Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/mC6qnnktw8ocqw8es0LfRst29xw.roa
File: mC6qnnktw8ocqw8es0LfRst29xw.roa (raw, json)
Hash identifier: ppmb2PFwvp6zlS01nCp0DE/SrZFmg3TuLccALf3DpFI=
Subject key identifier: 98:2E:AA:9E:79:2D:C3:CA:1C:AB:0F:1E:B3:42:DF:46:CB:76:F7:1C
Certificate issuer: /CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Certificate serial: 019427B57B13047CFF384F63CEAF013BCB2E
Authority key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/mC6qnnktw8ocqw8es0LfRst29xw.roa
Signing time: Thu 02 Jan 2025 15:49:52 +0000
ROA not before: Thu 02 Jan 2025 15:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 5.8.96.0/19 maxlen: 24
5.63.168.0/21 maxlen: 24
37.148.224.0/21 maxlen: 24
45.33.224.0/20 maxlen: 24
77.239.128.0/19 maxlen: 24
80.210.96.0/19 maxlen: 24
81.21.16.0/20 maxlen: 24
82.97.224.0/20 maxlen: 24
82.113.192.0/19 maxlen: 24
82.134.192.0/18 maxlen: 24
82.180.32.0/19 maxlen: 24
83.217.176.0/20 maxlen: 24
95.142.176.0/20 maxlen: 24
150.252.224.0/20 maxlen: 24
176.57.112.0/20 maxlen: 24
178.236.160.0/20 maxlen: 24
185.3.108.0/22 maxlen: 24
185.25.72.0/22 maxlen: 24
217.61.160.0/20 maxlen: 24
2a00:7ca0::/32 maxlen: 32
2a02:1630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 09:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:7b:13:04:7c:ff:38:4f:63:ce:af:01:3b:cb:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Validity
Not Before: Jan 2 15:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=982eaa9e792dc3ca1cab0f1eb342df46cb76f71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8e:ea:08:52:a2:e8:c2:5e:83:ac:73:c5:a8:
a9:86:97:ae:42:33:91:be:b5:49:6d:3f:52:b9:20:
f9:84:9a:69:e8:2a:ff:20:78:00:2e:f3:04:29:db:
c6:1a:d2:15:5f:6e:21:a7:ee:58:0e:90:12:39:30:
e9:e1:58:2f:8a:e3:c9:b5:13:28:0c:65:34:81:f1:
9e:76:ed:a6:2d:63:78:e9:6a:94:94:3e:f0:21:75:
3d:9c:a3:c4:7b:91:5b:45:d4:01:bb:80:47:87:cb:
d9:d6:91:2b:4f:ab:d4:04:d7:f4:1d:6b:b8:ad:a6:
30:5e:e6:6b:1b:50:87:c1:e3:02:3d:c0:13:5e:00:
bf:ef:a3:3a:31:7f:e2:53:ab:03:ca:eb:2c:a6:f7:
bf:67:b2:32:03:d3:ce:91:c0:1d:b3:a1:cc:1b:92:
00:55:33:e5:1e:d5:85:3c:0c:cd:4c:20:62:d5:73:
f2:ea:6d:a7:b1:f0:9a:67:cf:16:b2:a9:72:17:1d:
a0:b0:48:98:60:2e:a9:6b:91:ed:88:ff:a4:60:0d:
c1:0f:c7:11:a0:a8:09:35:cd:39:66:9b:62:be:34:
8e:05:fb:cd:2c:70:ea:5d:0f:65:76:97:66:67:ba:
f4:65:68:c2:73:e2:d9:3a:4b:cb:9e:f5:9f:12:cc:
51:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2E:AA:9E:79:2D:C3:CA:1C:AB:0F:1E:B3:42:DF:46:CB:76:F7:1C
X509v3 Authority Key Identifier:
keyid:42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/mC6qnnktw8ocqw8es0LfRst29xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.96.0/19
5.63.168.0/21
37.148.224.0/21
45.33.224.0/20
77.239.128.0/19
80.210.96.0/19
81.21.16.0/20
82.97.224.0/20
82.113.192.0/19
82.134.192.0/18
82.180.32.0/19
83.217.176.0/20
95.142.176.0/20
150.252.224.0/20
176.57.112.0/20
178.236.160.0/20
185.3.108.0/22
185.25.72.0/22
217.61.160.0/20
IPv6:
2a00:7ca0::/32
2a02:1630::/32
Signature Algorithm: sha256WithRSAEncryption
a0:bd:df:ce:56:93:93:8f:07:8c:60:fa:15:19:5d:d0:30:96:
2c:db:c7:d1:f2:28:0f:14:8a:d0:d0:2f:04:f9:a7:fd:1e:76:
90:4e:91:a3:4d:d6:35:b7:4c:af:9f:e7:c1:8a:0a:2c:95:e7:
6f:a6:cc:8b:26:dc:df:b4:13:9d:ca:01:2c:af:58:6a:d8:96:
85:7f:e2:7c:b7:fe:e9:c0:04:2d:30:7c:6a:26:e6:fd:e8:5b:
27:08:e1:30:44:88:a4:6a:f3:c8:85:ce:90:6f:95:5c:f4:5e:
3c:94:39:fc:65:d6:b3:ff:d2:66:e4:62:ea:e4:22:9c:4e:75:
4a:b6:a5:57:6e:2d:e3:d0:68:30:3f:f7:e5:91:3f:61:9c:0f:
e0:42:a5:b7:45:79:c3:41:0c:2b:be:ca:95:3b:f9:52:11:38:
3b:69:20:a8:ea:aa:74:ed:a3:fa:12:3d:ec:93:ec:56:9c:53:
58:0c:0c:15:ad:16:d0:ca:fc:06:60:33:d3:85:e1:fd:19:69:
a8:59:68:02:d6:03:8e:04:c1:09:ad:8c:e1:b3:da:4f:23:ca:
92:99:33:0e:03:00:f8:fe:ca:6d:e9:ef:b4:a4:7e:ec:6e:31:
13:c3:04:a9:37:7b:11:05:a8:f5:4e:37:06:ca:2a:8e:c6:39:
8c:54:78:e8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZQntXsTBHz/OE9jzq8BO8suMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2RlMzY1ZDdkMmI1ODUwNmU0ZDRhYmYwYzJlZjdjZDVl
M2I0NjIwHhcNMjUwMTAyMTU0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJlYWE5ZTc5MmRjM2NhMWNhYjBmMWViMzQyZGY0NmNiNzZmNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw47qCFKi6MJeg6xzxaiphpeuQjOR
vrVJbT9SuSD5hJpp6Cr/IHgALvMEKdvGGtIVX24hp+5YDpASOTDp4VgviuPJtRMo
DGU0gfGedu2mLWN46WqUlD7wIXU9nKPEe5FbRdQBu4BHh8vZ1pErT6vUBNf0HWu4
raYwXuZrG1CHweMCPcATXgC/76M6MX/iU6sDyusspve/Z7IyA9POkcAds6HMG5IA
VTPlHtWFPAzNTCBi1XPy6m2nsfCaZ88WsqlyFx2gsEiYYC6pa5HtiP+kYA3BD8cR
oKgJNc05ZptivjSOBfvNLHDqXQ9ldpdmZ7r0ZWjCc+LZOkvLnvWfEsxRowIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJguqp55LcPKHKsPHrNC30bLdvccMB8GA1UdIwQY
MBaAFELN42XX0rWFBuTUq/DC73zV47RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEt
MDJlMWJkNjA1MGU1LzEvbUM2cW5ua3R3OG9jcXc4ZXMwTGZSc3QyOXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEtMDJlMWJkNjA1MGU1
LzEvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByAwQFBQhg
AwQDBT+oAwQDJZTgAwQELSHgAwQFTe+AAwQFUNJgAwQEURUQAwQEUmHgAwQFUnHA
AwQGUobAAwQFUrQgAwQEU9mwAwQEX46wAwQElvzgAwQEsDlwAwQEsuygAwQCuQNs
AwQCuRlIAwQE2T2gMBQEAgACMA4DBQAqAHygAwUAKgIWMDANBgkqhkiG9w0BAQsF
AAOCAQEAoL3fzlaTk48HjGD6FRld0DCWLNvH0fIoDxSK0NAvBPmn/R52kE6Ro03W
NbdMr5/nwYoKLJXnb6bMiybc37QTncoBLK9YatiWhX/ifLf+6cAELTB8aibm/ehb
JwjhMESIpGrzyIXOkG+VXPRePJQ5/GXWs//SZuRi6uQinE51SralV24t49BoMD/3
5ZE/YZwP4EKlt0V5w0EMK77KlTv5UhE4O2kgqOqqdO2j+hI97JPsVpxTWAwMFa0W
0Mr8BmAz04Xh/RlpqFloAtYDjgTBCa2M4bPaTyPKkpkzDgMA+P7KbenvtKR+7G4x
E8MEqTd7EQWo9U43BsoqjsY5jFR46A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:00:07 2025 by rpki-client