Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/QwE0tg9LdKDVZgDoLhxVp6PBffA.roa
File: QwE0tg9LdKDVZgDoLhxVp6PBffA.roa (raw, json)
Hash identifier: yMurYSYF30pu2PNCcOKhyaRqq0L6zG0Fnt31htAIGs4=
Subject key identifier: 43:01:34:B6:0F:4B:74:A0:D5:66:00:E8:2E:1C:55:A7:A3:C1:7D:F0
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 0194266C0A4748505CB4167EFB6EAAD23CFF
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/QwE0tg9LdKDVZgDoLhxVp6PBffA.roa
Signing time: Thu 02 Jan 2025 09:50:02 +0000
ROA not before: Thu 02 Jan 2025 09:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 18
77.104.128.0/18 maxlen: 18
82.68.0.0/15 maxlen: 15
82.71.0.0/16 maxlen: 16
82.71.240.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
88.97.64.0/19 maxlen: 19
88.97.96.0/20 maxlen: 20
88.97.176.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 19
212.23.0.0/23 maxlen: 23
217.155.0.0/16 maxlen: 16
2a02:8010::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 08:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0a:47:48:50:5c:b4:16:7e:fb:6e:aa:d2:3c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jan 2 09:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=430134b60f4b74a0d56600e82e1c55a7a3c17df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d9:30:a7:10:fa:97:c6:df:36:02:e9:95:44:
78:51:a2:a9:58:89:a4:d7:3b:48:41:4a:a7:e4:b9:
44:8c:77:28:04:a4:67:50:63:06:cb:e2:c8:93:d3:
c4:3d:e7:00:38:55:06:f5:aa:d9:6c:79:a3:c2:8e:
b7:3b:48:c7:96:56:73:07:ff:44:ba:e9:40:70:0a:
bc:3f:6a:6b:21:f1:1b:11:8f:ee:2e:cf:53:d2:ba:
ea:40:01:c5:46:76:8f:82:73:ac:bb:ca:e4:9f:7b:
88:21:33:8c:83:6f:70:44:d7:c3:5d:6e:8b:92:3e:
2f:a9:8e:a0:0a:07:ec:e0:d6:02:7e:af:b5:07:46:
7c:fd:79:7f:12:2c:59:07:45:e4:fb:f8:dd:cb:71:
b7:cf:93:f9:e7:9e:b5:c8:5d:b9:8d:16:c6:ad:d2:
55:a9:4b:cd:9a:ca:de:3b:74:e3:35:f7:3c:fa:7b:
37:9b:b6:08:46:90:f9:c9:35:1d:b9:2f:7b:32:10:
69:f2:22:86:80:fe:5c:01:01:de:80:dd:18:ce:fe:
4d:cd:f8:98:01:1c:ac:c1:ff:c1:f9:8b:71:43:aa:
c0:8f:a7:18:7c:f6:b6:6c:ff:ab:fe:1e:71:8e:b5:
28:c6:a4:3e:95:57:c4:67:21:e7:21:9d:d5:bf:6b:
a2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:01:34:B6:0F:4B:74:A0:D5:66:00:E8:2E:1C:55:A7:A3:C1:7D:F0
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/QwE0tg9LdKDVZgDoLhxVp6PBffA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/15
82.71.0.0/16
88.97.0.0-88.97.111.255
88.97.176.0/20
88.98.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
aa:23:1c:c7:9c:46:0f:48:67:69:2c:65:b1:e7:db:a2:ca:7e:
f1:70:ad:f9:ba:10:10:51:87:79:42:d9:62:fe:34:4e:d8:c2:
c2:51:b3:55:85:4e:3f:25:68:aa:b4:6e:0a:2f:a4:85:38:91:
24:4a:d2:84:14:f1:0b:e2:6a:e3:29:a1:c9:52:f3:dc:ab:86:
c1:ce:6e:26:42:91:aa:8f:8a:af:36:6d:fa:8e:82:94:c5:02:
56:8d:04:f7:a0:52:47:1e:b5:3f:92:a1:b0:eb:b7:0d:93:fc:
e0:a3:05:b0:10:bb:91:71:68:92:4b:3c:78:d9:a7:33:51:f4:
59:de:57:52:d1:16:ab:1d:d8:92:63:ee:da:a2:ec:e5:c8:1e:
f1:d4:06:b0:e7:e3:fe:e3:0a:22:7b:93:0a:ca:b6:d5:a0:f5:
24:92:51:a2:3c:4c:08:32:18:6f:5e:13:a5:ad:61:3f:5f:6d:
70:89:a1:37:31:57:d7:30:c1:8c:b0:41:21:d0:7b:8d:f0:9c:
01:2a:b5:80:16:58:01:9c:06:ef:72:48:d1:bf:6f:b1:81:fc:
7f:d3:5d:71:ce:5f:10:10:b5:d3:0a:d9:27:78:43:16:86:34:
a6:6c:66:e4:a9:5c:ea:12:ec:7a:e7:b4:e3:db:8d:d9:d5:4a:
5e:54:ad:9f
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZQmbApHSFBctBZ++26q0jz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjUwMTAyMDk1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzAxMzRiNjBmNGI3NGEwZDU2NjAwZTgyZTFjNTVhN2EzYzE3ZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tkwpxD6l8bfNgLplUR4UaKpWImk
1ztIQUqn5LlEjHcoBKRnUGMGy+LIk9PEPecAOFUG9arZbHmjwo63O0jHllZzB/9E
uulAcAq8P2prIfEbEY/uLs9T0rrqQAHFRnaPgnOsu8rkn3uIITOMg29wRNfDXW6L
kj4vqY6gCgfs4NYCfq+1B0Z8/Xl/EixZB0Xk+/jdy3G3z5P55561yF25jRbGrdJV
qUvNmsreO3TjNfc8+ns3m7YIRpD5yTUduS97MhBp8iKGgP5cAQHegN0Yzv5NzfiY
ARyswf/B+YtxQ6rAj6cYfPa2bP+r/h5xjrUoxqQ+lVfEZyHnIZ3Vv2uioQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFEMBNLYPS3Sg1WYA6C4cVaejwX3wMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvUXdFMHRnOUxkS0RWWmdEb0xoeFZwNlBCZmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBgQQCAAEwewMDADOU
AwMAM5sDBAY+A0ADBAZNaIADAwFSRAMDAFJHMAsDAwBYYQMEBFhhYAMEBFhhsDAL
AwMBWGIDBABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoD
BAZYYoADBAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0B
AQsFAAOCAQEAqiMcx5xGD0hnaSxlsefbosp+8XCt+boQEFGHeULZYv40TtjCwlGz
VYVOPyVoqrRuCi+khTiRJErShBTxC+Jq4ymhyVLz3KuGwc5uJkKRqo+KrzZt+o6C
lMUCVo0E96BSRx61P5KhsOu3DZP84KMFsBC7kXFokks8eNmnM1H0Wd5XUtEWqx3Y
kmPu2qLs5cge8dQGsOfj/uMKInuTCsq21aD1JJJRojxMCDIYb14Tpa1hP19tcImh
NzFX1zDBjLBBIdB7jfCcASq1gBZYAZwG73JI0b9vsYH8f9Ndcc5fEBC10wrZJ3hD
FoY0pmxm5Klc6hLseue049uN2dVKXlStnw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:35:40 2025 by rpki-client