Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/QCTiWGHEKmUOdJTM7oPATib-rWI.roa
File: QCTiWGHEKmUOdJTM7oPATib-rWI.roa (raw, json)
Hash identifier: k26mJ2kyD6PN3QHWZlo9Dbc0a0mryGGisjgGFZ6rWDs=
Subject key identifier: 40:24:E2:58:61:C4:2A:65:0E:74:94:CC:EE:83:C0:4E:26:FE:AD:62
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 019610C861675DEE4DA3A5BD4A2D551613AB
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/QCTiWGHEKmUOdJTM7oPATib-rWI.roa
Signing time: Mon 07 Apr 2025 15:04:49 +0000
ROA not before: Mon 07 Apr 2025 15:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62212
IP address blocks: 87.236.146.0/24 maxlen: 24
91.184.248.0/22 maxlen: 24
91.199.137.0/24 maxlen: 24
91.199.147.0/24 maxlen: 24
91.199.154.0/24 maxlen: 24
91.199.160.0/24 maxlen: 24
92.61.70.0/23 maxlen: 24
109.172.8.0/23 maxlen: 24
188.127.246.0/23 maxlen: 24
2a11:3b80::/29 maxlen: 48
2a11:3b80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:c8:61:67:5d:ee:4d:a3:a5:bd:4a:2d:55:16:13:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Apr 7 15:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4024e25861c42a650e7494ccee83c04e26fead62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:e1:c7:64:96:90:a9:cc:ad:e6:60:df:32:
d5:7b:36:2e:fd:4f:d6:ec:46:36:71:bc:d8:12:5b:
ca:22:2f:89:6e:3b:f6:42:cd:f0:aa:6d:1b:76:6a:
a2:32:15:c2:55:13:73:df:f5:e0:41:94:be:bb:e8:
40:26:64:65:10:b7:02:3b:9a:49:d7:84:5a:38:9c:
1d:49:6a:2f:d8:49:e4:3a:9f:63:38:a9:27:79:6c:
6d:19:e2:84:e0:19:4e:73:cf:02:8b:29:8b:7f:59:
88:fc:85:1c:27:7b:99:18:0f:c3:24:92:07:de:a8:
e5:be:fb:5d:a6:b1:98:21:af:4f:df:aa:4d:68:d4:
ca:99:e8:8d:98:6d:b7:47:f5:90:76:26:a0:0b:cb:
6e:b1:cb:8b:ec:b9:76:7b:ec:95:54:cd:be:66:38:
a7:0a:a7:15:d5:62:86:ce:e3:15:1f:71:85:73:bf:
aa:9f:f8:f3:aa:06:11:46:f7:1d:24:a9:a5:79:e0:
02:b7:76:14:cc:9c:c6:ef:e1:30:fd:94:a9:41:c4:
ed:88:9d:46:5f:9b:a0:a5:62:8b:d7:66:73:b9:1a:
84:0f:ea:c7:f9:1f:f2:5a:8a:20:d2:f0:2e:aa:6c:
87:d2:35:8a:91:15:2a:ed:2e:df:2a:4b:81:60:81:
44:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:24:E2:58:61:C4:2A:65:0E:74:94:CC:EE:83:C0:4E:26:FE:AD:62
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/QCTiWGHEKmUOdJTM7oPATib-rWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.146.0/24
91.184.248.0/22
91.199.137.0/24
91.199.147.0/24
91.199.154.0/24
91.199.160.0/24
92.61.70.0/23
109.172.8.0/23
188.127.246.0/23
IPv6:
2a11:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
15:03:bb:ae:dc:96:a6:1e:4e:fa:b1:02:a7:8b:1f:22:11:9d:
34:2a:59:32:90:7a:d0:82:b9:20:03:10:6e:74:f1:33:58:60:
27:04:f4:c1:7f:ab:b7:2f:19:54:5e:52:4a:19:40:4f:9c:b0:
8e:e3:29:25:e6:2e:1f:6f:c4:8d:2f:b7:a8:3f:2e:7d:db:fc:
50:18:0b:c1:5f:b0:07:a1:62:10:88:42:40:b0:74:ae:3b:3d:
2f:f2:b9:e6:2f:14:e6:23:70:9d:01:c3:ad:d8:36:45:93:b8:
40:90:06:9c:dc:23:d3:c2:ff:a4:bb:2c:5f:c5:84:c0:d9:d9:
96:b8:f9:95:19:96:3c:f5:13:22:4d:48:fa:8f:44:1f:7f:f1:
8e:d6:13:17:2f:d4:5a:3a:59:44:b3:53:7f:b3:a5:f7:ae:1a:
6a:a7:db:2c:77:f4:7e:9f:01:bc:2d:31:61:d1:44:5b:f6:38:
58:87:b4:3d:bc:52:bf:2b:89:f8:dc:1c:f4:db:cc:6e:f0:09:
2d:46:21:19:73:bd:70:b6:26:b3:b9:22:16:01:ae:48:2d:14:
0f:05:54:18:6c:a3:6c:b5:8a:95:5c:dc:f8:42:ed:87:20:d0:
27:2d:da:46:ea:81:2e:07:a1:cf:c9:f3:26:85:90:61:d3:f0:
c7:e3:15:3a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZYQyGFnXe5No6W9Si1VFhOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi
MzJjZjIwHhcNMjUwNDA3MTUwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI0ZTI1ODYxYzQyYTY1MGU3NDk0Y2NlZTgzYzA0ZTI2ZmVhZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9fhx2SWkKnMreZg3zLVezYu/U/W
7EY2cbzYElvKIi+Jbjv2Qs3wqm0bdmqiMhXCVRNz3/XgQZS+u+hAJmRlELcCO5pJ
14RaOJwdSWov2EnkOp9jOKkneWxtGeKE4BlOc88CiymLf1mI/IUcJ3uZGA/DJJIH
3qjlvvtdprGYIa9P36pNaNTKmeiNmG23R/WQdiagC8tuscuL7Ll2e+yVVM2+Zjin
CqcV1WKGzuMVH3GFc7+qn/jzqgYRRvcdJKmleeACt3YUzJzG7+Ew/ZSpQcTtiJ1G
X5ugpWKL12ZzuRqED+rH+R/yWoog0vAuqmyH0jWKkRUq7S7fKkuBYIFErwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEAk4lhhxCplDnSUzO6DwE4m/q1iMB8GA1UdIwQY
MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt
YmU0MzRjYjlmOGY4LzEvUUNUaVdHSEVLbVVPZEpUTTdvUEFUaWItcldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4
LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAV+ySAwQC
W7j4AwQAW8eJAwQAW8eTAwQAW8eaAwQAW8egAwQBXD1GAwQBbawIAwQBvH/2MA0E
AgACMAcDBQMqETuAMA0GCSqGSIb3DQEBCwUAA4IBAQAVA7uu3JamHk76sQKnix8i
EZ00KlkykHrQgrkgAxBudPEzWGAnBPTBf6u3LxlUXlJKGUBPnLCO4ykl5i4fb8SN
L7eoPy592/xQGAvBX7AHoWIQiEJAsHSuOz0v8rnmLxTmI3CdAcOt2DZFk7hAkAac
3CPTwv+kuyxfxYTA2dmWuPmVGZY89RMiTUj6j0Qff/GO1hMXL9RaOllEs1N/s6X3
rhpqp9ssd/R+nwG8LTFh0URb9jhYh7Q9vFK/K4n43Bz028xu8AktRiEZc71wtiaz
uSIWAa5ILRQPBVQYbKNstYqVXNz4Qu2HINAnLdpG6oEuB6HPyfMmhZBh0/DH4xU6
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:13 2025 by rpki-client