Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/jQsi8_J6MipHdOC1QKp1lfX5Chs.roa
File: jQsi8_J6MipHdOC1QKp1lfX5Chs.roa (raw, json)
Hash identifier: uddD5zpzhQFsrCHhylF2R9AbBmGVjfPgJdzZ7Ufh37A=
Subject key identifier: 8D:0B:22:F3:F2:7A:32:2A:47:74:E0:B5:40:AA:75:95:F5:F9:0A:1B
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 0195AE387287E4C752A0B305B78BF496940B
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/jQsi8_J6MipHdOC1QKp1lfX5Chs.roa
Signing time: Wed 19 Mar 2025 11:44:49 +0000
ROA not before: Wed 19 Mar 2025 11:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 31.22.80.0/21 maxlen: 21
31.22.84.0/24 maxlen: 24
45.148.184.0/22 maxlen: 22
45.148.187.0/24 maxlen: 24
95.142.96.0/20 maxlen: 20
130.193.4.0/24 maxlen: 24
178.237.32.0/20 maxlen: 20
178.237.34.0/24 maxlen: 24
178.237.42.0/24 maxlen: 24
178.237.43.0/24 maxlen: 24
185.27.16.0/22 maxlen: 22
2a00:1188::/29 maxlen: 29
2a00:1188:8::/48 maxlen: 48
2a00:1188:9::/48 maxlen: 48
2a00:1188:b::/48 maxlen: 48
2a00:1188:c::/48 maxlen: 48
2a00:1188:d::/48 maxlen: 48
2a00:1188:13::/48 maxlen: 48
2a00:1188:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 20:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:38:72:87:e4:c7:52:a0:b3:05:b7:8b:f4:96:94:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Mar 19 11:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d0b22f3f27a322a4774e0b540aa7595f5f90a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:25:48:8d:b2:d3:fd:da:93:9f:90:d2:28:62:
90:fb:22:d6:f7:db:a2:66:be:5d:11:6f:80:32:f0:
0a:9f:c1:02:14:02:9d:01:91:d7:05:8b:38:9c:26:
7c:95:c9:f9:f4:d5:eb:58:d6:8a:6a:21:1d:42:b9:
c4:28:e8:8f:e1:f6:22:46:dc:ca:36:be:cc:9e:fb:
a3:77:64:61:70:e2:7c:a7:ed:c1:93:63:d9:13:dc:
9d:00:b2:25:80:05:4d:9b:d5:71:8f:4a:0f:5d:3c:
7a:87:ab:cd:ad:d4:98:d8:d0:6a:f3:18:4a:61:8b:
16:4f:d3:75:7e:b1:7e:db:8f:d4:25:88:5f:c2:ff:
c7:ed:6a:2a:4d:a6:78:a3:94:3b:29:7b:6f:60:98:
94:b8:43:0b:20:33:34:c3:ad:3d:a7:7c:c1:6a:a7:
b9:d4:f7:f9:16:ce:9b:9c:a7:61:9d:dc:b7:38:6e:
f5:e6:96:fd:c8:63:f9:4e:e1:a9:7c:0c:e0:e3:8b:
a2:8c:5f:1f:e0:6d:d7:f8:de:02:bf:cd:0d:b2:a2:
fa:77:1d:68:d3:96:31:a8:48:79:7d:07:22:d1:13:
84:b9:e0:c6:9b:bc:af:e4:e5:ac:44:f4:dc:bb:02:
f0:82:b6:80:07:33:6a:44:c6:19:14:71:7f:c9:c7:
28:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0B:22:F3:F2:7A:32:2A:47:74:E0:B5:40:AA:75:95:F5:F9:0A:1B
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/jQsi8_J6MipHdOC1QKp1lfX5Chs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
95.142.96.0/20
130.193.4.0/24
178.237.32.0/20
185.27.16.0/22
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
a3:0e:3b:82:e8:62:d1:00:35:c9:72:e4:78:80:de:15:12:bc:
02:ff:34:31:87:eb:3a:fb:bb:56:b9:3f:a4:4c:c9:d8:89:56:
9a:49:cf:a2:27:5c:ea:c3:39:0c:5c:2d:63:19:ba:ed:87:ff:
c2:d2:0c:48:b7:b3:ee:8f:d7:e4:db:cc:3d:4a:56:fd:39:3d:
81:11:f6:10:64:b8:0e:3e:4b:96:d8:13:aa:38:b7:71:cd:51:
d9:11:49:e6:8e:2a:ac:12:5d:c9:a7:23:5f:70:77:80:33:ed:
61:6a:a6:a7:d6:9c:c4:62:ef:70:25:20:b9:fe:3e:a0:8d:32:
ee:f9:a6:7e:e8:6c:4f:5a:7d:e3:b4:7d:51:8e:ca:cf:fa:b2:
5b:8b:15:65:b2:2d:29:b1:b8:3b:4c:a5:80:e2:be:d8:27:80:
56:67:0b:50:97:93:2a:08:a8:a9:c2:ff:f5:ea:47:53:4d:78:
8b:e7:48:36:58:e0:6a:22:be:33:a0:8a:27:4a:74:83:40:4d:
f5:a1:14:c2:7f:25:9b:f2:7f:20:29:e4:12:f4:b4:f5:20:28:
ee:12:0c:d3:c7:47:3c:96:e8:cd:2f:b0:30:d5:9d:33:52:f6:
2f:f6:8b:a2:fb:e5:ea:6e:7a:b3:c9:47:cd:31:a8:16:dd:a3:
a3:db:52:58
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZWuOHKH5MdSoLMFt4v0lpQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjUwMzE5MTE0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBiMjJmM2YyN2EzMjJhNDc3NGUwYjU0MGFhNzU5NWY1ZjkwYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iVIjbLT/dqTn5DSKGKQ+yLW99ui
Zr5dEW+AMvAKn8ECFAKdAZHXBYs4nCZ8lcn59NXrWNaKaiEdQrnEKOiP4fYiRtzK
Nr7Mnvujd2RhcOJ8p+3Bk2PZE9ydALIlgAVNm9Vxj0oPXTx6h6vNrdSY2NBq8xhK
YYsWT9N1frF+24/UJYhfwv/H7WoqTaZ4o5Q7KXtvYJiUuEMLIDM0w609p3zBaqe5
1Pf5Fs6bnKdhndy3OG715pb9yGP5TuGpfAzg44uijF8f4G3X+N4Cv80NsqL6dx1o
05YxqEh5fQci0ROEueDGm7yv5OWsRPTcuwLwgraABzNqRMYZFHF/yccoCQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFI0LIvPyejIqR3TgtUCqdZX1+QobMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvalFzaThfSjZNaXBIZE9DMVFLcDFsZlg1Q2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHxZQAwQC
LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQMA0EAgACMAcDBQMqABGIMA0GCSqG
SIb3DQEBCwUAA4IBAQCjDjuC6GLRADXJcuR4gN4VErwC/zQxh+s6+7tWuT+kTMnY
iVaaSc+iJ1zqwzkMXC1jGbrth//C0gxIt7Puj9fk28w9Slb9OT2BEfYQZLgOPkuW
2BOqOLdxzVHZEUnmjiqsEl3JpyNfcHeAM+1haqan1pzEYu9wJSC5/j6gjTLu+aZ+
6GxPWn3jtH1RjsrP+rJbixVlsi0psbg7TKWA4r7YJ4BWZwtQl5MqCKipwv/16kdT
TXiL50g2WOBqIr4zoIonSnSDQE31oRTCfyWb8n8gKeQS9LT1ICjuEgzTx0c8lujN
L7Aw1Z0zUvYv9oui++XqbnqzyUfNMagW3aOj21JY
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:42:16 2025 by rpki-client