Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/sq58ozSBBYn9Pq2iD0u8A1RCXws.roa
File: sq58ozSBBYn9Pq2iD0u8A1RCXws.roa (raw, json)
Hash identifier: HPO9RE+AHD5O6YfVyp7Diuw2Q5Nz4j4DREm/1Ool0tA=
Subject key identifier: B2:AE:7C:A3:34:81:05:89:FD:3E:AD:A2:0F:4B:BC:03:54:42:5F:0B
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 0194DF1646E669A1E5EFC4DAE802B3E45D94
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/sq58ozSBBYn9Pq2iD0u8A1RCXws.roa
Signing time: Fri 07 Feb 2025 06:26:06 +0000
ROA not before: Fri 07 Feb 2025 06:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.21.0/24 maxlen: 24
217.12.22.0/23 maxlen: 23
217.12.23.0/24 maxlen: 24
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:16:46:e6:69:a1:e5:ef:c4:da:e8:02:b3:e4:5d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Feb 7 06:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2ae7ca334810589fd3eada20f4bbc0354425f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:55:e7:61:c8:12:f8:92:38:e3:28:80:eb:fd:
e9:c7:dc:3c:d0:13:ed:a7:75:6f:37:71:90:0c:a4:
50:cd:bf:63:bf:1a:b5:40:fb:54:45:74:20:fd:61:
f4:73:41:00:c2:4e:d0:13:8d:cb:48:5c:d1:b3:4d:
5b:18:5b:63:76:6b:43:bc:b9:76:1c:49:d1:64:4b:
0d:76:2a:10:aa:c4:40:91:bf:fa:18:aa:8c:2f:0a:
62:0b:27:9b:42:70:b6:53:b8:ee:55:77:4d:e9:54:
cc:9a:3b:ec:8f:9a:e7:7c:a3:a5:5d:66:b4:14:3c:
61:66:2c:80:e3:8e:e9:9d:a9:a3:48:dd:bf:39:d0:
78:c1:15:b1:63:aa:b2:a1:fb:ba:0c:53:fc:3c:55:
fd:c4:8b:04:b7:66:30:2b:85:a4:0d:96:84:af:c5:
fc:f0:ac:b9:ae:0c:d7:62:5c:5b:60:55:67:27:dc:
cd:ad:de:df:08:73:79:bd:e9:be:bf:92:c2:f3:f7:
af:11:2e:0f:16:66:d2:6b:cc:3b:58:c9:68:1a:30:
f2:99:0d:32:4e:26:59:c5:f3:ec:e6:61:d6:43:da:
5e:dc:76:3b:43:9b:15:07:b6:95:e0:1e:67:9d:56:
2e:93:0f:2b:e6:8d:4c:d3:da:ac:55:50:a5:00:b2:
ef:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AE:7C:A3:34:81:05:89:FD:3E:AD:A2:0F:4B:BC:03:54:42:5F:0B
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/sq58ozSBBYn9Pq2iD0u8A1RCXws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
97:38:0a:76:a5:3e:a8:5c:0b:79:f2:2b:4b:24:9b:c5:e7:04:
a3:9f:54:f0:a3:72:b4:95:00:45:f6:02:f5:c0:08:48:78:c7:
68:41:26:30:d7:af:2c:c4:9f:17:82:64:b2:20:1c:61:28:bc:
c4:4d:bd:0d:b5:33:02:d6:41:37:2b:58:f8:25:4d:a7:4c:36:
6b:9a:1e:8a:12:de:27:e9:d7:ea:ea:ab:1a:e8:02:c9:16:e6:
f7:9a:08:51:55:86:71:b1:7d:b6:24:1e:db:c7:ff:dc:f4:c8:
c0:42:db:fb:7f:51:78:47:56:bd:28:b0:6b:51:e2:69:3e:d5:
2e:06:15:cb:f3:aa:f8:c9:c8:ea:d4:8c:1b:66:1f:08:04:4b:
bb:7e:2f:4d:4d:04:11:90:05:17:f4:ca:3c:f4:42:22:be:41:
72:bb:19:ef:65:d5:cf:c2:d7:ed:41:9b:91:36:7e:6c:39:a0:
fb:a8:ac:44:00:e5:c2:85:02:be:ae:ae:95:17:ce:a7:5c:3f:
a6:50:28:a4:fc:7f:29:e4:70:11:66:99:2d:1a:50:a0:9f:e6:
01:c6:54:2b:26:90:f0:86:cf:f6:dd:28:b5:fe:9e:61:c2:0a:
ba:d2:46:f3:2e:a5:1c:61:95:8f:20:cb:24:d9:cf:9e:bc:ef:
26:02:3e:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTfFkbmaaHl78Ta6AKz5F2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjUwMjA3MDYyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmFlN2NhMzM0ODEwNTg5ZmQzZWFkYTIwZjRiYmMwMzU0NDI1ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVXnYcgS+JI44yiA6/3px9w80BPt
p3VvN3GQDKRQzb9jvxq1QPtURXQg/WH0c0EAwk7QE43LSFzRs01bGFtjdmtDvLl2
HEnRZEsNdioQqsRAkb/6GKqMLwpiCyebQnC2U7juVXdN6VTMmjvsj5rnfKOlXWa0
FDxhZiyA447pnamjSN2/OdB4wRWxY6qyofu6DFP8PFX9xIsEt2YwK4WkDZaEr8X8
8Ky5rgzXYlxbYFVnJ9zNrd7fCHN5vem+v5LC8/evES4PFmbSa8w7WMloGjDymQ0y
TiZZxfPs5mHWQ9pe3HY7Q5sVB7aV4B5nnVYukw8r5o1M09qsVVClALLvvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKufKM0gQWJ/T6tog9LvANUQl8LMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvc3E1OG96U0JCWW45UHEyaUQwdThBMVJDWHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucX0AwQE
2QwQMA0GCSqGSIb3DQEBCwUAA4IBAQCXOAp2pT6oXAt58itLJJvF5wSjn1Two3K0
lQBF9gL1wAhIeMdoQSYw168sxJ8XgmSyIBxhKLzETb0NtTMC1kE3K1j4JU2nTDZr
mh6KEt4n6dfq6qsa6ALJFub3mghRVYZxsX22JB7bx//c9MjAQtv7f1F4R1a9KLBr
UeJpPtUuBhXL86r4ycjq1IwbZh8IBEu7fi9NTQQRkAUX9Mo89EIivkFyuxnvZdXP
wtftQZuRNn5sOaD7qKxEAOXChQK+rq6VF86nXD+mUCik/H8p5HARZpktGlCgn+YB
xlQrJpDwhs/23Si1/p5hwgq60kbzLqUcYZWPIMsk2c+evO8mAj5h
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:38 2025 by rpki-client