Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QmjHvTGufjq0ZlMCHG_4cknc94I.roa
File: QmjHvTGufjq0ZlMCHG_4cknc94I.roa (raw, json)
Hash identifier: 8pvy3kSJg6NtqVC+vQRcK+wRdqPkaGFPY3Fr0Fi00fM=
Subject key identifier: 42:68:C7:BD:31:AE:7E:3A:B4:66:53:02:1C:6F:F8:72:49:DC:F7:82
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195F9D831168D56819AD703900E86F6D275
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QmjHvTGufjq0ZlMCHG_4cknc94I.roa
Signing time: Thu 03 Apr 2025 04:10:49 +0000
ROA not before: Thu 03 Apr 2025 04:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.83.138.0/24 maxlen: 24
5.175.238.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
89.144.5.0/24 maxlen: 24
89.144.11.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f9:d8:31:16:8d:56:81:9a:d7:03:90:0e:86:f6:d2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 3 04:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4268c7bd31ae7e3ab46653021c6ff87249dcf782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:c4:2a:a4:fb:a8:12:63:6b:c3:52:29:c0:
0f:cd:07:19:5c:d9:dc:03:10:9d:cc:68:0d:8e:8c:
a0:eb:32:e6:03:fe:9a:83:65:fe:23:84:32:00:da:
eb:e5:83:b4:a0:f6:66:72:b5:5c:d7:2e:6b:06:88:
31:8d:a7:f7:54:e7:25:13:84:47:d2:df:27:11:a6:
59:da:ba:ef:c8:30:87:af:12:e3:d9:45:95:7f:52:
46:a2:d0:20:81:ed:61:da:8d:12:24:bb:01:02:6c:
85:fc:d2:c5:8b:4f:88:c8:3c:cc:56:24:a9:38:28:
8f:75:42:99:6c:a6:bb:d9:54:24:dd:d1:13:b2:da:
e4:1a:f5:4d:3e:61:77:9b:a0:b4:9e:89:c9:73:ad:
04:20:c6:e1:be:e6:2b:df:8c:c7:39:e6:93:fb:1a:
bc:fc:5b:d2:ea:8f:c8:25:e1:68:bd:27:d5:0d:44:
32:99:bf:b2:e0:33:62:14:c2:51:b1:5f:52:0b:24:
98:73:79:00:a7:4e:13:3b:a6:25:8d:1e:13:36:50:
bd:bd:a9:eb:85:f2:1a:23:55:26:f9:ee:fe:38:9b:
d2:4b:87:25:c1:6a:15:be:3c:0b:3f:81:45:b0:1a:
bf:59:fc:00:bb:a0:7e:4f:6f:22:58:cb:5a:4c:49:
0b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:68:C7:BD:31:AE:7E:3A:B4:66:53:02:1C:6F:F8:72:49:DC:F7:82
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/QmjHvTGufjq0ZlMCHG_4cknc94I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.138.0/24
5.175.238.0/24
5.231.61.0/24
5.231.79.0/24
85.93.5.0/24
85.93.31.0/24
89.144.5.0/24
89.144.11.0/24
89.144.17.0-89.144.18.255
94.249.168.0/23
94.249.214.0/24
94.249.237.0/24
Signature Algorithm: sha256WithRSAEncryption
25:c2:0a:80:eb:11:74:75:97:30:70:0b:11:0b:a5:8a:dd:4a:
dc:6c:f7:38:fa:e7:6e:ef:a0:03:bf:1e:47:b3:66:03:5e:f6:
a6:7f:da:25:ac:ee:09:48:56:78:c9:fc:ae:77:06:49:bb:4f:
5e:38:d5:59:9d:6b:d4:cc:5b:b9:81:33:d7:75:30:6b:12:11:
b0:4e:fd:10:9e:a6:ab:51:1b:ec:2c:15:ed:f0:87:63:5e:dc:
90:b0:32:f7:03:7b:77:76:5d:c7:56:4f:5c:93:d3:09:8b:f5:
31:4d:ce:cc:dc:d5:a9:67:a9:53:b6:3c:a8:7b:3b:bc:cd:61:
a5:0b:b6:21:fc:e6:1c:1b:df:de:4f:df:d0:ec:5f:de:92:d5:
69:1f:6f:77:07:8e:96:04:da:5b:9b:7f:2d:1e:71:47:37:e1:
10:9e:47:f9:b9:75:27:2a:8f:30:2d:d9:75:29:81:61:ab:b6:
76:84:3f:58:ab:51:3e:bd:72:61:2b:c6:2b:23:43:cc:b7:b6:
c6:aa:d4:15:7e:bb:ce:4c:c0:ec:d7:4c:30:e4:4d:a4:b7:39:
ee:aa:d6:d2:24:ca:f1:f0:ce:13:aa:90:7a:8f:9d:b1:87:b0:
db:60:e2:ab:2d:7e:69:06:ed:ef:7a:cc:ff:cc:68:8e:9f:c6:
10:43:9c:03
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZX52DEWjVaBmtcDkA6G9tJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDAzMDQxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY4YzdiZDMxYWU3ZTNhYjQ2NjUzMDIxYzZmZjg3MjQ5ZGNmNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNPEKqT7qBJja8NSKcAPzQcZXNnc
AxCdzGgNjoyg6zLmA/6ag2X+I4QyANrr5YO0oPZmcrVc1y5rBogxjaf3VOclE4RH
0t8nEaZZ2rrvyDCHrxLj2UWVf1JGotAgge1h2o0SJLsBAmyF/NLFi0+IyDzMViSp
OCiPdUKZbKa72VQk3dETstrkGvVNPmF3m6C0nonJc60EIMbhvuYr34zHOeaT+xq8
/FvS6o/IJeFovSfVDUQymb+y4DNiFMJRsV9SCySYc3kAp04TO6YljR4TNlC9vanr
hfIaI1Um+e7+OJvSS4clwWoVvjwLP4FFsBq/WfwAu6B+T28iWMtaTEkLLQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEJox70xrn46tGZTAhxv+HJJ3PeCMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUW1qSHZUR3VmanEwWmxNQ0hHXzRja25jOTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABVOKAwQA
Ba/uAwQABec9AwQABedPAwQAVV0FAwQAVV0fAwQAWZAFAwQAWZALMAwDBABZkBED
BABZkBIDBAFe+agDBABe+dYDBABe+e0wDQYJKoZIhvcNAQELBQADggEBACXCCoDr
EXR1lzBwCxELpYrdStxs9zj6527voAO/HkezZgNe9qZ/2iWs7glIVnjJ/K53Bkm7
T1441Vmda9TMW7mBM9d1MGsSEbBO/RCepqtRG+wsFe3wh2Ne3JCwMvcDe3d2XcdW
T1yT0wmL9TFNzszc1alnqVO2PKh7O7zNYaULtiH85hwb395P39DsX96S1Wkfb3cH
jpYE2lubfy0ecUc34RCeR/m5dScqjzAt2XUpgWGrtnaEP1irUT69cmErxisjQ8y3
tsaq1BV+u85MwOzXTDDkTaS3Oe6q1tIkyvHwzhOqkHqPnbGHsNtg4qstfmkG7e96
zP/MaI6fxhBDnAM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:52 2025 by rpki-client