Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Qv45l9CC_OtB7OS_57aAR1sJyvc.roa
File: Qv45l9CC_OtB7OS_57aAR1sJyvc.roa (raw, json)
Hash identifier: Mv6sqdxR24sbzw3gEqGiuaVF1p5QjBnxJTiW3StRP2M=
Subject key identifier: 42:FE:39:97:D0:82:FC:EB:41:EC:E4:BF:E7:B6:80:47:5B:09:CA:F7
Certificate issuer: /CN=15fedc1705576d97fe4ad20291de198473d8156f
Certificate serial: 0194252146BB9E67B2343CC432BD5D9CBF7C
Authority key identifier: 15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Qv45l9CC_OtB7OS_57aAR1sJyvc.roa
Signing time: Thu 02 Jan 2025 03:48:45 +0000
ROA not before: Thu 02 Jan 2025 03:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207992
IP address blocks: 194.9.172.0/23 maxlen: 23
194.9.172.0/24 maxlen: 24
194.9.173.0/24 maxlen: 24
194.11.20.0/23 maxlen: 23
194.11.20.0/24 maxlen: 24
194.11.21.0/24 maxlen: 24
2a04:ecc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:46:bb:9e:67:b2:34:3c:c4:32:bd:5d:9c:bf:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fedc1705576d97fe4ad20291de198473d8156f
Validity
Not Before: Jan 2 03:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42fe3997d082fceb41ece4bfe7b680475b09caf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:05:fa:59:4b:79:04:e7:73:1e:bc:20:57:fd:
af:3f:c6:9c:19:a6:d1:0b:01:e0:66:59:fb:07:97:
b8:4f:2f:62:6f:eb:96:70:8b:5d:85:d1:13:9d:c4:
d8:7c:af:06:31:12:40:ce:a7:7a:ba:d1:98:9c:78:
d7:d8:32:7f:f2:1d:59:99:3f:fc:58:b3:30:31:ca:
ea:d3:3a:45:32:f8:ce:d8:35:9d:52:d7:b1:89:34:
fd:6a:22:fb:68:14:b3:bb:92:d3:9d:24:c6:07:f9:
5b:d7:1f:df:1c:3c:0e:d6:69:f9:a7:1f:75:7f:8a:
69:df:61:a3:67:f5:14:e9:2d:88:2e:68:82:33:a9:
f7:11:87:b3:09:da:7a:f1:44:f2:47:90:f8:ae:dc:
96:e0:34:2a:1c:14:14:5b:6a:f4:5f:50:ba:aa:5e:
69:83:f1:7e:49:9b:e4:a1:3a:ea:5e:35:67:09:b0:
7b:93:9d:b8:b9:b0:9c:0e:f2:21:f4:42:ad:23:f6:
26:6f:0d:50:29:ce:67:0c:8e:10:7f:e4:61:dd:82:
d1:4f:fa:e1:51:d2:9d:81:9b:c7:cc:02:ec:14:b7:
1e:a9:9a:03:cb:5b:d4:3a:de:9c:a9:fd:0e:2c:b5:
1d:f5:b9:d9:cd:ee:94:e4:92:e4:74:f2:46:b1:6a:
89:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FE:39:97:D0:82:FC:EB:41:EC:E4:BF:E7:B6:80:47:5B:09:CA:F7
X509v3 Authority Key Identifier:
keyid:15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Qv45l9CC_OtB7OS_57aAR1sJyvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.172.0/23
194.11.20.0/23
IPv6:
2a04:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
61:09:5a:8b:73:e4:a1:b0:7e:b5:74:42:a8:4f:a1:97:9e:6b:
ea:b0:7e:38:ae:0e:11:d2:b7:56:42:c2:bd:3b:06:5d:3b:a1:
2c:71:3d:69:27:b6:7d:f8:03:d5:03:43:75:a0:59:9a:83:ec:
92:38:a6:50:ca:a4:8e:16:5d:60:c0:5d:95:c2:84:44:df:76:
4f:b4:3b:8f:f4:2e:fc:32:c8:e9:6a:9c:65:a3:30:4e:da:88:
f7:00:0e:59:8d:98:62:37:77:24:71:77:1d:9a:33:7e:68:db:
f2:5d:73:7c:12:49:42:13:b6:80:9d:43:4c:31:24:4e:03:9c:
ff:06:05:59:7d:97:e5:8e:9d:64:c6:34:0b:a4:b1:61:59:92:
e7:cd:9c:27:6c:d5:9a:2a:a9:a6:11:e6:24:e5:7f:55:19:03:
50:ff:41:36:63:10:ba:70:cb:59:f9:1d:76:18:8a:b0:63:de:
ba:fe:ce:b0:5b:6f:85:f0:63:1f:52:76:b3:eb:4b:ae:7c:f3:
98:26:41:bb:06:30:e1:51:d6:87:77:86:65:3c:0b:d7:8b:6f:
85:2b:6a:88:e7:d5:0a:ab:36:d4:ec:66:f0:63:c4:65:ce:6a:
b2:68:85:ad:6a:30:1f:94:56:9b:a2:66:29:4e:bd:65:f5:47:
10:a1:ac:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIUa7nmeyNDzEMr1dnL98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmVkYzE3MDU1NzZkOTdmZTRhZDIwMjkxZGUxOTg0NzNk
ODE1NmYwHhcNMjUwMTAyMDM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZlMzk5N2QwODJmY2ViNDFlY2U0YmZlN2I2ODA0NzViMDljYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAX6WUt5BOdzHrwgV/2vP8acGabR
CwHgZln7B5e4Ty9ib+uWcItdhdETncTYfK8GMRJAzqd6utGYnHjX2DJ/8h1ZmT/8
WLMwMcrq0zpFMvjO2DWdUtexiTT9aiL7aBSzu5LTnSTGB/lb1x/fHDwO1mn5px91
f4pp32GjZ/UU6S2ILmiCM6n3EYezCdp68UTyR5D4rtyW4DQqHBQUW2r0X1C6ql5p
g/F+SZvkoTrqXjVnCbB7k524ubCcDvIh9EKtI/Ymbw1QKc5nDI4Qf+Rh3YLRT/rh
UdKdgZvHzALsFLceqZoDy1vUOt6cqf0OLLUd9bnZze6U5JLkdPJGsWqJXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEL+OZfQgvzrQezkv+e2gEdbCcr3MB8GA1UdIwQY
MBaAFBX+3BcFV22X/krSApHeGYRz2BVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmY3Y0Z3VlhiWmYtU3RJQ2tkNFpoSFBZRlc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMjdlYjgtYWY2NC00NDZlLTg4ZWMt
ZDQ3MmU0OWY1OTFlLzEvUXY0NWw5Q0NfT3RCN09TXzU3YUFSMXNKeXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9lMjdlYjgtYWY2NC00NDZlLTg4ZWMtZDQ3MmU0OWY1OTFl
LzEvRmY3Y0Z3VlhiWmYtU3RJQ2tkNFpoSFBZRlc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwgmsAwQB
wgsUMA0EAgACMAcDBQMqBOzAMA0GCSqGSIb3DQEBCwUAA4IBAQBhCVqLc+ShsH61
dEKoT6GXnmvqsH44rg4R0rdWQsK9OwZdO6EscT1pJ7Z9+APVA0N1oFmag+ySOKZQ
yqSOFl1gwF2VwoRE33ZPtDuP9C78MsjpapxlozBO2oj3AA5ZjZhiN3ckcXcdmjN+
aNvyXXN8EklCE7aAnUNMMSROA5z/BgVZfZfljp1kxjQLpLFhWZLnzZwnbNWaKqmm
EeYk5X9VGQNQ/0E2YxC6cMtZ+R12GIqwY966/s6wW2+F8GMfUnaz60uufPOYJkG7
BjDhUdaHd4ZlPAvXi2+FK2qI59UKqzbU7GbwY8RlzmqyaIWtajAflFabomYpTr1l
9UcQoazO
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:09:08 2025 by rpki-client