Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QUnehr_kZKHLhvQEj3Ssg4_t_nw.roa
File: QUnehr_kZKHLhvQEj3Ssg4_t_nw.roa (raw, json)
Hash identifier: pDBfZZRKwoZuTfpz6jhhOBgKtWerJ03avKek91I2yqw=
Subject key identifier: 41:49:DE:86:BF:E4:64:A1:CB:86:F4:04:8F:74:AC:83:8F:ED:FE:7C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F934937E0EC58FEE744F09BBAC9EE
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QUnehr_kZKHLhvQEj3Ssg4_t_nw.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207743
IP address blocks: 64.43.77.0/24 maxlen: 24
64.43.78.0/23 maxlen: 23
64.43.96.0/23 maxlen: 23
64.43.98.0/23 maxlen: 23
93.120.26.0/24 maxlen: 24
93.120.32.0/24 maxlen: 24
109.207.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:93:49:37:e0:ec:58:fe:e7:44:f0:9b:ba:c9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4149de86bfe464a1cb86f4048f74ac838fedfe7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:27:7b:70:ad:41:99:c3:bb:ae:74:a2:9a:2f:
8d:a4:9c:4b:f1:ac:fd:9b:f7:3e:cc:cb:8b:42:33:
f7:70:d1:bf:37:76:2d:84:e8:e6:b6:de:dc:12:c7:
c2:40:0f:9a:3b:ef:60:84:af:ed:0c:d0:e6:1d:0d:
68:85:02:d1:3f:09:93:23:91:c4:ac:2a:82:8a:eb:
93:9a:09:05:18:b7:64:a6:d8:dd:99:15:ca:b8:de:
37:ce:b1:69:c3:d4:b6:24:0e:22:1f:3a:f2:8f:55:
15:6e:72:a0:e2:31:b5:7a:cc:99:65:c0:6d:62:fd:
32:9d:1e:dd:0a:99:92:bc:cc:48:84:57:c7:cb:e4:
98:21:42:10:23:3c:e5:f1:11:e7:85:04:c1:91:d3:
ab:6a:99:0c:03:14:32:31:80:89:38:70:c3:25:8c:
0d:c4:f7:f9:e9:0d:75:ac:0b:35:72:bb:b3:ec:64:
c3:77:7a:27:a2:29:97:93:9c:3c:35:b5:92:97:7d:
02:9b:e8:d4:ab:ca:ca:a8:98:40:2d:6a:90:c5:c4:
6e:8e:42:28:22:ab:37:6c:44:78:b8:db:e8:cc:41:
65:f4:a4:2f:6f:fa:80:69:64:5b:14:14:9c:c2:a6:
2d:50:b1:6c:8a:49:04:16:1e:17:2e:cc:d2:6d:e8:
1d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:49:DE:86:BF:E4:64:A1:CB:86:F4:04:8F:74:AC:83:8F:ED:FE:7C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QUnehr_kZKHLhvQEj3Ssg4_t_nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.77.0-64.43.79.255
64.43.96.0/22
93.120.26.0/24
93.120.32.0/24
109.207.134.0/23
Signature Algorithm: sha256WithRSAEncryption
95:93:89:49:11:eb:86:d5:ac:2a:60:7c:2d:01:b8:7c:d3:59:
c3:a0:29:3e:5f:2c:0d:e5:f9:d5:97:d2:a8:6d:3c:bf:6f:2a:
28:1d:fd:b5:dc:94:b3:8f:39:e9:80:26:62:9c:d6:d5:82:4f:
f3:1d:f1:a4:f3:a3:74:63:1c:2a:bb:53:4c:ce:23:97:68:9d:
e0:d9:8f:93:be:4d:d4:14:ea:90:c7:27:38:0a:b9:fe:dd:10:
3c:9a:f5:bc:d5:b9:96:47:fb:d1:e8:87:16:50:77:b6:81:85:
3c:09:fb:f6:ed:90:ca:10:24:8d:47:52:b5:10:e8:83:87:58:
04:ce:68:75:55:9b:c3:7c:1d:94:58:c7:21:c1:8c:f9:4b:99:
c5:a4:32:5b:a7:43:9c:a7:05:c7:a3:5b:0b:fe:80:e0:08:0c:
2d:06:7a:dc:ca:31:95:77:91:2a:2e:78:0b:42:99:e9:0e:47:
6d:de:83:f1:65:21:55:8e:b8:82:17:68:99:7e:d8:ee:64:3f:
07:2b:59:a2:71:0f:d1:af:73:92:34:fe:be:bd:41:3c:9f:9d:
f6:92:d2:11:bf:39:79:7b:eb:8e:cb:4f:74:05:d1:00:01:c4:
a2:ca:71:5c:f5:9c:c7:30:a6:c6:e6:5d:32:06:36:e6:78:9f:
c3:64:24:83
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQlj5NJN+DsWP7nRPCbusnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ5ZGU4NmJmZTQ2NGExY2I4NmY0MDQ4Zjc0YWM4MzhmZWRmZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Sd7cK1BmcO7rnSimi+NpJxL8az9
m/c+zMuLQjP3cNG/N3YthOjmtt7cEsfCQA+aO+9ghK/tDNDmHQ1ohQLRPwmTI5HE
rCqCiuuTmgkFGLdkptjdmRXKuN43zrFpw9S2JA4iHzryj1UVbnKg4jG1esyZZcBt
Yv0ynR7dCpmSvMxIhFfHy+SYIUIQIzzl8RHnhQTBkdOrapkMAxQyMYCJOHDDJYwN
xPf56Q11rAs1cruz7GTDd3onoimXk5w8NbWSl30Cm+jUq8rKqJhALWqQxcRujkIo
Iqs3bER4uNvozEFl9KQvb/qAaWRbFBScwqYtULFsikkEFh4XLszSbegd0wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEFJ3oa/5GShy4b0BI90rIOP7f58MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUVVuZWhyX2taS0hMaHZRRWozU3NnNF90X253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABAK00D
BARAK0ADBAJAK2ADBABdeBoDBABdeCADBAFtz4YwDQYJKoZIhvcNAQELBQADggEB
AJWTiUkR64bVrCpgfC0BuHzTWcOgKT5fLA3l+dWX0qhtPL9vKigd/bXclLOPOemA
JmKc1tWCT/Md8aTzo3RjHCq7U0zOI5doneDZj5O+TdQU6pDHJzgKuf7dEDya9bzV
uZZH+9HohxZQd7aBhTwJ+/btkMoQJI1HUrUQ6IOHWATOaHVVm8N8HZRYxyHBjPlL
mcWkMlunQ5ynBcejWwv+gOAIDC0GetzKMZV3kSoueAtCmekOR23eg/FlIVWOuIIX
aJl+2O5kPwcrWaJxD9Gvc5I0/r69QTyfnfaS0hG/OXl7647LT3QF0QABxKLKcVz1
nMcwpsbmXTIGNuZ4n8NkJIM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:01 2025 by rpki-client