Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/cQ6MhpO8rPGnD_a1i9qTBhEi6oc.roa
File: cQ6MhpO8rPGnD_a1i9qTBhEi6oc.roa (raw, json)
Hash identifier: vZJMIqd7qPtuLbpQh2RJrNA9qcCFAJKecdV+n3y6GLk=
Subject key identifier: 71:0E:8C:86:93:BC:AC:F1:A7:0F:F6:B5:8B:DA:93:06:11:22:EA:87
Certificate issuer: /CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Certificate serial: 019469CE782ACF1DF0F3950E90F15DC928CF
Authority key identifier: 18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/cQ6MhpO8rPGnD_a1i9qTBhEi6oc.roa
Signing time: Wed 15 Jan 2025 11:52:06 +0000
ROA not before: Wed 15 Jan 2025 11:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41230
IP address blocks: 31.205.0.0/16 maxlen: 16
31.205.0.0/18 maxlen: 18
31.205.64.0/18 maxlen: 18
31.205.128.0/18 maxlen: 18
31.205.176.0/20 maxlen: 20
31.205.192.0/18 maxlen: 18
45.81.120.0/22 maxlen: 22
45.154.248.0/22 maxlen: 22
78.109.176.0/20 maxlen: 20
81.23.48.0/20 maxlen: 20
176.119.145.0/24 maxlen: 24
185.134.128.0/22 maxlen: 22
185.134.136.0/22 maxlen: 23
185.134.138.0/24 maxlen: 24
185.134.139.0/24 maxlen: 24
185.134.144.0/22 maxlen: 22
185.198.228.0/22 maxlen: 23
213.143.0.0/19 maxlen: 19
2a00:1a10::/29 maxlen: 29
2a07:c300::/29 maxlen: 29
2a0e:2a40::/29 maxlen: 29
2a0e:2ac0::/29 maxlen: 29
2a0e:5680::/29 maxlen: 29
2a0f:dd00::/29 maxlen: 29
2a10:d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:ce:78:2a:cf:1d:f0:f3:95:0e:90:f1:5d:c9:28:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Validity
Not Before: Jan 15 11:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=710e8c8693bcacf1a70ff6b58bda93061122ea87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:1e:d1:8b:45:98:cb:c3:4a:19:9e:35:38:
7c:03:53:12:26:9f:50:2d:63:d7:07:b2:58:5c:21:
eb:b0:8c:77:c6:56:6c:bc:41:1c:74:70:8e:8a:15:
2e:4c:2e:b8:ba:35:3d:41:f7:c5:49:f9:fe:8f:22:
a4:6a:79:0a:4a:bb:8c:15:d3:aa:4a:53:38:a6:7b:
d2:38:ea:4b:68:8b:49:1a:76:bf:16:dd:c0:ac:80:
ab:8a:43:86:bd:f9:f7:06:b6:b5:9b:1a:9d:2f:d8:
0c:04:db:7f:42:2d:ac:8a:70:42:42:b5:d2:46:45:
f9:2b:2a:49:60:c6:68:b3:23:74:69:10:b8:d6:a9:
41:f2:2a:3b:9f:07:24:46:f7:d8:06:8f:95:3d:af:
91:ef:53:31:c2:7f:e7:b3:ab:37:a0:df:31:f7:97:
4a:17:78:34:a6:ad:97:95:86:b5:da:08:77:c8:92:
48:66:b0:e9:fe:b9:e9:7e:07:b3:68:a8:c2:1f:ac:
d1:0a:36:f5:e8:4d:97:a5:88:31:07:4a:ac:39:bf:
58:84:f1:53:ce:23:bc:29:7a:26:b1:6a:10:10:54:
90:44:f1:f9:58:08:17:cd:96:1e:ae:d7:b0:fc:ea:
b3:0b:f3:dc:ba:dd:81:2c:38:80:84:0a:df:17:62:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0E:8C:86:93:BC:AC:F1:A7:0F:F6:B5:8B:DA:93:06:11:22:EA:87
X509v3 Authority Key Identifier:
keyid:18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/cQ6MhpO8rPGnD_a1i9qTBhEi6oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.205.0.0/16
45.81.120.0/22
45.154.248.0/22
78.109.176.0/20
81.23.48.0/20
176.119.145.0/24
185.134.128.0/22
185.134.136.0/22
185.134.144.0/22
185.198.228.0/22
213.143.0.0/19
IPv6:
2a00:1a10::/29
2a07:c300::/29
2a0e:2a40::/29
2a0e:2ac0::/29
2a0e:5680::/29
2a0f:dd00::/29
2a10:d00::/29
Signature Algorithm: sha256WithRSAEncryption
63:b0:c9:b0:16:47:ea:e2:57:74:1e:08:35:3c:f3:1e:6f:2c:
90:94:5d:55:97:41:6d:d8:f7:b5:5e:37:9c:b3:1f:d0:14:6e:
cd:26:26:b7:91:0b:91:d0:18:77:46:0c:2e:b6:2e:df:9a:a9:
64:ad:4b:00:c9:11:f6:82:8a:eb:e8:f5:d2:79:a1:a9:89:f8:
74:5b:75:f1:a2:f2:2a:42:01:c0:25:02:e7:ac:2d:ed:e4:a7:
6c:3c:80:bf:02:1c:db:b6:08:0b:f9:18:9e:73:ae:ff:26:8d:
bc:b7:cb:d2:7f:86:3e:80:37:e7:fe:6f:9c:e5:3c:37:3a:93:
eb:65:2d:b6:73:3f:82:15:26:a8:13:50:55:b4:f9:de:74:85:
e0:fe:48:d9:4c:f1:c4:c2:02:c0:38:eb:a0:f0:9b:2e:3a:1c:
f7:7c:bf:1c:e1:8c:88:55:65:64:a8:c6:b1:34:4e:35:84:68:
a9:b1:ad:89:32:46:49:c9:46:e6:e3:03:19:29:f1:14:b0:9f:
2e:43:72:6f:14:bb:e3:f3:59:1d:20:a9:3f:f3:ff:bd:01:84:
43:33:e9:ea:59:f6:64:00:ba:6b:9d:e5:9b:48:5c:f7:37:5c:
4a:cb:43:7d:cf:2a:36:9c:57:15:80:6d:1d:4d:76:fa:0c:c2:
cb:17:a2:37
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZRpzngqzx3w85UOkPFdySjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTJhZWQ5YWYzYTRiZTU2MGFhMTliOTI4NDZjNWZiZTEx
YzliMTkwHhcNMjUwMTE1MTE1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBlOGM4NjkzYmNhY2YxYTcwZmY2YjU4YmRhOTMwNjExMjJlYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq4e0YtFmMvDShmeNTh8A1MSJp9Q
LWPXB7JYXCHrsIx3xlZsvEEcdHCOihUuTC64ujU9QffFSfn+jyKkankKSruMFdOq
SlM4pnvSOOpLaItJGna/Ft3ArICrikOGvfn3Bra1mxqdL9gMBNt/Qi2sinBCQrXS
RkX5KypJYMZosyN0aRC41qlB8io7nwckRvfYBo+VPa+R71Mxwn/ns6s3oN8x95dK
F3g0pq2XlYa12gh3yJJIZrDp/rnpfgezaKjCH6zRCjb16E2XpYgxB0qsOb9YhPFT
ziO8KXomsWoQEFSQRPH5WAgXzZYertew/OqzC/Pcut2BLDiAhArfF2L1vQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFHEOjIaTvKzxpw/2tYvakwYRIuqHMB8GA1UdIwQY
MBaAFBjirtmvOkvlYKoZuShGxfvhHJsZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYt
ZDI1NTFjZGRlNGFmLzEvY1E2TWhwTzhyUEduRF9hMWk5cVRCaEVpNm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYtZDI1NTFjZGRlNGFm
LzEvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBHBAIAATBBAwMAH80D
BAItUXgDBAItmvgDBARObbADBARRFzADBACwd5EDBAK5hoADBAK5hogDBAK5hpAD
BAK5xuQDBAXVjwAwNwQCAAIwMQMFAyoAGhADBQMqB8MAAwUDKg4qQAMFAyoOKsAD
BQMqDlaAAwUDKg/dAAMFAyoQDQAwDQYJKoZIhvcNAQELBQADggEBAGOwybAWR+ri
V3QeCDU88x5vLJCUXVWXQW3Y97VeN5yzH9AUbs0mJreRC5HQGHdGDC62Lt+aqWSt
SwDJEfaCiuvo9dJ5oamJ+HRbdfGi8ipCAcAlAuesLe3kp2w8gL8CHNu2CAv5GJ5z
rv8mjby3y9J/hj6AN+f+b5zlPDc6k+tlLbZzP4IVJqgTUFW0+d50heD+SNlM8cTC
AsA466Dwmy46HPd8vxzhjIhVZWSoxrE0TjWEaKmxrYkyRknJRubjAxkp8RSwny5D
cm8Uu+PzWR0gqT/z/70BhEMz6epZ9mQAumud5ZtIXPc3XErLQ33PKjacVxWAbR1N
dvoMwssXojc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:14:24 2025 by rpki-client