Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/APQLTxMl3pLqmwI30v16puMc3-Q.roa
File: APQLTxMl3pLqmwI30v16puMc3-Q.roa (raw, json)
Hash identifier: AmdeWNinzz4Tm2w2xjWavNqVz3eyNoXLnnjvptkpLns=
Subject key identifier: 00:F4:0B:4F:13:25:DE:92:EA:9B:02:37:D2:FD:7A:A6:E3:1C:DF:E4
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427489F43F264D8BD3B64039502E6B2CB
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/APQLTxMl3pLqmwI30v16puMc3-Q.roa
Signing time: Thu 02 Jan 2025 13:50:58 +0000
ROA not before: Thu 02 Jan 2025 13:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213250
IP address blocks: 2.56.245.0/24 maxlen: 24
5.182.204.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.253.247.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
45.11.229.0/24 maxlen: 24
45.13.224.0/23 maxlen: 23
45.13.224.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
45.131.64.0/24 maxlen: 24
45.131.66.0/23 maxlen: 23
45.133.74.0/24 maxlen: 24
109.71.252.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
212.87.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:9f:43:f2:64:d8:bd:3b:64:03:95:02:e6:b2:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00f40b4f1325de92ea9b0237d2fd7aa6e31cdfe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:55:e2:9f:01:6e:dd:fb:7e:63:51:8d:50:
4c:af:e2:71:8b:fa:0c:f1:f4:5b:45:90:c9:00:0c:
3d:a1:70:98:cb:e5:14:bf:af:ff:d4:a4:3d:05:8b:
b4:56:51:18:4a:73:ef:93:3d:f0:4d:6a:0e:34:11:
e8:7c:be:ae:92:05:ce:27:21:dc:5f:c7:08:66:4d:
a8:32:13:09:31:57:86:82:6b:9b:e6:33:9c:1e:4c:
3c:9a:7f:72:98:51:24:82:85:e3:47:5d:5e:fc:4f:
74:cd:0a:f0:0a:f3:89:84:b7:46:a0:4a:40:f7:5f:
15:07:7f:4a:34:f2:de:e3:35:77:ee:c9:43:5f:6a:
c4:a8:23:d8:cc:7c:9e:2b:20:c5:f8:f8:0c:f2:cc:
a7:62:58:69:1a:68:cb:70:a5:44:bf:d6:24:e5:78:
cc:7f:7c:fd:6f:ff:24:17:c5:be:26:12:4f:22:31:
83:91:45:aa:07:b4:06:54:e6:91:b3:07:df:2a:a7:
ef:6b:51:57:36:74:13:97:a5:e5:00:dc:fe:43:03:
c2:e5:6c:df:af:a3:a6:e8:df:2b:80:1f:ce:fc:e8:
1c:cd:5b:c3:12:62:cf:6b:2f:98:ac:f6:fc:f1:e4:
05:10:e8:00:5f:fa:07:8d:75:c3:cc:aa:45:93:96:
c9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F4:0B:4F:13:25:DE:92:EA:9B:02:37:D2:FD:7A:A6:E3:1C:DF:E4
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/APQLTxMl3pLqmwI30v16puMc3-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
5.253.247.0/24
37.221.93.0/24
45.11.229.0/24
45.13.224.0/23
45.86.155.0/24
45.89.124.0/22
45.131.64.0/24
45.131.66.0/23
45.133.74.0/24
109.71.252.0/24
194.15.36.0/24
212.87.212.0/23
Signature Algorithm: sha256WithRSAEncryption
47:1b:8f:3c:10:06:50:bb:0c:b4:ce:71:eb:62:58:ef:4f:59:
ea:fc:17:4a:ea:15:23:e8:93:0c:dd:c0:45:d6:ce:15:96:a4:
59:c3:cd:8b:1b:3f:6b:5a:0b:fc:2b:d5:3e:09:b5:e2:6c:a4:
98:3a:73:d7:12:a3:47:69:bd:97:da:65:c7:a6:0b:42:0a:84:
ef:07:39:ff:89:23:1d:17:54:c7:71:49:0c:66:db:83:ea:11:
93:53:ee:14:df:7b:ca:c8:6f:c3:04:36:9f:87:1b:a6:a7:f9:
d3:3d:7e:92:e8:70:cb:ec:00:6a:f1:8e:76:74:0a:08:df:0b:
28:cd:fb:34:9a:65:20:21:d1:85:e6:9a:bd:bf:f6:74:84:21:
5e:e8:84:e6:da:6e:e4:be:13:7a:17:fd:23:cf:d2:58:a3:4b:
95:eb:58:d6:48:17:d3:dd:05:aa:7a:f8:d8:e3:f4:96:7c:70:
1f:4d:b8:fe:15:34:f7:61:e8:01:90:01:80:b8:d5:26:4b:66:
74:9e:b4:28:1b:9d:cc:2c:76:ef:c6:a7:c7:10:81:bf:cf:d7:
43:3f:70:1c:ed:c7:55:1f:02:98:9d:c7:40:ae:b2:60:c8:3f:
f3:cc:22:8f:e5:3d:7c:be:32:08:36:65:42:d8:10:73:92:05:
81:48:aa:60
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQnSJ9D8mTYvTtkA5UC5rLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY0MGI0ZjEzMjVkZTkyZWE5YjAyMzdkMmZkN2FhNmUzMWNkZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGZV4p8Bbt37fmNRjVBMr+Jxi/oM
8fRbRZDJAAw9oXCYy+UUv6//1KQ9BYu0VlEYSnPvkz3wTWoONBHofL6ukgXOJyHc
X8cIZk2oMhMJMVeGgmub5jOcHkw8mn9ymFEkgoXjR11e/E90zQrwCvOJhLdGoEpA
918VB39KNPLe4zV37slDX2rEqCPYzHyeKyDF+PgM8synYlhpGmjLcKVEv9Yk5XjM
f3z9b/8kF8W+JhJPIjGDkUWqB7QGVOaRswffKqfva1FXNnQTl6XlANz+QwPC5Wzf
r6Om6N8rgB/O/OgczVvDEmLPay+YrPb88eQFEOgAX/oHjXXDzKpFk5bJpQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAD0C08TJd6S6psCN9L9eqbjHN/kMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQVBRTFR4TWwzcExxbXdJMzB2MTZwdU1jMy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjj1AwQC
BbbMAwQCBfxkAwQABf33AwQAJd1dAwQALQvlAwQBLQ3gAwQALVabAwQCLVl8AwQA
LYNAAwQBLYNCAwQALYVKAwQAbUf8AwQAwg8kAwQB1FfUMA0GCSqGSIb3DQEBCwUA
A4IBAQBHG488EAZQuwy0znHrYljvT1nq/BdK6hUj6JMM3cBF1s4VlqRZw82LGz9r
Wgv8K9U+CbXibKSYOnPXEqNHab2X2mXHpgtCCoTvBzn/iSMdF1THcUkMZtuD6hGT
U+4U33vKyG/DBDafhxump/nTPX6S6HDL7ABq8Y52dAoI3wsozfs0mmUgIdGF5pq9
v/Z0hCFe6ITm2m7kvhN6F/0jz9JYo0uV61jWSBfT3QWqevjY4/SWfHAfTbj+FTT3
YegBkAGAuNUmS2Z0nrQoG53MLHbvxqfHEIG/z9dDP3Ac7cdVHwKYncdArrJgyD/z
zCKP5T18vjIINmVC2BBzkgWBSKpg
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:43 2025 by rpki-client