Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/jGJqFQVdzPNIuq__x_RJveRfPgI.roa
File: jGJqFQVdzPNIuq__x_RJveRfPgI.roa (raw, json)
Hash identifier: l/kSncaCyGC+QqprUZGRI2OdInXO3OkPgy+W2EUBUIg=
Subject key identifier: 8C:62:6A:15:05:5D:CC:F3:48:BA:AF:FF:C7:F4:49:BD:E4:5F:3E:02
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 01960166B3A8D3785F6BBFFB573CD509F4AD
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/jGJqFQVdzPNIuq__x_RJveRfPgI.roa
Signing time: Fri 04 Apr 2025 15:23:49 +0000
ROA not before: Fri 04 Apr 2025 15:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34960
IP address blocks: 5.149.0.0/21 maxlen: 21
5.149.0.0/24 maxlen: 24
5.149.1.0/24 maxlen: 24
5.149.2.0/24 maxlen: 24
5.149.3.0/24 maxlen: 24
5.149.4.0/24 maxlen: 24
5.149.5.0/24 maxlen: 24
5.149.6.0/24 maxlen: 24
5.149.7.0/24 maxlen: 24
185.120.92.0/24 maxlen: 24
185.120.93.0/24 maxlen: 24
185.122.48.0/22 maxlen: 22
185.122.48.0/24 maxlen: 24
194.126.144.0/23 maxlen: 23
194.126.144.0/24 maxlen: 24
194.126.145.0/24 maxlen: 24
2a01:48c0::/32 maxlen: 32
2a01:48c0::/40 maxlen: 40
2a01:48c0:100::/40 maxlen: 40
2a01:48c0:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:01:66:b3:a8:d3:78:5f:6b:bf:fb:57:3c:d5:09:f4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Apr 4 15:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c626a15055dccf348baafffc7f449bde45f3e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:80:2c:1e:ff:d8:56:49:a9:9e:31:90:5b:6a:
6b:6a:91:a0:6b:93:97:89:05:a3:68:70:90:65:b2:
6b:b3:5e:0b:3c:b1:0f:54:12:39:92:14:af:02:9e:
00:91:99:1d:eb:27:31:c9:e4:55:ea:18:35:c8:5d:
ae:79:8f:cf:a8:3e:72:7e:b7:69:d5:ec:5e:61:7f:
63:d6:de:e5:84:42:0b:f5:be:50:a3:97:ad:f6:03:
00:a9:31:13:e2:cf:09:c0:bf:9a:4a:52:c0:c2:8a:
a1:a0:03:14:83:83:ce:73:00:cf:19:2b:ea:e4:ba:
58:c1:86:51:6f:6a:fe:16:20:e5:d2:09:37:03:47:
d7:ef:0b:38:fa:b2:48:90:f3:85:1b:1f:49:9b:3e:
bd:b3:66:b3:7a:e6:ac:f1:e1:83:83:97:bd:ee:4f:
f0:09:e7:7c:f9:ad:4f:ae:4b:bd:16:53:09:a8:f7:
cf:23:d5:5c:4b:2e:3d:c0:9c:1e:55:35:6d:9a:07:
90:af:a8:27:da:b4:97:90:96:c4:01:15:0d:73:70:
67:a1:59:1a:e3:ed:18:c0:5a:4d:66:23:03:53:fd:
7a:a5:e7:a9:e7:f5:ef:20:91:94:63:b2:1d:03:6f:
64:1a:e3:3d:a0:22:fd:43:8f:14:0e:5b:95:b1:dd:
0b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:62:6A:15:05:5D:CC:F3:48:BA:AF:FF:C7:F4:49:BD:E4:5F:3E:02
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/jGJqFQVdzPNIuq__x_RJveRfPgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.0.0/21
185.120.92.0/23
185.122.48.0/22
194.126.144.0/23
IPv6:
2a01:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
48:6a:12:80:bb:e8:49:c3:30:82:ca:d9:08:c8:89:28:22:07:
70:41:bc:95:5a:35:a0:ac:37:69:0f:07:ce:d4:68:d0:9e:53:
df:6a:3e:d7:14:c0:5c:a6:ba:92:ea:84:c2:55:4a:87:93:65:
55:d1:a0:66:c2:0b:8c:6d:aa:22:8d:9b:f2:49:8d:72:2a:ad:
7d:60:74:e7:b5:5f:34:a2:d3:de:5b:f2:4a:3b:2b:59:cb:99:
50:69:73:e9:6d:10:5c:87:0c:17:9a:6e:17:2e:d0:78:07:7b:
95:d2:e4:95:02:b4:bd:12:b1:f1:88:d8:2c:7e:b5:1e:64:90:
81:e1:40:0f:43:22:63:b4:7f:d5:e0:c6:b7:ac:d4:26:c5:ec:
14:aa:ec:89:18:cc:6a:47:7b:8c:a6:d0:47:08:da:6a:15:38:
d0:78:e3:7b:d3:bf:fb:13:0e:f8:f5:fa:50:7a:a8:14:ca:72:
1e:ed:66:77:c5:80:03:4a:5e:ee:34:e8:3c:b8:1f:12:8f:75:
8d:f8:f2:f8:13:7a:1d:fb:e9:3f:57:25:6b:9d:57:94:a9:be:
26:75:0d:13:bd:08:94:6c:50:3a:8e:47:f5:08:03:64:86:59:
5f:5b:54:71:45:9f:3d:11:eb:e6:88:2c:04:ba:01:98:31:47:
b2:d4:97:71
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZYBZrOo03hfa7/7VzzVCfStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjUwNDA0MTUyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzYyNmExNTA1NWRjY2YzNDhiYWFmZmZjN2Y0NDliZGU0NWYzZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooAsHv/YVkmpnjGQW2prapGga5OX
iQWjaHCQZbJrs14LPLEPVBI5khSvAp4AkZkd6ycxyeRV6hg1yF2ueY/PqD5yfrdp
1exeYX9j1t7lhEIL9b5Qo5et9gMAqTET4s8JwL+aSlLAwoqhoAMUg4POcwDPGSvq
5LpYwYZRb2r+FiDl0gk3A0fX7ws4+rJIkPOFGx9Jmz69s2azeuas8eGDg5e97k/w
Ced8+a1Prku9FlMJqPfPI9VcSy49wJweVTVtmgeQr6gn2rSXkJbEARUNc3BnoVka
4+0YwFpNZiMDU/16peep5/XvIJGUY7IdA29kGuM9oCL9Q48UDluVsd0LBQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIxiahUFXczzSLqv/8f0Sb3kXz4CMB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvakdKcUZRVmR6UE5JdXFfX3hfUkp2ZVJmUGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZUAAwQB
uXhcAwQCuXowAwQBwn6QMA0EAgACMAcDBQAqAUjAMA0GCSqGSIb3DQEBCwUAA4IB
AQBIahKAu+hJwzCCytkIyIkoIgdwQbyVWjWgrDdpDwfO1GjQnlPfaj7XFMBcprqS
6oTCVUqHk2VV0aBmwguMbaoijZvySY1yKq19YHTntV80otPeW/JKOytZy5lQaXPp
bRBchwwXmm4XLtB4B3uV0uSVArS9ErHxiNgsfrUeZJCB4UAPQyJjtH/V4Ma3rNQm
xewUquyJGMxqR3uMptBHCNpqFTjQeON707/7Ew749fpQeqgUynIe7WZ3xYADSl7u
NOg8uB8Sj3WN+PL4E3od++k/VyVrnVeUqb4mdQ0TvQiUbFA6jkf1CANkhllfW1Rx
RZ89EevmiCwEugGYMUey1Jdx
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:56:29 2025 by rpki-client