Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/qzWk5-tX1dtfAmhnDDRvZojGxVg.roa
File: qzWk5-tX1dtfAmhnDDRvZojGxVg.roa (raw, json)
Hash identifier: YU+z/z5QXW9h6ddAKutU3rUI45hV42wPHKYxAfH9OjY=
Subject key identifier: AB:35:A4:E7:EB:57:D5:DB:5F:02:68:67:0C:34:6F:66:88:C6:C5:58
Certificate issuer: /CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Certificate serial: 01963DC25DD21CB5A4A6791A84CE70F6CCBB
Authority key identifier: CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/qzWk5-tX1dtfAmhnDDRvZojGxVg.roa
Signing time: Wed 16 Apr 2025 08:41:10 +0000
ROA not before: Wed 16 Apr 2025 08:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56547
IP address blocks: 31.24.232.0/21 maxlen: 21
31.24.232.0/22 maxlen: 22
31.24.232.0/24 maxlen: 24
31.24.233.0/24 maxlen: 24
31.24.234.0/24 maxlen: 24
31.24.235.0/24 maxlen: 24
31.24.236.0/22 maxlen: 22
31.24.236.0/24 maxlen: 24
31.24.237.0/24 maxlen: 24
31.24.238.0/24 maxlen: 24
31.24.239.0/24 maxlen: 24
185.69.108.0/22 maxlen: 22
185.69.108.0/23 maxlen: 23
185.69.108.0/24 maxlen: 24
185.69.109.0/24 maxlen: 24
185.69.110.0/23 maxlen: 23
185.69.110.0/24 maxlen: 24
185.69.111.0/24 maxlen: 24
185.76.248.0/22 maxlen: 22
185.76.248.0/23 maxlen: 23
185.76.248.0/24 maxlen: 24
185.76.249.0/24 maxlen: 24
185.76.250.0/23 maxlen: 23
185.76.250.0/24 maxlen: 24
185.76.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:c2:5d:d2:1c:b5:a4:a6:79:1a:84:ce:70:f6:cc:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Validity
Not Before: Apr 16 08:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab35a4e7eb57d5db5f0268670c346f6688c6c558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c4:1c:b2:28:87:db:0c:78:23:aa:20:5d:43:
68:f4:3d:5e:23:26:7d:02:0d:3a:64:62:12:d2:5f:
ac:7a:0d:74:5f:4e:a7:b5:fd:b5:36:f5:ad:e6:c1:
d5:2b:96:a8:fd:08:71:6e:f6:c7:7d:60:cf:4b:f8:
e6:cc:1d:71:0f:1c:af:49:85:87:58:12:fe:a5:9f:
46:9f:15:ed:5f:da:f1:8a:d6:d1:14:63:a5:cb:01:
7a:46:22:cc:ff:c4:b5:10:03:20:22:a8:b5:05:d7:
6f:6e:59:9f:27:a8:95:f2:c6:56:6f:0c:a0:0c:93:
da:13:f3:fd:eb:fb:2c:a0:fc:03:aa:3f:79:e5:3d:
89:25:84:31:20:98:51:6e:39:cf:a1:c2:0d:32:60:
11:52:28:bf:02:80:1f:dd:db:16:8a:35:41:7b:a3:
30:a2:81:a1:95:47:ec:15:a4:88:30:39:42:23:c4:
da:fc:6d:4f:eb:98:cc:1e:02:e3:bf:ab:bf:cf:a9:
f7:b0:48:1c:d1:6c:6a:b7:56:76:24:d2:e0:22:4f:
b9:ac:18:cd:1f:6b:53:14:43:bb:bc:49:40:bc:19:
5d:13:ad:00:0e:fa:1b:b4:b7:59:15:e5:5a:c2:59:
03:56:cb:4c:4d:43:41:9b:59:f3:42:46:b8:1d:ad:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:35:A4:E7:EB:57:D5:DB:5F:02:68:67:0C:34:6F:66:88:C6:C5:58
X509v3 Authority Key Identifier:
keyid:CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/qzWk5-tX1dtfAmhnDDRvZojGxVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.232.0/21
185.69.108.0/22
185.76.248.0/22
Signature Algorithm: sha256WithRSAEncryption
76:fd:49:71:80:16:4d:36:9d:10:5a:41:11:6f:a2:fd:e5:f2:
69:6e:8f:f4:61:2c:d5:27:7d:e0:39:1d:0f:e3:14:a2:20:57:
09:24:5c:b6:f8:ee:a9:80:5d:65:d6:96:43:82:c3:9a:c7:3a:
7d:f0:bd:cf:e4:71:15:b0:7d:bf:e5:bb:84:69:d0:ea:5e:f7:
b7:6d:7a:ff:f9:44:69:15:db:67:66:da:bd:8c:21:19:99:c7:
b6:58:f7:63:2d:4b:04:27:59:40:67:04:57:75:20:72:0b:da:
f5:31:06:22:ee:b5:75:62:10:be:6e:33:fa:09:d3:db:52:82:
43:e1:55:70:92:65:e8:a3:ce:b9:ee:3a:1c:0c:7f:5c:71:c6:
16:b2:a9:f7:0a:3c:a1:42:b9:53:c3:a8:27:3a:27:58:11:78:
1d:2f:04:9e:b2:da:01:2c:ae:0b:f5:d5:02:69:db:ef:e5:0b:
3f:40:24:35:12:95:86:2d:59:a3:8a:c8:98:1f:cb:6e:46:35:
9c:10:47:3d:cd:12:94:ac:4f:82:45:8c:d5:4d:56:b9:92:b1:
8c:c9:3f:82:79:d4:4f:22:e4:37:24:62:b1:47:71:8f:13:0d:
be:f8:90:f9:e7:95:26:48:94:c9:08:18:e5:2c:32:06:1c:e6:
b5:24:95:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY9wl3SHLWkpnkahM5w9sy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzBlYjQzNTNlZDc1MGZhZjIzZjJmMWUxNDAxOGM2Y2Zj
NjI3MTUwHhcNMjUwNDE2MDg0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM1YTRlN2ViNTdkNWRiNWYwMjY4NjcwYzM0NmY2Njg4YzZjNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28QcsiiH2wx4I6ogXUNo9D1eIyZ9
Ag06ZGIS0l+seg10X06ntf21NvWt5sHVK5ao/QhxbvbHfWDPS/jmzB1xDxyvSYWH
WBL+pZ9GnxXtX9rxitbRFGOlywF6RiLM/8S1EAMgIqi1BddvblmfJ6iV8sZWbwyg
DJPaE/P96/ssoPwDqj955T2JJYQxIJhRbjnPocINMmARUii/AoAf3dsWijVBe6Mw
ooGhlUfsFaSIMDlCI8Ta/G1P65jMHgLjv6u/z6n3sEgc0Wxqt1Z2JNLgIk+5rBjN
H2tTFEO7vElAvBldE60ADvobtLdZFeVawlkDVstMTUNBm1nzQka4Ha2FGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKs1pOfrV9XbXwJoZww0b2aIxsVYMB8GA1UdIwQY
MBaAFMsw60NT7XUPryPy8eFAGMbPxicVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgt
MWI5YTMyM2M1NzBiLzEvcXpXazUtdFgxZHRmQW1obkREUnZab2pHeFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgtMWI5YTMyM2M1NzBi
LzEveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxjoAwQC
uUVsAwQCuUz4MA0GCSqGSIb3DQEBCwUAA4IBAQB2/UlxgBZNNp0QWkERb6L95fJp
bo/0YSzVJ33gOR0P4xSiIFcJJFy2+O6pgF1l1pZDgsOaxzp98L3P5HEVsH2/5buE
adDqXve3bXr/+URpFdtnZtq9jCEZmce2WPdjLUsEJ1lAZwRXdSByC9r1MQYi7rV1
YhC+bjP6CdPbUoJD4VVwkmXoo8657jocDH9cccYWsqn3CjyhQrlTw6gnOidYEXgd
LwSestoBLK4L9dUCadvv5Qs/QCQ1EpWGLVmjisiYH8tuRjWcEEc9zRKUrE+CRYzV
TVa5krGMyT+CedRPIuQ3JGKxR3GPEw2++JD555UmSJTJCBjlLDIGHOa1JJUV
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:23 2025 by rpki-client