxO5PiSFHgXPQBgAlRkGOGx66RpKOrg1v7
aLbcjTUP6ypywCLtMeMqFExAv1Ke7bKEJnKsI1FBsT71V2E+h/JQinVuQQr/fDXW
YbSGr289wkx3gWfUZSbBVDpyXJNhJ5xHk8RNMlV1Ndo9skH5kMqCtMh9uUWhvfFC
+exicsRcndTktkUo5GbnW4uMJ3F+3U3WoZ3c+mczUOTC3/o3OsJfK1azLociB8CD
8b5vHZng5xjpM0bdbes8XblyJVOpOyiJ5BzOd8pCcVeqBH5LLQjGc1/u2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEPPk/Kx4BaE+wlcbDBalEAnPCXWMB8GA1UdIwQY
MBaAFOEPu5s80cIWrcaZ5e2tX1Mdmvy2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFEtN216elJ3aGF0eHBubDdhMWZVeDJhX0xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84M2ZmOGYtMTZjYS00MjQ5LWI3NzQt
NjJhMjhmM2UwMDFjLzEvUTgtVDhySGdGb1Q3Q1Z4c01GcVVRQ2M4SmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84M2ZmOGYtMTZjYS00MjQ5LWI3NzQtNjJhMjhmM2UwMDFj
LzEvNFEtN216elJ3aGF0eHBubDdhMWZVeDJhX0xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBSOAAwQD
JUvAAwQDLvWAAwQETm6QAwQEsD7wAwQCud7sMA0GCSqGSIb3DQEBCwUAA4IBAQAd
007JBVqH1fAu8tJ9v2CyfT9UVIb6ZQ5ueYpzSNKhG7vlvXEpK9DDfWbLSeOPzf5d
mFjRzbKAKxdFBRGmHuEtpucasW2VxWGYwtP/VDy9zTAAEZmEEXWYdYAGKCCbPrvG
omoQzzyfOoVVgKOrwnnq7ie5X55mWwnxE4jLjZdvaxs5SR8w3EqGmXaC1yIdZAN5
gpiLIyX/r/bpoMi1n7TejC8r1wKtEZ+Wvhee8vRI6GW7JoI1ztmQXPVvr1zFsVwv
uRBB3iIgLION5yyioMTiAcu/w1t2wEyawaYCrdPkoedgCOIoxFMfSwn1jyiDI80Q
yqcgarXyv1f2jaylKC+P
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:20:47 2025 by rpki-client