Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/qST1YzpfG0Aj9HfkTwxj9U8CUhI.roa
File: qST1YzpfG0Aj9HfkTwxj9U8CUhI.roa (raw, json)
Hash identifier: wruCCghr0kJqtbuyZdJFoTZhRH+nhRjwzTxdaCBX4hs=
Subject key identifier: A9:24:F5:63:3A:5F:1B:40:23:F4:77:E4:4F:0C:63:F5:4F:02:52:12
Certificate issuer: /CN=53a8b7bca8b11d27850e918ca599669880162929
Certificate serial: 01944FEEE91F8FDB7297606895951C02BACC
Authority key identifier: 53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/qST1YzpfG0Aj9HfkTwxj9U8CUhI.roa
Signing time: Fri 10 Jan 2025 11:17:24 +0000
ROA not before: Fri 10 Jan 2025 11:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13147
IP address blocks: 194.153.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:ee:e9:1f:8f:db:72:97:60:68:95:95:1c:02:ba:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a8b7bca8b11d27850e918ca599669880162929
Validity
Not Before: Jan 10 11:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a924f5633a5f1b4023f477e44f0c63f54f025212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:99:78:db:4d:07:2c:ba:3c:86:58:de:47:13:
e6:5d:d8:a0:a9:a6:39:28:32:92:16:9c:0e:84:fa:
37:fc:87:b4:37:e9:51:84:97:e7:96:63:0f:ce:aa:
ce:c7:09:7b:f3:f5:46:ec:b9:c1:b5:4a:e3:0f:87:
fa:66:db:63:3a:21:8e:f7:f8:98:22:17:7e:0a:30:
08:80:2c:3c:9c:cc:dc:c3:ea:36:f1:9f:2e:96:d6:
8e:4b:12:18:98:f0:b4:c4:6a:6e:5b:9f:0b:db:c4:
72:cb:70:40:09:98:ee:eb:5b:29:29:5b:1f:8c:b8:
4a:a1:b8:de:78:e4:31:a8:4d:2f:69:a9:e3:99:6b:
80:5b:a5:c8:45:82:01:4d:d9:a5:24:97:57:3d:7e:
ec:be:10:ba:6b:0e:64:13:be:63:2d:69:0d:8b:ce:
77:5a:2d:3e:dc:94:8c:63:a8:03:35:c9:41:ab:f9:
53:08:5f:2c:6b:55:8b:63:89:ba:17:a7:10:75:e2:
1a:0f:ae:e4:ff:4e:60:8d:82:1d:f1:04:f8:72:0e:
d3:d7:16:af:b9:33:1e:dd:d4:06:7d:13:e0:c0:cd:
2b:2c:6b:e7:b1:f7:91:d1:af:f6:35:da:f5:ef:d7:
9b:6c:32:bb:4b:87:a4:e7:5f:de:08:e8:e4:25:20:
2d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:24:F5:63:3A:5F:1B:40:23:F4:77:E4:4F:0C:63:F5:4F:02:52:12
X509v3 Authority Key Identifier:
keyid:53:A8:B7:BC:A8:B1:1D:27:85:0E:91:8C:A5:99:66:98:80:16:29:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6i3vKixHSeFDpGMpZlmmIAWKSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/qST1YzpfG0Aj9HfkTwxj9U8CUhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/506db9-12aa-463c-a7ea-d3cdd5c3392c/1/U6i3vKixHSeFDpGMpZlmmIAWKSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.145.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d6:36:d6:ae:26:6a:bd:bc:07:e5:51:8a:55:ce:ea:d3:e1:
db:ff:ed:46:db:34:af:6a:de:80:4d:d7:58:81:1e:e9:79:10:
14:f8:3a:74:22:ad:5d:f5:27:9b:79:bd:44:3e:98:08:8a:6c:
f3:a3:98:28:46:e9:94:dc:c6:74:5e:04:b0:9b:9f:cf:c7:25:
8a:c1:78:bf:d8:27:46:e1:04:52:98:6f:36:0e:a2:28:36:ad:
0b:86:67:4a:4e:a5:d5:4d:e3:11:e9:3e:0c:64:1c:05:60:74:
2a:ba:56:f3:09:d6:fc:be:da:be:e3:62:b3:5c:2d:d0:a0:4e:
13:5e:71:30:08:f1:a4:5b:70:50:cf:49:53:a0:b3:43:77:4a:
39:2c:f8:aa:fe:c6:33:63:1d:ef:37:94:95:c0:90:9c:8e:67:
50:79:c6:d0:e4:47:84:79:78:4f:ef:4d:b9:d2:82:7f:26:8f:
7b:5a:90:6c:c0:09:cb:c2:32:b9:e1:72:ce:fe:9c:59:45:bb:
6d:e5:73:58:e3:95:da:d8:c2:0a:49:16:49:6e:7b:b5:68:76:
37:ef:48:1e:b4:a2:21:cf:92:e1:9f:5e:21:7c:32:1b:87:fc:
db:36:df:f4:75:c0:22:53:98:8c:06:41:f3:12:74:18:d7:6d:
28:dc:83:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRP7ukfj9tyl2BolZUcArrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYThiN2JjYThiMTFkMjc4NTBlOTE4Y2E1OTk2Njk4ODAx
NjI5MjkwHhcNMjUwMTEwMTExNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTI0ZjU2MzNhNWYxYjQwMjNmNDc3ZTQ0ZjBjNjNmNTRmMDI1MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55l4200HLLo8hljeRxPmXdigqaY5
KDKSFpwOhPo3/Ie0N+lRhJfnlmMPzqrOxwl78/VG7LnBtUrjD4f6ZttjOiGO9/iY
Ihd+CjAIgCw8nMzcw+o28Z8ultaOSxIYmPC0xGpuW58L28Ryy3BACZju61spKVsf
jLhKobjeeOQxqE0vaanjmWuAW6XIRYIBTdmlJJdXPX7svhC6aw5kE75jLWkNi853
Wi0+3JSMY6gDNclBq/lTCF8sa1WLY4m6F6cQdeIaD67k/05gjYId8QT4cg7T1xav
uTMe3dQGfRPgwM0rLGvnsfeR0a/2Ndr179ebbDK7S4ek51/eCOjkJSAtyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkk9WM6XxtAI/R35E8MY/VPAlISMB8GA1UdIwQY
MBaAFFOot7yosR0nhQ6RjKWZZpiAFikpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEt
ZDNjZGQ1YzMzOTJjLzEvcVNUMVl6cGZHMEFqOUhma1R3eGo5VThDVWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81MDZkYjktMTJhYS00NjNjLWE3ZWEtZDNjZGQ1YzMzOTJj
LzEvVTZpM3ZLaXhIU2VGRHBHTXBabG1tSUFXS1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpmRMA0G
CSqGSIb3DQEBCwUAA4IBAQBo1jbWriZqvbwH5VGKVc7q0+Hb/+1G2zSvat6ATddY
gR7peRAU+Dp0Iq1d9Sebeb1EPpgIimzzo5goRumU3MZ0XgSwm5/PxyWKwXi/2CdG
4QRSmG82DqIoNq0LhmdKTqXVTeMR6T4MZBwFYHQqulbzCdb8vtq+42KzXC3QoE4T
XnEwCPGkW3BQz0lToLNDd0o5LPiq/sYzYx3vN5SVwJCcjmdQecbQ5EeEeXhP7025
0oJ/Jo97WpBswAnLwjK54XLO/pxZRbtt5XNY45Xa2MIKSRZJbnu1aHY370getKIh
z5Lhn14hfDIbh/zbNt/0dcAiU5iMBkHzEnQY120o3ION
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:05 2025 by rpki-client