Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qGOQ_yXUb9fqfdc0pjv8GkkFrgA.roa
File: qGOQ_yXUb9fqfdc0pjv8GkkFrgA.roa (raw, json)
Hash identifier: 833QRTQTY31+HWX8nRUFCr/VNiol8C4z2kqd75zyrgI=
Subject key identifier: A8:63:90:FF:25:D4:6F:D7:EA:7D:D7:34:A6:3B:FC:1A:49:05:AE:00
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 019423D72ABDD73B13EB06C312B4E716C0EA
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qGOQ_yXUb9fqfdc0pjv8GkkFrgA.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204601
IP address blocks: 45.14.12.0/24 maxlen: 24
45.14.13.0/24 maxlen: 24
45.14.14.0/24 maxlen: 24
45.14.15.0/24 maxlen: 24
80.89.224.0/22 maxlen: 24
80.89.228.0/23 maxlen: 23
80.89.230.0/24 maxlen: 24
80.89.234.0/23 maxlen: 23
80.89.237.0/24 maxlen: 24
80.89.238.0/23 maxlen: 23
85.208.184.0/22 maxlen: 22
85.208.184.0/24 maxlen: 24
85.208.185.0/24 maxlen: 24
85.208.186.0/24 maxlen: 24
85.208.187.0/24 maxlen: 24
89.105.198.0/24 maxlen: 24
89.105.213.0/24 maxlen: 24
89.105.217.0/24 maxlen: 24
185.80.234.0/24 maxlen: 24
185.92.148.0/22 maxlen: 24
185.224.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2a:bd:d7:3b:13:eb:06:c3:12:b4:e7:16:c0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86390ff25d46fd7ea7dd734a63bfc1a4905ae00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:98:fb:91:92:1b:8f:5d:e6:fd:59:11:19:94:
27:dd:3d:c2:86:bf:b8:9e:f3:ed:bc:7e:92:47:1d:
7f:64:5e:87:57:c2:a9:12:a7:72:3c:65:31:ef:a6:
d1:38:f3:c0:24:4d:32:b4:8b:3d:8b:1d:8a:f0:c8:
cc:61:bc:73:d8:d7:2e:8c:ea:b1:68:6a:3d:75:59:
7a:88:98:52:15:6a:c8:cc:0f:ce:e8:33:ee:3f:7a:
49:a1:25:7f:65:3c:8a:70:e6:b9:2d:fc:ad:30:b9:
62:24:6e:40:2e:cf:17:c1:b5:a4:d3:6c:8f:68:65:
ad:15:5f:93:86:e8:8a:76:68:a1:d9:d5:7f:dc:b4:
fa:fb:ac:b3:bd:f2:35:dc:1a:78:b4:77:a0:cb:b6:
9f:96:0f:90:28:4c:96:59:1b:de:35:05:63:f5:a5:
00:76:b0:79:de:44:90:31:17:fb:f9:17:01:ad:50:
b2:07:8c:90:48:b8:c2:16:6d:5a:d2:e8:95:51:7c:
df:4d:ef:cd:1c:4e:62:47:d8:7a:5a:91:5a:17:69:
db:6e:f5:e9:f8:ce:46:2c:1b:9f:80:aa:86:c9:25:
07:fa:0a:55:28:38:7f:e0:f7:e2:53:5f:1a:0b:6d:
ce:ba:bb:6e:f0:d6:6a:8a:89:a3:95:49:24:0b:ca:
5f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:63:90:FF:25:D4:6F:D7:EA:7D:D7:34:A6:3B:FC:1A:49:05:AE:00
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qGOQ_yXUb9fqfdc0pjv8GkkFrgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.12.0/22
80.89.224.0-80.89.230.255
80.89.234.0/23
80.89.237.0-80.89.239.255
85.208.184.0/22
89.105.198.0/24
89.105.213.0/24
89.105.217.0/24
185.80.234.0/24
185.92.148.0/22
185.224.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:90:43:b6:04:3e:47:b0:b2:19:af:ea:ac:fb:8f:43:ac:21:
a4:2b:62:c6:61:0b:ad:94:ca:8d:8f:29:de:34:2a:85:17:5a:
5f:da:4e:98:9e:d6:e9:23:32:d8:7b:04:8c:d9:ae:54:06:05:
7f:44:24:7f:f8:21:de:8e:0f:52:10:38:83:ed:6b:04:b9:48:
3d:1e:4e:11:70:87:02:e0:5c:9b:f1:6e:87:0e:f3:be:3c:5f:
52:f6:71:f7:bf:28:9a:5b:77:5d:80:0a:d2:65:24:2b:52:45:
be:7c:ec:6a:8a:03:8e:96:09:bc:1c:89:98:08:06:22:09:39:
66:a6:f5:f2:a6:8e:24:d1:5f:32:67:7b:77:3c:d8:ea:60:ea:
f0:7e:a0:9f:ed:5d:f7:d6:61:b5:ee:99:b8:03:ca:66:f0:fc:
1d:0b:18:f4:af:c0:99:d3:65:1a:ec:4b:26:c8:5f:94:95:85:
16:12:9b:8a:0a:02:99:fe:6a:b1:41:00:b1:d4:c2:ac:2e:c1:
de:6a:e9:d4:4b:6d:90:dc:4d:dc:3d:a4:c1:f7:be:e8:c0:67:
e6:bb:ec:25:88:d3:c2:86:94:e2:96:d7:db:12:36:1e:b9:41:
55:be:35:4b:17:e4:0e:b0:d9:4b:5d:c0:b2:43:d9:6b:1d:1d:
78:04:a4:7a
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQj1yq91zsT6wbDErTnFsDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYzOTBmZjI1ZDQ2ZmQ3ZWE3ZGQ3MzRhNjNiZmMxYTQ5MDVhZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5j7kZIbj13m/VkRGZQn3T3Chr+4
nvPtvH6SRx1/ZF6HV8KpEqdyPGUx76bROPPAJE0ytIs9ix2K8MjMYbxz2NcujOqx
aGo9dVl6iJhSFWrIzA/O6DPuP3pJoSV/ZTyKcOa5LfytMLliJG5ALs8XwbWk02yP
aGWtFV+ThuiKdmih2dV/3LT6+6yzvfI13Bp4tHegy7aflg+QKEyWWRveNQVj9aUA
drB53kSQMRf7+RcBrVCyB4yQSLjCFm1a0uiVUXzfTe/NHE5iR9h6WpFaF2nbbvXp
+M5GLBufgKqGySUH+gpVKDh/4PfiU18aC23Ourtu8NZqiomjlUkkC8pfTQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFKhjkP8l1G/X6n3XNKY7/BpJBa4AMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvcUdPUV95WFViOWZxZmRjMHBqdjhHa2tGcmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCLQ4MMAwD
BAVQWeADBABQWeYDBAFQWeowDAMEAFBZ7QMEBFBZ4AMEAlXQuAMEAFlpxgMEAFlp
1QMEAFlp2QMEALlQ6gMEArlclAMEALng1zANBgkqhkiG9w0BAQsFAAOCAQEAH5BD
tgQ+R7CyGa/qrPuPQ6whpCtixmELrZTKjY8p3jQqhRdaX9pOmJ7W6SMy2HsEjNmu
VAYFf0Qkf/gh3o4PUhA4g+1rBLlIPR5OEXCHAuBcm/Fuhw7zvjxfUvZx978omlt3
XYAK0mUkK1JFvnzsaooDjpYJvByJmAgGIgk5Zqb18qaOJNFfMmd7dzzY6mDq8H6g
n+1d99Zhte6ZuAPKZvD8HQsY9K/AmdNlGuxLJshflJWFFhKbigoCmf5qsUEAsdTC
rC7B3mrp1EttkNxN3D2kwfe+6MBn5rvsJYjTwoaU4pbX2xI2HrlBVb41SxfkDrDZ
S13AskPZax0deASkeg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:27 2025 by rpki-client