Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/Q3_mv-tF2Z1EHDZHaZk8mJMN1bk.roa
File: Q3_mv-tF2Z1EHDZHaZk8mJMN1bk.roa (raw, json)
Hash identifier: oXSPeYLnMI9gMBulzyR8eDJwfmPdLhgYhc4vqS0U/tE=
Subject key identifier: 43:7F:E6:BF:EB:45:D9:9D:44:1C:36:47:69:99:3C:98:93:0D:D5:B9
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 019424451707E993ED3FEDDDCA7DC987ADD4
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/Q3_mv-tF2Z1EHDZHaZk8mJMN1bk.roa
Signing time: Wed 01 Jan 2025 23:48:15 +0000
ROA not before: Wed 01 Jan 2025 23:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209479
IP address blocks: 85.14.154.0/23 maxlen: 23
217.171.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:17:07:e9:93:ed:3f:ed:dd:ca:7d:c9:87:ad:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 23:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=437fe6bfeb45d99d441c364769993c98930dd5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0e:38:d3:d7:d1:71:76:54:83:e8:50:70:57:
45:6a:d0:78:d8:15:cf:46:33:c9:82:93:0b:5f:92:
f0:96:2b:5f:04:45:34:df:42:14:21:ab:ce:d3:4e:
3c:bb:72:bb:7d:d9:94:c7:90:8a:88:38:ba:62:b8:
aa:9d:ed:83:83:8c:3a:4f:55:c1:72:0b:f3:ae:29:
55:e1:0e:6a:42:ab:ac:79:49:7e:2b:8e:12:f7:48:
98:37:60:fa:64:80:7f:27:d6:25:a0:eb:d5:bb:b1:
b5:fe:ee:45:90:6d:d6:37:e6:7d:e1:8b:1c:e3:26:
d3:e3:96:05:06:f2:43:56:b0:3c:9f:11:f3:84:c2:
2b:e7:e5:65:c9:42:e5:36:6c:77:24:f3:19:22:9f:
fb:69:db:ed:2a:c4:16:d1:10:51:f8:f8:8b:72:52:
3d:9f:2d:23:b6:f9:cf:4b:e8:35:53:e1:fe:2e:a1:
71:fe:4d:75:89:d5:c0:4c:18:a7:7a:e2:e0:a1:94:
67:72:a4:04:77:9a:19:83:28:a0:d7:39:2d:d4:e2:
80:6b:89:50:16:9a:9a:22:b8:eb:2a:dd:c0:e4:71:
03:8d:8c:50:e0:37:46:33:40:8a:4b:d1:41:6a:91:
29:d8:1f:74:34:69:7f:62:5a:fd:af:56:3b:ae:b1:
c2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7F:E6:BF:EB:45:D9:9D:44:1C:36:47:69:99:3C:98:93:0D:D5:B9
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/Q3_mv-tF2Z1EHDZHaZk8mJMN1bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.154.0/23
217.171.24.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:e7:61:bd:2f:13:02:c1:75:3e:b4:9e:b8:dd:06:ea:1d:99:
e6:ca:d5:1f:8b:97:75:10:07:30:65:78:27:e5:85:67:c8:ec:
b8:16:55:8b:7b:2d:63:23:0e:32:cc:80:82:a4:a9:9a:8e:02:
e0:2c:6c:49:ab:18:7b:42:37:2b:ea:4a:5a:f9:fb:07:c6:a2:
ee:60:30:0f:01:56:41:d1:7f:80:68:35:32:94:76:db:d6:7a:
14:4a:de:68:75:ff:f8:57:d1:82:93:8e:01:79:5b:de:c8:8c:
53:bc:f8:fd:24:9c:39:15:46:3b:6e:1e:d2:68:cc:f3:d7:fa:
ac:df:aa:22:2e:a2:94:1d:a0:e4:d0:9d:ac:ee:a3:2a:68:8e:
1d:10:bd:8a:ae:51:c0:15:43:f6:7a:cb:ec:61:5d:85:b5:bb:
7b:a9:33:80:a9:b6:c7:71:46:b4:a9:34:3b:80:c0:02:bc:e4:
1a:69:1e:17:53:3a:40:ab:f3:e2:da:52:61:a9:49:e9:5d:d4:
5c:9c:f6:12:45:e1:0c:a0:06:7a:7f:e6:40:54:2e:0a:af:f7:
d7:9b:a4:c5:36:d6:10:c0:1b:b2:74:9c:ba:6e:b2:56:35:6e:
c0:2d:4a:63:1f:5d:7b:85:6e:6d:43:29:80:cf:d1:ee:b9:47:
48:9c:ae:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRRcH6ZPtP+3dyn3Jh63UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjUwMTAxMjM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdmZTZiZmViNDVkOTlkNDQxYzM2NDc2OTk5M2M5ODkzMGRkNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA4409fRcXZUg+hQcFdFatB42BXP
RjPJgpMLX5LwlitfBEU030IUIavO0048u3K7fdmUx5CKiDi6Yriqne2Dg4w6T1XB
cgvzrilV4Q5qQquseUl+K44S90iYN2D6ZIB/J9YloOvVu7G1/u5FkG3WN+Z94Ysc
4ybT45YFBvJDVrA8nxHzhMIr5+VlyULlNmx3JPMZIp/7advtKsQW0RBR+PiLclI9
ny0jtvnPS+g1U+H+LqFx/k11idXATBineuLgoZRncqQEd5oZgyig1zkt1OKAa4lQ
FpqaIrjrKt3A5HEDjYxQ4DdGM0CKS9FBapEp2B90NGl/Ylr9r1Y7rrHCkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEN/5r/rRdmdRBw2R2mZPJiTDdW5MB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvUTNfbXYtdEYyWjFFSERaSGFaazhtSk1OMWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVQ6aAwQB
2asYMA0GCSqGSIb3DQEBCwUAA4IBAQCe52G9LxMCwXU+tJ643QbqHZnmytUfi5d1
EAcwZXgn5YVnyOy4FlWLey1jIw4yzICCpKmajgLgLGxJqxh7Qjcr6kpa+fsHxqLu
YDAPAVZB0X+AaDUylHbb1noUSt5odf/4V9GCk44BeVveyIxTvPj9JJw5FUY7bh7S
aMzz1/qs36oiLqKUHaDk0J2s7qMqaI4dEL2KrlHAFUP2esvsYV2Ftbt7qTOAqbbH
cUa0qTQ7gMACvOQaaR4XUzpAq/Pi2lJhqUnpXdRcnPYSReEMoAZ6f+ZAVC4Kr/fX
m6TFNtYQwBuydJy6brJWNW7ALUpjH117hW5tQymAz9HuuUdInK41
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:00:28 2025 by rpki-client