Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qDoj_j8K1MEi3gkhWRsZSOIgx1A.roa
File: qDoj_j8K1MEi3gkhWRsZSOIgx1A.roa (raw, json)
Hash identifier: KQ/ULaEOawFqs6J48FCUQ/7ITaqm4rfcH35TOxxL5Co=
Subject key identifier: A8:3A:23:FE:3F:0A:D4:C1:22:DE:09:21:59:1B:19:48:E2:20:C7:50
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195F1BADC9D3D66C004B3AEB0BA30760413
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qDoj_j8K1MEi3gkhWRsZSOIgx1A.roa
Signing time: Tue 01 Apr 2025 14:21:49 +0000
ROA not before: Tue 01 Apr 2025 14:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31025
IP address blocks: 5.231.254.0/24 maxlen: 24
2a02:2fc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:ba:dc:9d:3d:66:c0:04:b3:ae:b0:ba:30:76:04:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 1 14:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a83a23fe3f0ad4c122de0921591b1948e220c750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:66:41:35:35:13:55:3f:d8:b4:e0:9b:07:
32:53:70:aa:e6:6b:1d:dc:28:14:ef:0d:0f:5f:c4:
05:44:72:3b:09:c9:fe:0c:9e:54:16:97:6c:f4:2d:
ab:9a:ec:56:16:97:df:5d:17:03:a7:10:f2:11:6a:
48:b3:68:c0:04:37:73:e6:0d:ba:8d:f0:63:cd:f5:
4d:71:15:29:7a:2a:33:7b:70:68:50:e6:06:81:ab:
89:47:e2:49:53:1a:32:e8:5f:91:84:56:3b:13:9f:
34:25:a3:5c:a7:a6:56:53:b2:50:44:fc:6a:b0:a8:
5f:b7:69:d7:b4:ea:d7:04:c0:a3:3e:b1:e7:62:2e:
3f:cd:41:05:e6:89:f6:43:45:00:af:ae:cb:d1:4b:
84:36:32:04:8d:c0:7a:c6:cd:60:4d:9d:b0:62:6a:
d8:0d:37:7c:25:18:09:38:bb:63:61:2a:95:8a:9e:
25:5e:29:08:f7:85:e1:fb:7e:1a:ac:a5:a5:45:1c:
1f:87:be:79:b4:0a:81:c7:32:4d:10:73:c3:e0:40:
59:fd:55:72:d3:24:1a:5f:e2:be:ef:53:96:35:6e:
1a:f1:44:b4:3d:1f:3e:27:3b:d8:9b:36:8c:6a:24:
63:40:8f:ee:99:c8:44:a0:44:62:97:f2:f7:46:a1:
26:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3A:23:FE:3F:0A:D4:C1:22:DE:09:21:59:1B:19:48:E2:20:C7:50
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/qDoj_j8K1MEi3gkhWRsZSOIgx1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.254.0/24
IPv6:
2a02:2fc0::/48
Signature Algorithm: sha256WithRSAEncryption
64:28:97:03:4a:4e:b6:84:fa:ac:26:c5:f3:c4:eb:a6:32:86:
13:a4:7b:9d:03:e6:d0:37:c9:12:7a:ba:b9:15:93:35:0b:2c:
da:86:e1:d8:ee:6e:a3:d0:34:a3:6b:13:93:44:10:28:d4:37:
55:20:24:2f:2e:17:64:3b:59:3b:8a:09:69:ce:e4:cd:6c:c6:
d5:dd:ca:35:30:a0:73:90:86:d3:0f:8c:21:5f:37:88:a2:a3:
ed:9a:0b:70:fc:ad:f0:c6:5c:6f:1c:6c:a5:82:ba:e4:74:a3:
26:ad:17:1b:37:a3:81:7f:b9:70:48:3f:4f:03:ad:35:7a:e3:
81:6d:aa:da:d5:be:4d:a9:d2:00:41:a0:a0:9d:c7:7c:0e:b9:
cc:ca:ae:f7:aa:a1:6b:d9:0f:19:0b:33:fd:14:5c:71:99:08:
70:a0:7e:6c:4c:fe:1e:dc:de:53:3e:b1:fe:e0:24:5f:48:a3:
3a:11:04:cc:52:16:3c:e8:7a:09:db:da:75:12:a4:e6:1c:ce:
3b:02:ae:23:fa:33:9e:96:f8:fb:5d:4a:6b:f9:35:b5:b8:66:
cf:35:83:0b:3a:a0:77:6b:a2:e4:4b:c6:5f:fe:8f:b9:c8:09:
ad:06:17:83:1b:6b:56:a0:07:34:bf:f0:19:4f:f0:26:2b:1b:
27:34:9f:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZXxutydPWbABLOusLowdgQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDAxMTQyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODNhMjNmZTNmMGFkNGMxMjJkZTA5MjE1OTFiMTk0OGUyMjBjNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsBmQTU1E1U/2LTgmwcyU3Cq5msd
3CgU7w0PX8QFRHI7Ccn+DJ5UFpds9C2rmuxWFpffXRcDpxDyEWpIs2jABDdz5g26
jfBjzfVNcRUpeioze3BoUOYGgauJR+JJUxoy6F+RhFY7E580JaNcp6ZWU7JQRPxq
sKhft2nXtOrXBMCjPrHnYi4/zUEF5on2Q0UAr67L0UuENjIEjcB6xs1gTZ2wYmrY
DTd8JRgJOLtjYSqVip4lXikI94Xh+34arKWlRRwfh755tAqBxzJNEHPD4EBZ/VVy
0yQaX+K+71OWNW4a8US0PR8+JzvYmzaMaiRjQI/umchEoERil/L3RqEmRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKg6I/4/CtTBIt4JIVkbGUjiIMdQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcURval9qOEsxTUVpM2draFdSc1pTT0lneDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABef+MA8E
AgACMAkDBwAqAi/AAAAwDQYJKoZIhvcNAQELBQADggEBAGQolwNKTraE+qwmxfPE
66YyhhOke50D5tA3yRJ6urkVkzULLNqG4djubqPQNKNrE5NEECjUN1UgJC8uF2Q7
WTuKCWnO5M1sxtXdyjUwoHOQhtMPjCFfN4iio+2aC3D8rfDGXG8cbKWCuuR0oyat
Fxs3o4F/uXBIP08DrTV644FtqtrVvk2p0gBBoKCdx3wOuczKrveqoWvZDxkLM/0U
XHGZCHCgfmxM/h7c3lM+sf7gJF9IozoRBMxSFjzoegnb2nUSpOYczjsCriP6M56W
+PtdSmv5NbW4Zs81gws6oHdrouRLxl/+j7nICa0GF4Mba1agBzS/8BlP8CYrGyc0
n1U=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:21 2025 by rpki-client