Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/QyIQhrwBc_E0RzmwfCK0p-xEPL8.roa
File: QyIQhrwBc_E0RzmwfCK0p-xEPL8.roa (raw, json)
Hash identifier: KU05TYN4aOywUPeCIgZViB5uKUpefnNLinujip3r7Ws=
Subject key identifier: 43:22:10:86:BC:01:73:F1:34:47:39:B0:7C:22:B4:A7:EC:44:3C:BF
Certificate issuer: /CN=af93102511e660263f8ef6e4c1f9ab32393839b2
Certificate serial: 01941FFA753BB225445CD7462261E7692A71
Authority key identifier: AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/QyIQhrwBc_E0RzmwfCK0p-xEPL8.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62121
IP address blocks: 193.200.90.0/23 maxlen: 23
2001:67c:564::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:75:3b:b2:25:44:5c:d7:46:22:61:e7:69:2a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af93102511e660263f8ef6e4c1f9ab32393839b2
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43221086bc0173f1344739b07c22b4a7ec443cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d1:27:6f:ba:50:b9:96:bb:cb:42:27:89:bc:
b3:72:6c:83:52:7d:ed:a4:74:73:01:12:5e:80:8c:
8a:57:05:76:d8:49:da:6b:8e:0a:c3:07:35:87:71:
92:b6:9e:90:54:4b:26:fc:c7:b0:39:71:a8:b7:06:
d8:95:2c:b6:b8:00:82:ca:58:bd:40:7a:3a:08:43:
20:eb:ff:83:d5:68:17:06:e8:89:aa:32:b9:c5:d9:
d9:01:db:43:8a:6d:e6:8c:ff:a0:7d:c6:19:4d:ca:
0c:a1:4e:1c:d1:3b:42:c8:ac:28:72:1a:8b:aa:92:
44:f6:a4:4c:83:35:ad:0e:c0:54:78:70:50:bd:96:
ac:d1:8f:35:c4:e7:fe:4c:f1:13:00:a3:d4:a6:15:
04:6f:04:0f:da:76:1f:67:f6:65:21:f7:5d:e5:1a:
fb:d6:ba:88:70:bf:7a:43:8f:03:dc:4d:ed:a0:13:
f1:bd:32:8f:4f:ee:85:b1:b5:7f:34:12:3f:f6:f0:
5f:76:3a:24:f3:61:e2:81:0a:ed:d7:ab:2a:3d:c9:
ba:dc:72:6e:18:57:5c:eb:f6:c4:45:f4:30:83:1b:
f2:bb:1e:c7:33:34:4d:fc:21:07:2d:11:1d:bd:15:
25:c6:04:aa:1f:e4:cf:72:31:6e:fd:a9:13:da:79:
4d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:22:10:86:BC:01:73:F1:34:47:39:B0:7C:22:B4:A7:EC:44:3C:BF
X509v3 Authority Key Identifier:
keyid:AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/QyIQhrwBc_E0RzmwfCK0p-xEPL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.90.0/23
IPv6:
2001:67c:564::/48
Signature Algorithm: sha256WithRSAEncryption
4e:8d:2b:e6:f7:18:fa:14:a1:5f:a7:10:23:40:89:4a:b9:fd:
d7:60:48:ad:21:76:ae:1c:3a:4d:9f:0a:22:a2:9f:09:91:e1:
b4:92:6e:7d:d8:b1:3e:38:05:cc:aa:a1:b0:c2:e9:f7:0c:4b:
4e:b7:87:b1:6d:24:f3:84:4f:21:ac:9f:c1:e2:91:67:b8:83:
06:06:5d:1b:85:c8:60:73:7a:8a:1e:e8:fe:5c:d5:88:d9:3c:
71:c0:58:c0:f3:02:6f:66:ae:c6:c4:ed:6e:f1:27:e0:97:73:
06:84:3a:41:e1:47:c2:af:1e:ff:95:20:1a:23:15:54:98:61:
01:6a:dd:32:a4:66:41:84:72:00:42:8c:da:b6:89:2a:29:33:
33:90:27:b3:f3:f2:d5:4f:c4:d2:a9:4f:e5:cb:30:ee:54:ef:
1e:e6:47:af:1e:36:86:96:26:ab:78:4e:9f:a6:29:2b:35:ee:
1d:04:19:93:8b:6a:fa:e6:b9:56:41:35:76:73:53:08:3d:4b:
85:b3:e7:49:bc:33:83:6b:cf:2d:85:8c:a2:1e:2f:9d:04:a5:
10:9a:9f:41:ce:00:00:9d:4b:e0:2d:2e:63:fe:6a:c5:38:65:
a4:28:88:71:f2:8e:e5:68:95:28:d7:c5:7f:77:ab:85:2d:9d:
f3:cc:41:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+nU7siVEXNdGImHnaSpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTMxMDI1MTFlNjYwMjYzZjhlZjZlNGMxZjlhYjMyMzkz
ODM5YjIwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzIyMTA4NmJjMDE3M2YxMzQ0NzM5YjA3YzIyYjRhN2VjNDQzY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NEnb7pQuZa7y0InibyzcmyDUn3t
pHRzARJegIyKVwV22Enaa44Kwwc1h3GStp6QVEsm/MewOXGotwbYlSy2uACCyli9
QHo6CEMg6/+D1WgXBuiJqjK5xdnZAdtDim3mjP+gfcYZTcoMoU4c0TtCyKwochqL
qpJE9qRMgzWtDsBUeHBQvZas0Y81xOf+TPETAKPUphUEbwQP2nYfZ/ZlIfdd5Rr7
1rqIcL96Q48D3E3toBPxvTKPT+6FsbV/NBI/9vBfdjok82HigQrt16sqPcm63HJu
GFdc6/bERfQwgxvyux7HMzRN/CEHLREdvRUlxgSqH+TPcjFu/akT2nlNkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMiEIa8AXPxNEc5sHwitKfsRDy/MB8GA1UdIwQY
MBaAFK+TECUR5mAmP4725MH5qzI5ODmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDkt
YTk1ZmUzMTAyNjQ1LzEvUXlJUWhyd0JjX0UwUnptd2ZDSzBwLXhFUEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDktYTk1ZmUzMTAyNjQ1
LzEvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwchaMA8E
AgACMAkDBwAgAQZ8BWQwDQYJKoZIhvcNAQELBQADggEBAE6NK+b3GPoUoV+nECNA
iUq5/ddgSK0hdq4cOk2fCiKinwmR4bSSbn3YsT44BcyqobDC6fcMS063h7FtJPOE
TyGsn8HikWe4gwYGXRuFyGBzeooe6P5c1YjZPHHAWMDzAm9mrsbE7W7xJ+CXcwaE
OkHhR8KvHv+VIBojFVSYYQFq3TKkZkGEcgBCjNq2iSopMzOQJ7Pz8tVPxNKpT+XL
MO5U7x7mR68eNoaWJqt4Tp+mKSs17h0EGZOLavrmuVZBNXZzUwg9S4Wz50m8M4Nr
zy2FjKIeL50EpRCan0HOAACdS+AtLmP+asU4ZaQoiHHyjuVolSjXxX93q4UtnfPM
Qdo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:22:11 2025 by rpki-client