Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/pqaKQ_TLLBYikhcnNcdXTfV_Qqg.roa
File: pqaKQ_TLLBYikhcnNcdXTfV_Qqg.roa (raw, json)
Hash identifier: hN1kuDdul6eCFSiEm2Z9+yxnk4jIcJ1yoCv4DPl4iuU=
Subject key identifier: A6:A6:8A:43:F4:CB:2C:16:22:92:17:27:35:C7:57:4D:F5:7F:42:A8
Certificate issuer: /CN=8fa9aeb426c28a34808776f9568935d3b9ec9e08
Certificate serial: 019421B1A7B2C5CC5EB46E48C7EDD4558F45
Authority key identifier: 8F:A9:AE:B4:26:C2:8A:34:80:87:76:F9:56:89:35:D3:B9:EC:9E:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j6mutCbCijSAh3b5Vok107nsngg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/pqaKQ_TLLBYikhcnNcdXTfV_Qqg.roa
Signing time: Wed 01 Jan 2025 11:47:58 +0000
ROA not before: Wed 01 Jan 2025 11:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211569
IP address blocks: 185.225.10.0/24 maxlen: 24
2a10:e480::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/j6mutCbCijSAh3b5Vok107nsngg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/j6mutCbCijSAh3b5Vok107nsngg.mft
rsync://rpki.ripe.net/repository/DEFAULT/j6mutCbCijSAh3b5Vok107nsngg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a7:b2:c5:cc:5e:b4:6e:48:c7:ed:d4:55:8f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fa9aeb426c28a34808776f9568935d3b9ec9e08
Validity
Not Before: Jan 1 11:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6a68a43f4cb2c162292172735c7574df57f42a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c0:ca:f6:89:39:d9:54:77:48:9a:22:e6:70:
39:23:c3:78:52:63:02:ed:2e:75:b0:7d:9e:31:50:
66:80:bc:50:52:82:de:b3:cc:6b:98:1f:ae:89:46:
2e:1f:eb:52:45:79:cc:d3:c9:a3:f8:c6:47:ea:fa:
f9:bf:d8:51:36:75:c7:09:34:50:79:8c:f8:a1:7f:
5e:81:77:41:82:f2:3c:af:9d:24:66:b3:4b:1a:ac:
6d:b6:e1:9c:2d:ab:a4:ab:e8:35:2a:4e:b2:2d:dc:
23:c2:80:14:b3:d6:7f:a1:1d:6e:e6:12:d4:7b:9b:
ea:57:7e:a6:e9:bf:fb:aa:36:93:63:16:fb:3c:36:
41:fd:66:3b:48:10:5c:dd:47:df:a9:96:ea:82:08:
49:59:30:57:2f:de:b8:6b:35:73:01:f8:1c:ed:a1:
65:38:a3:05:7a:7a:90:8a:3c:5e:33:46:ca:86:f1:
e8:fc:eb:f3:83:c6:0a:d1:ae:0e:04:87:06:ac:9d:
4a:80:e7:27:69:d5:2f:12:00:cc:6a:dd:de:9f:3c:
d7:2f:23:24:38:0f:ec:d4:ba:e9:5a:fd:8c:5c:24:
1c:e4:03:f9:70:b2:a6:74:59:20:87:d5:69:dd:8b:
9a:3c:8c:68:40:37:aa:56:e8:0a:df:5d:10:a7:11:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A6:8A:43:F4:CB:2C:16:22:92:17:27:35:C7:57:4D:F5:7F:42:A8
X509v3 Authority Key Identifier:
keyid:8F:A9:AE:B4:26:C2:8A:34:80:87:76:F9:56:89:35:D3:B9:EC:9E:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j6mutCbCijSAh3b5Vok107nsngg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/pqaKQ_TLLBYikhcnNcdXTfV_Qqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/77792b-e20e-4bf7-b126-359f79361e99/1/j6mutCbCijSAh3b5Vok107nsngg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.10.0/24
IPv6:
2a10:e480::/29
Signature Algorithm: sha256WithRSAEncryption
18:71:82:1e:7b:8d:01:4b:5a:50:99:e4:bc:31:f4:be:05:4e:
2b:b1:18:fd:45:8f:8c:da:c3:7f:cb:ef:fa:8d:75:f5:e0:8f:
76:ca:83:4d:c8:19:62:19:bf:ca:1d:74:04:f1:65:57:94:d5:
5d:fd:24:f1:51:b7:84:5b:0c:1c:1b:45:59:fa:45:5d:52:22:
b3:11:e1:4a:aa:1d:5f:78:a4:d3:86:12:34:02:dd:9a:f0:6f:
eb:fb:cd:4b:75:67:9b:79:85:82:2f:f8:e3:a2:00:f5:32:8e:
ff:79:18:fa:a5:fa:85:ea:b7:08:64:46:82:39:10:c4:75:f9:
18:88:10:ce:3e:17:95:39:af:74:34:40:18:fe:14:0c:27:24:
be:1f:28:05:1f:f4:e0:d5:f7:e7:0e:9a:b8:d1:04:c3:10:3f:
ea:80:83:a0:c5:87:aa:10:1c:7f:44:c2:e1:15:25:0c:e7:f8:
79:37:67:bf:78:d2:1d:23:9b:5b:aa:1c:22:48:4e:3a:93:6c:
bd:39:49:ed:6d:3b:6e:2d:44:85:b9:de:c2:9b:b4:b0:16:19:
ee:e7:1e:78:82:ac:dc:7c:28:e8:32:ec:7b:2f:37:14:19:4d:
6f:67:59:76:13:8b:6c:44:95:92:6c:c2:1a:e4:af:e2:23:0e:
52:09:7c:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsaeyxcxetG5Ix+3UVY9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYTlhZWI0MjZjMjhhMzQ4MDg3NzZmOTU2ODkzNWQzYjll
YzllMDgwHhcNMjUwMTAxMTE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmE2OGE0M2Y0Y2IyYzE2MjI5MjE3MjczNWM3NTc0ZGY1N2Y0MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MDK9ok52VR3SJoi5nA5I8N4UmMC
7S51sH2eMVBmgLxQUoLes8xrmB+uiUYuH+tSRXnM08mj+MZH6vr5v9hRNnXHCTRQ
eYz4oX9egXdBgvI8r50kZrNLGqxttuGcLaukq+g1Kk6yLdwjwoAUs9Z/oR1u5hLU
e5vqV36m6b/7qjaTYxb7PDZB/WY7SBBc3UffqZbqgghJWTBXL964azVzAfgc7aFl
OKMFenqQijxeM0bKhvHo/Ovzg8YK0a4OBIcGrJ1KgOcnadUvEgDMat3enzzXLyMk
OA/s1LrpWv2MXCQc5AP5cLKmdFkgh9Vp3YuaPIxoQDeqVugK310QpxHlQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKamikP0yywWIpIXJzXHV031f0KoMB8GA1UdIwQY
MBaAFI+prrQmwoo0gId2+VaJNdO57J4IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajZtdXRDYkNpalNBaDNiNVZvazEwN25zbmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83Nzc5MmItZTIwZS00YmY3LWIxMjYt
MzU5Zjc5MzYxZTk5LzEvcHFhS1FfVExMQllpa2hjbk5jZFhUZlZfUXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83Nzc5MmItZTIwZS00YmY3LWIxMjYtMzU5Zjc5MzYxZTk5
LzEvajZtdXRDYkNpalNBaDNiNVZvazEwN25zbmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueEKMA0E
AgACMAcDBQMqEOSAMA0GCSqGSIb3DQEBCwUAA4IBAQAYcYIee40BS1pQmeS8MfS+
BU4rsRj9RY+M2sN/y+/6jXX14I92yoNNyBliGb/KHXQE8WVXlNVd/STxUbeEWwwc
G0VZ+kVdUiKzEeFKqh1feKTThhI0At2a8G/r+81LdWebeYWCL/jjogD1Mo7/eRj6
pfqF6rcIZEaCORDEdfkYiBDOPheVOa90NEAY/hQMJyS+HygFH/Tg1ffnDpq40QTD
ED/qgIOgxYeqEBx/RMLhFSUM5/h5N2e/eNIdI5tbqhwiSE46k2y9OUntbTtuLUSF
ud7Cm7SwFhnu5x54gqzcfCjoMux7LzcUGU1vZ1l2E4tsRJWSbMIa5K/iIw5SCXzj
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:23:35 2025 by rpki-client