Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QHIf5Do5OrPxvPRk4N89rtSkZS0.roa
File: QHIf5Do5OrPxvPRk4N89rtSkZS0.roa (raw, json)
Hash identifier: c4BZiy80ac6JrpTPBJtG2s8jLge4jnJI8rEg4vxOa6c=
Subject key identifier: 40:72:1F:E4:3A:39:3A:B3:F1:BC:F4:64:E0:DF:3D:AE:D4:A4:65:2D
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428280E3A979582DD9062FF4A4862C820
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QHIf5Do5OrPxvPRk4N89rtSkZS0.roa
Signing time: Thu 02 Jan 2025 17:55:01 +0000
ROA not before: Thu 02 Jan 2025 17:55:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24964
IP address blocks: 82.103.126.0/24 maxlen: 24
82.103.127.0/24 maxlen: 24
89.253.163.0/24 maxlen: 24
195.34.123.0/24 maxlen: 24
212.91.184.0/24 maxlen: 24
212.91.185.0/24 maxlen: 24
212.91.186.0/24 maxlen: 24
212.91.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:0e:3a:97:95:82:dd:90:62:ff:4a:48:62:c8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40721fe43a393ab3f1bcf464e0df3daed4a4652d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:0f:af:7b:66:00:01:d1:7a:aa:c1:5d:cd:
39:b9:7f:4c:4f:3a:64:18:7c:3c:db:6d:7c:0d:fe:
56:4d:c8:1a:9d:01:7f:37:cf:c8:a7:3b:ff:c0:48:
a2:3c:44:77:57:cf:99:46:e4:ff:ae:55:96:1a:02:
6f:a0:ac:5b:b3:d6:02:85:f1:20:6f:3f:53:e1:89:
ee:93:aa:94:73:72:d9:a8:97:7b:09:ea:89:03:82:
7e:ae:58:24:fc:26:28:51:6d:bd:3b:aa:8f:01:a2:
7a:51:53:3f:2c:1c:6e:3d:78:0a:a8:85:4b:72:76:
47:4c:86:11:b3:bd:97:ff:e8:01:59:26:ac:dd:78:
56:8c:d8:4c:20:6b:ff:9e:29:32:9f:ae:b1:41:c5:
97:4c:97:3b:ad:c3:4b:ff:44:42:d9:02:6b:7f:47:
a2:09:8e:da:f1:e5:0a:bf:da:2e:52:27:9a:87:57:
d7:b7:1a:f2:2a:ef:61:b6:10:05:5b:05:61:74:a6:
14:17:76:03:11:18:d9:88:90:a9:a6:d2:fd:be:8b:
b9:6a:cf:c4:2a:1c:0c:7e:de:dc:f7:59:a7:07:69:
3c:c9:59:b9:72:21:45:32:42:d7:f1:25:b5:cd:82:
5b:98:82:20:e6:fb:22:50:6d:99:ea:8a:d8:cf:ef:
14:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:72:1F:E4:3A:39:3A:B3:F1:BC:F4:64:E0:DF:3D:AE:D4:A4:65:2D
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/QHIf5Do5OrPxvPRk4N89rtSkZS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.103.126.0/23
89.253.163.0/24
195.34.123.0/24
212.91.184.0/22
Signature Algorithm: sha256WithRSAEncryption
11:f1:7c:c6:00:40:61:50:33:9e:b7:53:8f:6d:09:3e:02:94:
30:71:35:37:79:67:ab:50:f0:a6:08:41:c0:6c:fb:73:79:a0:
cc:bf:1d:09:61:83:2d:84:54:26:14:8e:45:ca:f4:7d:55:a7:
e7:f3:cf:64:18:92:46:b9:2c:ec:43:7a:ce:45:64:56:d2:5e:
4e:fc:c0:41:ad:34:6c:47:ad:7d:c5:fb:58:00:57:86:c7:56:
8b:c3:1f:73:af:8a:5a:95:37:fe:e3:06:f5:72:bb:91:49:49:
4b:42:41:cf:a7:9e:60:69:cd:a4:76:90:3a:71:15:e8:0c:f4:
d4:6e:81:5f:f3:54:71:25:da:6c:e8:31:a8:44:47:d4:a7:97:
67:73:05:ff:42:af:a1:f3:c9:a5:dd:36:29:8d:3f:96:c0:1f:
19:76:1b:95:30:06:5e:f9:8d:c5:91:03:fd:d6:a5:ea:62:d0:
09:65:1e:1a:3c:16:04:68:8e:78:36:ea:be:83:87:8e:44:30:
f6:99:68:6b:9d:dd:ed:b9:2b:f0:cb:55:87:c6:04:85:11:c2:
03:69:4c:cd:54:8a:49:97:b2:82:4f:23:51:88:10:ba:89:ca:
0b:38:56:72:f8:4f:aa:20:20:f7:44:bb:26:a9:bd:6d:72:0f:
64:0c:3c:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoKA46l5WC3ZBi/0pIYsggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcyMWZlNDNhMzkzYWIzZjFiY2Y0NjRlMGRmM2RhZWQ0YTQ2NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEkPr3tmAAHReqrBXc05uX9MTzpk
GHw82218Df5WTcganQF/N8/Ipzv/wEiiPER3V8+ZRuT/rlWWGgJvoKxbs9YChfEg
bz9T4Ynuk6qUc3LZqJd7CeqJA4J+rlgk/CYoUW29O6qPAaJ6UVM/LBxuPXgKqIVL
cnZHTIYRs72X/+gBWSas3XhWjNhMIGv/nikyn66xQcWXTJc7rcNL/0RC2QJrf0ei
CY7a8eUKv9ouUieah1fXtxryKu9hthAFWwVhdKYUF3YDERjZiJCpptL9vou5as/E
KhwMft7c91mnB2k8yVm5ciFFMkLX8SW1zYJbmIIg5vsiUG2Z6orYz+8UgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEByH+Q6OTqz8bz0ZODfPa7UpGUtMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvUUhJZjVEbzVPclB4dlBSazROODlydFNrWlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUmd+AwQA
Wf2jAwQAwyJ7AwQC1Fu4MA0GCSqGSIb3DQEBCwUAA4IBAQAR8XzGAEBhUDOet1OP
bQk+ApQwcTU3eWerUPCmCEHAbPtzeaDMvx0JYYMthFQmFI5FyvR9Vafn889kGJJG
uSzsQ3rORWRW0l5O/MBBrTRsR619xftYAFeGx1aLwx9zr4palTf+4wb1cruRSUlL
QkHPp55gac2kdpA6cRXoDPTUboFf81RxJdps6DGoREfUp5dncwX/Qq+h88ml3TYp
jT+WwB8ZdhuVMAZe+Y3FkQP91qXqYtAJZR4aPBYEaI54Nuq+g4eORDD2mWhrnd3t
uSvwy1WHxgSFEcIDaUzNVIpJl7KCTyNRiBC6icoLOFZy+E+qICD3RLsmqb1tcg9k
DDxW
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:42:42 2025 by rpki-client