Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/TQKhSi8Awccw4XCNSJ1aruVNLAk.roa
File: TQKhSi8Awccw4XCNSJ1aruVNLAk.roa (raw, json)
Hash identifier: sIBHk/GyN9LYf2GBmbzqMybhc4XcRHVc+6LBWV3OWQY=
Subject key identifier: 4D:02:A1:4A:2F:00:C1:C7:30:E1:70:8D:48:9D:5A:AE:E5:4D:2C:09
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0195D9C66B60669EFCE302418A863E1F30EF
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/TQKhSi8Awccw4XCNSJ1aruVNLAk.roa
Signing time: Thu 27 Mar 2025 22:43:34 +0000
ROA not before: Thu 27 Mar 2025 22:43:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196755
IP address blocks: 80.251.108.0/22 maxlen: 22
80.251.108.0/23 maxlen: 23
157.143.248.0/21 maxlen: 21
178.157.16.0/20 maxlen: 20
178.157.18.0/23 maxlen: 23
178.157.20.0/22 maxlen: 22
178.157.24.0/23 maxlen: 23
178.157.26.0/23 maxlen: 23
178.157.28.0/22 maxlen: 22
178.157.32.0/20 maxlen: 20
178.157.44.0/22 maxlen: 22
178.174.106.0/23 maxlen: 23
178.174.108.0/23 maxlen: 24
217.181.251.0/24 maxlen: 24
217.181.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 00:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d9:c6:6b:60:66:9e:fc:e3:02:41:8a:86:3e:1f:30:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Mar 27 22:43:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d02a14a2f00c1c730e1708d489d5aaee54d2c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:dc:89:c3:4b:35:79:6d:d7:66:0c:66:4b:a7:
87:cb:41:1e:00:72:5f:8b:65:4b:47:3e:49:15:27:
aa:6d:9f:66:b2:8e:42:1b:11:b4:3c:13:82:52:6e:
e2:c4:69:f8:93:2a:f2:5d:39:13:5a:07:1c:5e:81:
24:2d:78:23:78:24:16:b9:de:09:84:09:8a:6a:c9:
9c:95:31:23:b5:30:cb:3b:bf:f7:a2:5b:38:fd:0f:
e5:4d:d9:4d:ca:ad:d7:d3:f2:23:a1:ef:36:d6:85:
6b:88:24:60:7e:ff:2c:09:a8:4f:cc:ac:2f:ff:31:
38:72:34:67:f4:67:e3:6d:6f:b2:90:5c:a6:d9:80:
d1:01:2f:aa:91:00:04:39:a1:39:3a:32:a7:f9:5a:
18:8a:68:36:41:59:a1:a9:23:19:f3:14:60:9d:b4:
a6:bc:1c:44:74:44:aa:7b:fd:ee:bf:65:c1:a0:ff:
2c:5f:15:a3:2f:1f:70:30:14:e8:e6:26:ff:c4:e0:
4d:72:19:78:7b:23:cd:6a:b4:ae:44:7d:cb:dd:de:
ec:86:0a:a3:3a:84:d4:56:24:bc:b8:55:94:41:62:
ea:11:69:0b:62:12:db:e4:48:93:f3:bb:1e:a8:d5:
78:76:71:f4:e1:02:74:23:6d:27:d5:3a:b4:61:9c:
8b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:02:A1:4A:2F:00:C1:C7:30:E1:70:8D:48:9D:5A:AE:E5:4D:2C:09
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/TQKhSi8Awccw4XCNSJ1aruVNLAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/22
157.143.248.0/21
178.157.16.0-178.157.47.255
178.174.106.0-178.174.109.255
217.181.251.0-217.181.253.255
Signature Algorithm: sha256WithRSAEncryption
b3:63:e5:0d:23:cb:5b:5a:b8:16:90:47:b9:af:d2:2c:0d:05:
97:e4:59:6d:4b:58:6c:f9:a1:7b:07:c6:da:73:d4:7f:ec:ea:
74:26:61:29:30:4f:72:08:81:77:ce:98:01:8d:fa:08:ec:fc:
74:45:0b:d6:37:ae:84:6f:85:7c:96:b6:81:19:f1:98:ee:d0:
8b:79:86:11:c2:38:0d:47:02:16:09:35:35:d6:3b:97:cb:07:
a0:2d:fb:55:26:ac:19:50:7e:8a:44:0f:0f:81:f5:da:28:bf:
6c:f4:49:04:b8:89:57:fa:e7:8f:6c:f2:ec:75:0c:ba:5a:72:
db:10:73:27:89:8c:18:14:06:be:eb:9c:0a:a7:b8:d1:8d:81:
62:c7:81:05:a5:69:f4:c8:ff:af:79:09:66:3c:9b:c3:21:d6:
df:30:da:e2:50:da:4f:d1:2b:4c:4a:78:c8:22:e0:9d:45:df:
9f:af:b7:e0:4b:33:cc:8e:f2:4c:f8:ad:ff:06:4f:a1:f5:d8:
0e:b1:39:1c:51:ff:cc:1f:79:69:b2:dc:cd:db:fa:ee:2b:94:
5f:69:86:d5:6a:47:39:de:13:28:02:d5:80:82:25:f0:8d:63:
01:51:8a:b4:05:ef:5e:2d:81:f2:79:d5:09:8a:b1:8d:17:d1:
03:e8:7c:f5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZXZxmtgZp784wJBioY+HzDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMzI3MjI0MzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAyYTE0YTJmMDBjMWM3MzBlMTcwOGQ0ODlkNWFhZWU1NGQyYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NyJw0s1eW3XZgxmS6eHy0EeAHJf
i2VLRz5JFSeqbZ9mso5CGxG0PBOCUm7ixGn4kyryXTkTWgccXoEkLXgjeCQWud4J
hAmKasmclTEjtTDLO7/3ols4/Q/lTdlNyq3X0/Ijoe821oVriCRgfv8sCahPzKwv
/zE4cjRn9GfjbW+ykFym2YDRAS+qkQAEOaE5OjKn+VoYimg2QVmhqSMZ8xRgnbSm
vBxEdESqe/3uv2XBoP8sXxWjLx9wMBTo5ib/xOBNchl4eyPNarSuRH3L3d7shgqj
OoTUViS8uFWUQWLqEWkLYhLb5EiT87seqNV4dnH04QJ0I20n1Tq0YZyLxQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE0CoUovAMHHMOFwjUidWq7lTSwJMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvVFFLaFNpOEF3Y2N3NFhDTlNKMWFydVZOTEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCUPtsAwQD
nY/4MAwDBASynRADBASynSAwDAMEAbKuagMEAbKubDAMAwQA2bX7AwQB2bX8MA0G
CSqGSIb3DQEBCwUAA4IBAQCzY+UNI8tbWrgWkEe5r9IsDQWX5FltS1hs+aF7B8ba
c9R/7Op0JmEpME9yCIF3zpgBjfoI7Px0RQvWN66Eb4V8lraBGfGY7tCLeYYRwjgN
RwIWCTU11juXywegLftVJqwZUH6KRA8PgfXaKL9s9EkEuIlX+uePbPLsdQy6WnLb
EHMniYwYFAa+65wKp7jRjYFix4EFpWn0yP+veQlmPJvDIdbfMNriUNpP0StMSnjI
IuCdRd+fr7fgSzPMjvJM+K3/Bk+h9dgOsTkcUf/MH3lpstzN2/ruK5RfaYbVakc5
3hMoAtWAgiXwjWMBUYq0Be9eLYHyedUJirGNF9ED6Hz1
-----END CERTIFICATE-----
Generated at Tue Apr 15 10:13:25 2025 by rpki-client