Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cqbUYqsbSYXIfSiBukg90Gc936Y.roa
File: cqbUYqsbSYXIfSiBukg90Gc936Y.roa (raw, json)
Hash identifier: LzQNDCL/aZurm6oAMR++uuBOjG2XQnBuljRideYwmHU=
Subject key identifier: 72:A6:D4:62:AB:1B:49:85:C8:7D:28:81:BA:48:3D:D0:67:3D:DF:A6
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019427B5A430B8445386E87188BA22EB03CE
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cqbUYqsbSYXIfSiBukg90Gc936Y.roa
Signing time: Thu 02 Jan 2025 15:50:03 +0000
ROA not before: Thu 02 Jan 2025 15:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46844
IP address blocks: 37.9.44.0/22 maxlen: 22
91.243.89.0/24 maxlen: 24
91.243.92.0/24 maxlen: 24
91.243.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a4:30:b8:44:53:86:e8:71:88:ba:22:eb:03:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 15:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a6d462ab1b4985c87d2881ba483dd0673ddfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:66:43:5a:9c:cc:9b:b1:d9:f3:dc:4e:4a:
08:bf:a2:b1:b4:ee:eb:88:6b:1b:13:49:4e:70:ed:
e4:93:9d:86:0e:6d:4b:cc:24:5c:a3:d6:d0:19:87:
c1:8c:01:fc:56:d9:ea:aa:00:d0:be:5b:a9:ca:68:
14:fb:a1:dc:df:66:a3:fd:5e:aa:73:38:98:8c:ab:
9b:b1:f0:ac:c1:15:28:4c:7d:dd:41:f7:eb:f7:46:
9b:42:b3:73:d3:f2:c1:cf:b8:82:a3:53:3d:3d:ef:
fa:5b:e0:9e:c2:ba:84:ea:b3:32:53:84:76:ea:4c:
be:74:5e:1b:28:87:a1:2d:55:ad:24:db:d5:de:26:
3a:53:3b:cf:09:01:a4:3e:e6:c2:84:d8:64:4d:17:
98:89:59:e5:47:a3:40:b1:2b:11:40:8a:71:40:95:
44:69:56:38:4a:70:0d:3e:b7:b9:33:9b:74:fa:e4:
1a:ee:3a:5b:6e:0d:ba:8c:1a:d1:5d:02:0d:dc:94:
9a:41:41:71:13:db:03:8c:30:c5:bf:ef:0a:f9:68:
fd:b6:4b:d2:3f:f8:c3:51:a5:65:58:00:53:4a:bc:
58:3d:3f:90:09:be:62:00:21:06:f1:2c:b6:cc:a3:
06:b7:90:5b:15:0f:54:39:0c:e2:a1:e0:07:df:1a:
e3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A6:D4:62:AB:1B:49:85:C8:7D:28:81:BA:48:3D:D0:67:3D:DF:A6
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cqbUYqsbSYXIfSiBukg90Gc936Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.44.0/22
91.243.89.0/24
91.243.92.0/24
91.243.94.0/24
Signature Algorithm: sha256WithRSAEncryption
79:8e:1d:93:80:5d:28:04:32:a3:dd:db:2b:e3:21:39:fd:d4:
cf:2e:80:b3:c0:6d:3a:6b:7d:33:54:06:3e:75:ab:4d:73:98:
79:2e:12:8f:87:89:69:94:af:09:f5:cc:18:bc:cb:e9:29:70:
0c:56:f1:b7:be:d1:70:33:75:ea:34:df:78:ca:d6:5c:6b:d3:
34:38:4e:86:f2:6f:db:31:dc:4f:42:76:f5:29:b6:80:0e:de:
ab:a0:b9:b5:32:68:4c:da:f7:f1:b6:c7:fe:bc:e5:40:4d:ad:
b8:e0:ef:8d:bc:b2:42:01:e0:48:ba:9b:b1:a5:d3:2f:53:54:
fb:eb:61:78:8c:b1:92:c0:d7:8a:b7:71:71:9a:fb:2a:0b:8e:
a4:26:9a:36:7e:c1:31:40:ec:e8:53:e1:52:90:72:01:3f:21:
12:94:37:f3:d1:be:83:e6:dc:d3:62:a0:8a:5b:fe:be:c3:e6:
ea:93:e9:75:03:3a:77:66:3a:13:a4:c0:bb:e1:79:ff:8f:cd:
f7:70:2e:7d:bc:8e:c8:86:3f:b3:5e:89:be:01:9d:20:a7:21:
51:c9:7d:24:c0:3d:91:f9:9d:bd:22:06:11:de:99:da:63:cd:
bf:35:9b:e1:c3:fc:58:c3:23:74:5e:2c:e3:05:88:49:ea:f1:
7e:a4:ce:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntaQwuERThuhxiLoi6wPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMTAyMTU1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE2ZDQ2MmFiMWI0OTg1Yzg3ZDI4ODFiYTQ4M2RkMDY3M2RkZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPBmQ1qczJux2fPcTkoIv6KxtO7r
iGsbE0lOcO3kk52GDm1LzCRco9bQGYfBjAH8VtnqqgDQvlupymgU+6Hc32aj/V6q
cziYjKubsfCswRUoTH3dQffr90abQrNz0/LBz7iCo1M9Pe/6W+CewrqE6rMyU4R2
6ky+dF4bKIehLVWtJNvV3iY6UzvPCQGkPubChNhkTReYiVnlR6NAsSsRQIpxQJVE
aVY4SnANPre5M5t0+uQa7jpbbg26jBrRXQIN3JSaQUFxE9sDjDDFv+8K+Wj9tkvS
P/jDUaVlWABTSrxYPT+QCb5iACEG8Sy2zKMGt5BbFQ9UOQzioeAH3xrjvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHKm1GKrG0mFyH0ogbpIPdBnPd+mMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvY3FiVVlxc2JTWVhJZlNpQnVrZzkwR2M5MzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJQksAwQA
W/NZAwQAW/NcAwQAW/NeMA0GCSqGSIb3DQEBCwUAA4IBAQB5jh2TgF0oBDKj3dsr
4yE5/dTPLoCzwG06a30zVAY+datNc5h5LhKPh4lplK8J9cwYvMvpKXAMVvG3vtFw
M3XqNN94ytZca9M0OE6G8m/bMdxPQnb1KbaADt6roLm1MmhM2vfxtsf+vOVATa24
4O+NvLJCAeBIupuxpdMvU1T762F4jLGSwNeKt3FxmvsqC46kJpo2fsExQOzoU+FS
kHIBPyESlDfz0b6D5tzTYqCKW/6+w+bqk+l1Azp3ZjoTpMC74Xn/j833cC59vI7I
hj+zXom+AZ0gpyFRyX0kwD2R+Z29IgYR3pnaY82/NZvhw/xYwyN0XizjBYhJ6vF+
pM4W
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:27:13 2025 by rpki-client