Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/GQ1DSO1of_qyrqxkPQTC0ENKnfg.roa
File: GQ1DSO1of_qyrqxkPQTC0ENKnfg.roa (raw, json)
Hash identifier: nTd0zjLE6XtOMPZyttCDWktzUnkCfLfuxFOPmZBOHEs=
Subject key identifier: 19:0D:43:48:ED:68:7F:FA:B2:AE:AC:64:3D:04:C2:D0:43:4A:9D:F8
Certificate issuer: /CN=567190854786a16afa6b0ec78dfb0620abaacfef
Certificate serial: 0194FA09106A9D499835B2B4C036CF15652A
Authority key identifier: 56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/GQ1DSO1of_qyrqxkPQTC0ENKnfg.roa
Signing time: Wed 12 Feb 2025 12:01:25 +0000
ROA not before: Wed 12 Feb 2025 12:01:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20712
IP address blocks: 5.172.160.0/20 maxlen: 24
5.172.170.0/24 maxlen: 24
81.2.64.0/18 maxlen: 24
81.187.0.0/16 maxlen: 24
81.187.161.0/24 maxlen: 24
90.155.0.0/18 maxlen: 24
90.155.64.0/19 maxlen: 24
90.155.96.0/20 maxlen: 20
178.238.144.0/20 maxlen: 24
194.4.172.0/22 maxlen: 24
217.169.0.0/19 maxlen: 24
2001:8b0::/32 maxlen: 63
2001:8b0:a::666/128 maxlen: 128
2001:8b6::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:09:10:6a:9d:49:98:35:b2:b4:c0:36:cf:15:65:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567190854786a16afa6b0ec78dfb0620abaacfef
Validity
Not Before: Feb 12 12:01:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=190d4348ed687ffab2aeac643d04c2d0434a9df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:15:3a:63:4f:15:d6:2c:a4:76:8a:a2:79:26:
3f:57:a7:63:e8:94:79:22:1f:19:ab:fb:8a:48:20:
8e:e5:cc:83:d7:95:93:f5:aa:8b:2f:fc:73:33:e3:
96:e0:39:8e:55:5f:d0:62:d1:0e:2e:e4:36:cd:a6:
ca:77:e6:5a:99:bf:05:b8:fa:9e:a5:45:03:20:ad:
03:f6:8a:82:db:e7:e7:89:a1:88:fb:5f:d2:0f:5b:
3b:3c:0a:0f:d3:27:06:1f:a6:d3:7b:99:db:1e:eb:
f4:eb:04:b1:2f:48:8e:75:63:48:e7:31:0c:ae:03:
fb:ff:40:76:e8:b4:78:79:cc:59:8c:a2:9b:bb:e6:
34:c8:ea:7e:00:a7:35:30:e0:45:c3:c9:8e:f5:2a:
2a:16:45:bc:fc:ba:15:e7:ed:0d:35:d2:76:ba:83:
a3:cc:e6:ed:62:c2:08:ba:d7:88:1b:88:ad:66:90:
6b:75:70:52:89:2d:79:77:a0:9e:e4:ff:e7:ab:1e:
a9:68:15:75:2f:ee:5d:1e:9a:89:b0:ac:2d:40:20:
55:00:7b:f8:b4:d6:76:bd:15:37:8a:58:a5:d2:ce:
11:f3:42:d8:d5:a1:b5:1e:70:02:d5:da:93:de:c0:
3a:c7:04:d7:c9:a5:04:a2:f6:e7:b0:f4:74:75:ff:
8d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0D:43:48:ED:68:7F:FA:B2:AE:AC:64:3D:04:C2:D0:43:4A:9D:F8
X509v3 Authority Key Identifier:
keyid:56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/GQ1DSO1of_qyrqxkPQTC0ENKnfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.160.0/20
81.2.64.0/18
81.187.0.0/16
90.155.0.0-90.155.111.255
178.238.144.0/20
194.4.172.0/22
217.169.0.0/19
IPv6:
2001:8b0::/32
2001:8b6::/32
Signature Algorithm: sha256WithRSAEncryption
7a:68:ab:e8:8d:ad:ee:7e:6d:a6:99:da:8c:17:e7:29:7b:e0:
53:98:62:c5:97:f4:26:ce:c4:a5:3c:ff:b6:65:ee:f9:02:64:
8d:d8:8b:b9:e3:07:7a:5f:27:b9:f4:99:97:bd:2d:17:9a:a5:
c8:80:63:36:05:67:3b:ae:36:cd:9f:5e:89:c8:1c:70:e3:f0:
e7:e3:e8:2b:89:f3:68:77:cc:42:5c:63:ca:45:d6:06:30:7a:
da:0f:e1:a8:dc:9c:18:d1:9f:4a:68:a8:66:8b:09:86:c9:aa:
11:f7:3b:76:09:97:e0:a7:55:37:c4:0b:b8:72:74:8f:7f:12:
4d:05:20:1c:6e:12:29:00:4f:c5:1e:42:78:77:0f:29:99:79:
8e:66:0d:15:2b:25:7d:ec:71:67:a7:e0:f7:d0:65:dc:0e:ac:
d2:99:aa:ed:67:3e:b3:bb:2e:c8:2d:05:b8:f1:93:ad:16:39:
fe:24:f3:fc:74:3b:ae:d2:cb:7a:d3:d8:0f:43:e5:23:31:67:
aa:1c:d1:35:fe:df:07:25:66:bd:4a:2f:32:cd:6a:3d:3b:cd:
a2:99:86:d0:43:19:c3:19:df:b0:d6:75:a9:91:fd:c2:b7:04:
cd:dd:44:d9:a3:1c:58:63:3a:5e:e0:81:b7:cb:44:c6:85:cf:
b6:ce:fd:03
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZT6CRBqnUmYNbK0wDbPFWUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzE5MDg1NDc4NmExNmFmYTZiMGVjNzhkZmIwNjIwYWJh
YWNmZWYwHhcNMjUwMjEyMTIwMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBkNDM0OGVkNjg3ZmZhYjJhZWFjNjQzZDA0YzJkMDQzNGE5ZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xU6Y08V1iykdoqieSY/V6dj6JR5
Ih8Zq/uKSCCO5cyD15WT9aqLL/xzM+OW4DmOVV/QYtEOLuQ2zabKd+Zamb8FuPqe
pUUDIK0D9oqC2+fniaGI+1/SD1s7PAoP0ycGH6bTe5nbHuv06wSxL0iOdWNI5zEM
rgP7/0B26LR4ecxZjKKbu+Y0yOp+AKc1MOBFw8mO9SoqFkW8/LoV5+0NNdJ2uoOj
zObtYsIIuteIG4itZpBrdXBSiS15d6Ce5P/nqx6paBV1L+5dHpqJsKwtQCBVAHv4
tNZ2vRU3ilil0s4R80LY1aG1HnAC1dqT3sA6xwTXyaUEovbnsPR0df+NeQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFBkNQ0jtaH/6sq6sZD0EwtBDSp34MB8GA1UdIwQY
MBaAFFZxkIVHhqFq+msOx437BiCrqs/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEt
NzNmZjQwOTU5MzQ4LzEvR1ExRFNPMW9mX3F5cnF4a1BRVEMwRU5LbmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEtNzNmZjQwOTU5MzQ4
LzEvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQEBaygAwQG
UQJAAwMAUbswCwMDAFqbAwQEWptgAwQEsu6QAwQCwgSsAwQF2akAMBQEAgACMA4D
BQAgAQiwAwUAIAEItjANBgkqhkiG9w0BAQsFAAOCAQEAemir6I2t7n5tppnajBfn
KXvgU5hixZf0Js7EpTz/tmXu+QJkjdiLueMHel8nufSZl70tF5qlyIBjNgVnO642
zZ9eicgccOPw5+PoK4nzaHfMQlxjykXWBjB62g/hqNycGNGfSmioZosJhsmqEfc7
dgmX4KdVN8QLuHJ0j38STQUgHG4SKQBPxR5CeHcPKZl5jmYNFSslfexxZ6fg99Bl
3A6s0pmq7Wc+s7suyC0FuPGTrRY5/iTz/HQ7rtLLetPYD0PlIzFnqhzRNf7fByVm
vUovMs1qPTvNopmG0EMZwxnfsNZ1qZH9wrcEzd1E2aMcWGM6XuCBt8tExoXPts79
Aw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:14 2025 by rpki-client