Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/qPQvBbAxayZH2DtXKePm47b3aIg.roa
File: qPQvBbAxayZH2DtXKePm47b3aIg.roa (raw, json)
Hash identifier: +EzjnlPCeBdtqBhNoYoGX7VYz3jpTXt4JQidHMxpNYI=
Subject key identifier: A8:F4:2F:05:B0:31:6B:26:47:D8:3B:57:29:E3:E6:E3:B6:F7:68:88
Certificate issuer: /CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Certificate serial: 019424B31FEBD79E4FBE87D9590721BCEEB0
Authority key identifier: 6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/qPQvBbAxayZH2DtXKePm47b3aIg.roa
Signing time: Thu 02 Jan 2025 01:48:26 +0000
ROA not before: Thu 02 Jan 2025 01:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201967
IP address blocks: 193.104.143.0/24 maxlen: 24
2a0c:2380::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:1f:eb:d7:9e:4f:be:87:d9:59:07:21:bc:ee:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f57eb49196dd2e0606d5977c2b74b101b79bc0b
Validity
Not Before: Jan 2 01:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8f42f05b0316b2647d83b5729e3e6e3b6f76888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bf:14:a8:cb:51:7e:5e:29:bc:95:6c:44:56:
03:55:50:56:51:85:63:cd:2c:0f:a1:34:30:ff:b5:
5a:62:2e:9d:ec:85:96:68:33:16:58:96:2f:30:26:
80:b2:a9:cf:99:d3:36:ed:15:bd:02:ad:9b:10:85:
32:87:12:55:20:fd:8c:69:45:42:8c:47:d2:05:14:
4d:12:41:83:9a:5f:1c:1d:1e:20:3d:2c:52:4c:0d:
e7:e8:54:fd:f4:d7:f9:41:a7:1a:d8:9c:15:d5:89:
e3:9e:3d:3d:3e:2f:2d:a6:45:86:01:fe:a2:62:a9:
30:98:71:ca:52:75:3f:29:f6:8f:27:b1:37:fe:6c:
1d:fc:67:84:39:c3:c7:4c:9a:10:29:37:3d:29:00:
84:ac:60:5d:1b:01:8c:55:8d:ee:6e:b2:09:ba:18:
f8:fd:c0:b5:34:94:45:01:d1:bd:94:28:98:13:c1:
d3:d4:50:84:39:5f:42:e1:d3:5a:9a:71:37:e5:a5:
e6:c1:87:6b:cc:32:a5:cd:b4:fa:3f:cf:b5:cc:3c:
53:a4:b2:6b:81:6a:14:5a:03:23:38:6f:d0:0e:bc:
79:d2:1e:e6:ca:c7:3d:3e:96:8a:2f:25:e1:28:87:
83:0c:d9:c8:8b:f8:d1:a5:01:c7:93:9c:36:e4:0a:
d3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F4:2F:05:B0:31:6B:26:47:D8:3B:57:29:E3:E6:E3:B6:F7:68:88
X509v3 Authority Key Identifier:
keyid:6F:57:EB:49:19:6D:D2:E0:60:6D:59:77:C2:B7:4B:10:1B:79:BC:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1frSRlt0uBgbVl3wrdLEBt5vAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/qPQvBbAxayZH2DtXKePm47b3aIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c7bf4a-da97-4b5b-8719-37b3e244c063/1/b1frSRlt0uBgbVl3wrdLEBt5vAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.143.0/24
IPv6:
2a0c:2380::/29
Signature Algorithm: sha256WithRSAEncryption
a0:8a:b4:5c:09:5b:c3:cf:37:d4:8d:2b:97:d5:89:e3:5d:15:
b3:f6:c9:81:4a:ab:78:77:30:b3:9b:d3:c7:c1:6e:30:42:20:
da:b1:9c:77:18:2c:dc:5e:9e:8c:58:6a:0f:ea:ea:b2:46:ea:
95:69:03:06:87:b8:6c:f8:b2:d9:a9:25:85:c4:82:0b:aa:e4:
3e:7e:96:39:ad:6b:10:f4:47:d6:85:25:c5:18:dc:bf:e7:e1:
e2:91:e4:c5:a4:b4:44:d7:d8:be:19:84:87:60:d0:a8:f9:87:
85:d8:99:b0:1c:35:2f:e1:bb:c3:c2:19:88:ce:27:7f:fc:f0:
a9:92:46:cc:1f:5c:44:e8:e4:fd:7c:62:24:aa:61:81:4f:1f:
1f:cd:be:66:60:d5:f5:8e:e0:11:ce:2e:99:61:6d:4b:b7:18:
e5:e9:78:9d:6a:28:57:93:45:87:41:53:3e:29:8f:73:25:77:
71:ca:7f:c7:78:7c:a6:85:37:ce:34:72:92:b3:b3:cc:96:b7:
01:04:56:27:e5:04:6e:75:09:15:1c:93:32:ee:50:04:91:16:
96:58:a1:3b:b2:31:f6:0c:b6:e9:74:f4:53:b1:56:3a:9c:8a:
97:ed:d3:b4:b3:fb:b2:cf:63:79:80:a6:a8:c5:66:d2:e1:76:
cf:b3:9a:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksx/r155PvofZWQchvO6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTdlYjQ5MTk2ZGQyZTA2MDZkNTk3N2MyYjc0YjEwMWI3
OWJjMGIwHhcNMjUwMTAyMDE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGY0MmYwNWIwMzE2YjI2NDdkODNiNTcyOWUzZTZlM2I2Zjc2ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr8UqMtRfl4pvJVsRFYDVVBWUYVj
zSwPoTQw/7VaYi6d7IWWaDMWWJYvMCaAsqnPmdM27RW9Aq2bEIUyhxJVIP2MaUVC
jEfSBRRNEkGDml8cHR4gPSxSTA3n6FT99Nf5Qaca2JwV1Ynjnj09Pi8tpkWGAf6i
YqkwmHHKUnU/KfaPJ7E3/mwd/GeEOcPHTJoQKTc9KQCErGBdGwGMVY3ubrIJuhj4
/cC1NJRFAdG9lCiYE8HT1FCEOV9C4dNamnE35aXmwYdrzDKlzbT6P8+1zDxTpLJr
gWoUWgMjOG/QDrx50h7mysc9PpaKLyXhKIeDDNnIi/jRpQHHk5w25ArT6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKj0LwWwMWsmR9g7Vynj5uO292iIMB8GA1UdIwQY
MBaAFG9X60kZbdLgYG1Zd8K3SxAbebwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTkt
MzdiM2UyNDRjMDYzLzEvcVBRdkJiQXhheVpIMkR0WEtlUG00N2IzYUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jN2JmNGEtZGE5Ny00YjViLTg3MTktMzdiM2UyNDRjMDYz
LzEvYjFmclNSbHQwdUJnYlZsM3dyZExFQnQ1dkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWiPMA0E
AgACMAcDBQMqDCOAMA0GCSqGSIb3DQEBCwUAA4IBAQCgirRcCVvDzzfUjSuX1Ynj
XRWz9smBSqt4dzCzm9PHwW4wQiDasZx3GCzcXp6MWGoP6uqyRuqVaQMGh7hs+LLZ
qSWFxIILquQ+fpY5rWsQ9EfWhSXFGNy/5+HikeTFpLRE19i+GYSHYNCo+YeF2Jmw
HDUv4bvDwhmIzid//PCpkkbMH1xE6OT9fGIkqmGBTx8fzb5mYNX1juARzi6ZYW1L
txjl6XidaihXk0WHQVM+KY9zJXdxyn/HeHymhTfONHKSs7PMlrcBBFYn5QRudQkV
HJMy7lAEkRaWWKE7sjH2DLbpdPRTsVY6nIqX7dO0s/uyz2N5gKaoxWbS4XbPs5rL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:00 2025 by rpki-client