Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/DrQJgIgCadGbo__38qvLm4f2buQ.roa
File: DrQJgIgCadGbo__38qvLm4f2buQ.roa (raw, json)
Hash identifier: Wx23py7fw++y8qecqXEe1C97qUaOVg6INU3OjKvg+YE=
Subject key identifier: 0E:B4:09:80:88:02:69:D1:9B:A3:FF:F7:F2:AB:CB:9B:87:F6:6E:E4
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 01942521CB98DE93E51AF57B9A4FC09977F8
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/DrQJgIgCadGbo__38qvLm4f2buQ.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198247
IP address blocks: 141.105.160.0/23 maxlen: 23
185.26.24.0/24 maxlen: 24
185.203.228.0/24 maxlen: 24
185.203.229.0/24 maxlen: 24
185.203.230.0/23 maxlen: 23
2a02:f407:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:cb:98:de:93:e5:1a:f5:7b:9a:4f:c0:99:77:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb40980880269d19ba3fff7f2abcb9b87f66ee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:99:b3:b0:b2:ba:e5:ba:ae:69:f7:e2:96:
6a:47:98:65:69:92:c8:60:5e:db:70:b5:76:c9:3f:
ec:c7:e5:93:dc:5c:26:72:29:07:de:66:d4:22:03:
22:bd:ee:fa:a8:f3:1f:33:30:13:9b:57:87:77:49:
d4:1e:15:26:bb:9f:2f:4b:90:3c:92:62:fb:28:6b:
6e:a9:91:6f:35:46:ac:2b:e7:1d:7c:70:24:db:2d:
57:bf:f1:fe:74:e1:f0:26:35:b1:4a:3e:c9:04:45:
c4:3f:d6:58:56:13:17:92:28:85:14:74:71:0a:74:
dc:56:32:80:3f:63:1b:c2:7e:4b:3f:27:51:9d:27:
72:8f:c7:a8:2e:6b:a1:2e:dd:07:ec:0b:db:cc:00:
8c:e7:ac:2d:60:0e:40:7e:1d:88:59:40:55:11:47:
65:e9:60:af:85:b3:1e:f3:2e:18:66:52:73:fd:93:
80:e1:09:dd:b4:36:fc:40:9f:02:7f:07:d9:32:ba:
f5:36:2c:9e:4c:16:bd:32:55:2f:d8:de:e7:17:f7:
df:cf:9c:df:34:9f:b7:48:fb:94:1b:4d:5d:e5:31:
95:ae:54:07:e3:cd:71:0e:81:36:6b:0b:42:5d:97:
e5:5e:a4:09:8a:ee:8e:c3:0d:c4:4e:ca:09:69:56:
cb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B4:09:80:88:02:69:D1:9B:A3:FF:F7:F2:AB:CB:9B:87:F6:6E:E4
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/DrQJgIgCadGbo__38qvLm4f2buQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.160.0/23
185.26.24.0/24
185.203.228.0/22
IPv6:
2a02:f407:4::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ed:ef:d9:ce:c1:12:fc:97:3b:04:1b:5b:f5:66:1f:c3:b6:
29:2e:f1:0c:ec:36:60:30:a4:28:2a:dd:15:38:78:08:70:d7:
bb:2c:35:03:1b:f7:87:a1:6e:2c:a1:5e:d6:9d:a4:44:4a:97:
ac:47:dd:b7:c1:1b:96:fe:0d:e3:67:d2:9d:c3:9e:24:56:4d:
40:43:d6:76:40:d0:f7:61:6f:43:6b:09:38:be:c0:c2:ba:81:
1a:f4:64:cf:09:95:9f:4e:fc:ce:2f:9a:6d:4f:30:d0:b3:5e:
e5:5a:99:10:11:53:79:89:93:7d:1d:72:fd:79:fb:77:d4:60:
b3:92:24:7b:49:57:6d:d7:4e:f5:c3:96:57:b4:12:d1:b1:75:
a0:be:33:9e:8e:2c:66:00:e9:3e:fc:b8:6b:7c:d0:4c:c0:bf:
1a:c4:05:d0:eb:11:2b:3f:4d:ef:fb:03:51:92:19:af:14:17:
77:35:a9:23:5b:02:3d:66:b1:40:d8:f8:4e:82:02:54:68:57:
e5:6c:12:11:33:d5:91:ef:14:4d:81:ad:45:de:a8:6d:42:14:
12:e6:fb:b5:4e:7f:4c:f7:8a:3a:ae:1b:73:37:4a:f9:b0:bc:
e2:1b:0d:c9:a6:06:8a:a8:31:65:83:28:01:bf:3e:27:c3:25:
f6:9c:b1:3f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQlIcuY3pPlGvV7mk/AmXf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWI0MDk4MDg4MDI2OWQxOWJhM2ZmZjdmMmFiY2I5Yjg3ZjY2ZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJqZs7CyuuW6rmn34pZqR5hlaZLI
YF7bcLV2yT/sx+WT3FwmcikH3mbUIgMive76qPMfMzATm1eHd0nUHhUmu58vS5A8
kmL7KGtuqZFvNUasK+cdfHAk2y1Xv/H+dOHwJjWxSj7JBEXEP9ZYVhMXkiiFFHRx
CnTcVjKAP2Mbwn5LPydRnSdyj8eoLmuhLt0H7AvbzACM56wtYA5Afh2IWUBVEUdl
6WCvhbMe8y4YZlJz/ZOA4QndtDb8QJ8CfwfZMrr1NiyeTBa9MlUv2N7nF/ffz5zf
NJ+3SPuUG01d5TGVrlQH481xDoE2awtCXZflXqQJiu6Oww3ETsoJaVbLPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA60CYCIAmnRm6P/9/Kry5uH9m7kMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvRHJRSmdJZ0NhZEdib19fMzhxdkxtNGYyYnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBjWmgAwQA
uRoYAwQCucvkMA8EAgACMAkDBwAqAvQHAAQwDQYJKoZIhvcNAQELBQADggEBAH7t
79nOwRL8lzsEG1v1Zh/Dtiku8QzsNmAwpCgq3RU4eAhw17ssNQMb94ehbiyhXtad
pERKl6xH3bfBG5b+DeNn0p3DniRWTUBD1nZA0Pdhb0NrCTi+wMK6gRr0ZM8JlZ9O
/M4vmm1PMNCzXuVamRARU3mJk30dcv15+3fUYLOSJHtJV23XTvXDlle0EtGxdaC+
M56OLGYA6T78uGt80EzAvxrEBdDrESs/Te/7A1GSGa8UF3c1qSNbAj1msUDY+E6C
AlRoV+VsEhEz1ZHvFE2BrUXeqG1CFBLm+7VOf0z3ijquG3M3SvmwvOIbDcmmBoqo
MWWDKAG/PifDJfacsT8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:40 2025 by rpki-client