Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/QDG31XRppMRHcvvmEDOK8yxyWfY.roa
File: QDG31XRppMRHcvvmEDOK8yxyWfY.roa (raw, json)
Hash identifier: IAXCVrJq/0jbZsdZm/s/bAXJF0pu+1bXoYQ6KRJa9ZY=
Subject key identifier: 40:31:B7:D5:74:69:A4:C4:47:72:FB:E6:10:33:8A:F3:2C:72:59:F6
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 0194252191D329F7F110E5F59124058CC2BD
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/QDG31XRppMRHcvvmEDOK8yxyWfY.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209307
IP address blocks: 95.183.42.0/24 maxlen: 24
95.183.43.0/24 maxlen: 24
192.54.76.0/23 maxlen: 24
192.54.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:91:d3:29:f7:f1:10:e5:f5:91:24:05:8c:c2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4031b7d57469a4c44772fbe610338af32c7259f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:78:aa:a9:3f:39:08:b4:3b:8f:cd:0d:15:71:
da:3f:ab:2a:b9:46:b6:39:23:f9:a6:4a:12:c8:30:
75:24:8c:83:3a:ef:d9:5a:40:89:99:d6:24:27:3a:
3a:d8:b8:16:af:91:d7:db:29:8f:64:54:26:58:62:
a4:07:6c:13:55:76:44:6d:1a:1a:2b:ca:cb:7a:94:
e1:a6:8d:7e:f3:51:cc:0e:9f:65:42:41:83:0f:c1:
dd:ee:b7:45:c6:2c:8d:f9:86:69:1f:ba:1e:2e:f5:
da:2c:02:66:f5:01:ec:a7:1e:e5:93:d0:db:2e:ec:
12:d1:17:73:ed:5a:a5:db:a1:b6:c2:31:32:d7:68:
8a:7f:eb:4d:13:38:dc:2b:30:4b:c7:64:69:4a:9c:
12:1d:88:76:22:5b:3e:01:42:29:c6:02:b6:8a:5c:
21:7e:78:a4:ba:04:2d:f9:91:c8:83:dc:66:64:cd:
de:5f:e1:bf:af:be:1b:e6:39:ff:a9:01:a1:a7:08:
8e:86:9f:df:47:31:f6:e9:dc:bb:b6:85:ef:a4:75:
99:17:4d:6e:fb:50:f6:c6:09:09:47:07:f0:d5:65:
f5:f2:62:3d:c7:ba:ea:8a:c9:a5:b1:68:f7:60:f5:
bf:6d:2e:8a:5b:2a:0f:c0:1e:7a:3f:64:7f:78:3e:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:31:B7:D5:74:69:A4:C4:47:72:FB:E6:10:33:8A:F3:2C:72:59:F6
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/QDG31XRppMRHcvvmEDOK8yxyWfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.42.0/23
192.54.76.0/23
192.54.186.0/23
Signature Algorithm: sha256WithRSAEncryption
28:8e:a7:5c:87:0c:b7:d7:30:82:d8:0f:f7:6b:17:22:52:74:
d7:80:b0:17:31:62:81:7a:1c:32:af:b4:bc:88:79:f9:07:66:
68:30:06:8d:bc:ff:67:36:74:e7:aa:7e:35:8e:dc:f8:11:7b:
1d:4b:74:f1:12:51:52:31:ed:80:64:6c:35:c3:59:6f:04:81:
19:99:1e:cf:2b:dd:a4:ca:00:01:e8:71:2c:f2:2a:8e:f7:54:
72:16:d9:ca:86:06:23:47:55:96:02:db:35:8d:d8:d3:ef:e0:
98:39:41:09:5c:40:60:88:7c:25:ae:47:f2:86:6c:0b:fc:ba:
74:d7:87:18:36:f7:91:63:14:f8:70:e4:41:17:85:6d:28:b7:
83:6c:87:65:0d:7b:ac:c1:e4:79:9f:6f:ee:ea:84:b1:14:cd:
06:f4:72:76:a7:7e:06:16:87:76:72:b9:f1:a3:e5:e6:8c:9b:
7a:75:6e:b0:94:d4:39:39:bf:f8:da:55:dd:61:ab:25:5f:60:
50:4a:3d:56:8d:4f:c5:c6:45:b6:c2:98:42:4f:4d:0b:ff:ad:
10:be:be:ea:c6:85:92:a0:6f:f5:56:a9:a9:26:90:6d:a1:6d:
e8:f0:43:c5:01:55:09:d4:30:d5:99:e5:7b:ab:b7:40:a2:bc:
2b:d9:f5:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIZHTKffxEOX1kSQFjMK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDMxYjdkNTc0NjlhNGM0NDc3MmZiZTYxMDMzOGFmMzJjNzI1OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXiqqT85CLQ7j80NFXHaP6squUa2
OSP5pkoSyDB1JIyDOu/ZWkCJmdYkJzo62LgWr5HX2ymPZFQmWGKkB2wTVXZEbRoa
K8rLepThpo1+81HMDp9lQkGDD8Hd7rdFxiyN+YZpH7oeLvXaLAJm9QHspx7lk9Db
LuwS0Rdz7Vql26G2wjEy12iKf+tNEzjcKzBLx2RpSpwSHYh2Ils+AUIpxgK2ilwh
fnikugQt+ZHIg9xmZM3eX+G/r74b5jn/qQGhpwiOhp/fRzH26dy7toXvpHWZF01u
+1D2xgkJRwfw1WX18mI9x7rqismlsWj3YPW/bS6KWyoPwB56P2R/eD6V3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEAxt9V0aaTER3L75hAzivMscln2MB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvUURHMzFYUnBwTVJIY3Z2bUVET0s4eXh5V2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBX7cqAwQB
wDZMAwQBwDa6MA0GCSqGSIb3DQEBCwUAA4IBAQAojqdchwy31zCC2A/3axciUnTX
gLAXMWKBehwyr7S8iHn5B2ZoMAaNvP9nNnTnqn41jtz4EXsdS3TxElFSMe2AZGw1
w1lvBIEZmR7PK92kygAB6HEs8iqO91RyFtnKhgYjR1WWAts1jdjT7+CYOUEJXEBg
iHwlrkfyhmwL/Lp014cYNveRYxT4cORBF4VtKLeDbIdlDXusweR5n2/u6oSxFM0G
9HJ2p34GFod2crnxo+XmjJt6dW6wlNQ5Ob/42lXdYaslX2BQSj1WjU/FxkW2wphC
T00L/60Qvr7qxoWSoG/1VqmpJpBtoW3o8EPFAVUJ1DDVmeV7q7dAorwr2fWe
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:29:53 2025 by rpki-client