Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/qZ_vGww3miBwhmiPJQ4AD0HWpSo.roa
File: qZ_vGww3miBwhmiPJQ4AD0HWpSo.roa (raw, json)
Hash identifier: /yOCjsEAUpbowyN4y+pICuqKMk+5ErunDXEzQRSdLQQ=
Subject key identifier: A9:9F:EF:1B:0C:37:9A:20:70:86:68:8F:25:0E:00:0F:41:D6:A5:2A
Certificate issuer: /CN=01a0d5868c7a41d6fe9dcbcf93805ac42cbdbdbf
Certificate serial: 0194266C087E32CC9FBF24357BD9A6CEFDF2
Authority key identifier: 01:A0:D5:86:8C:7A:41:D6:FE:9D:CB:CF:93:80:5A:C4:2C:BD:BD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaDVhox6Qdb-ncvPk4BaxCy9vb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/qZ_vGww3miBwhmiPJQ4AD0HWpSo.roa
Signing time: Thu 02 Jan 2025 09:50:01 +0000
ROA not before: Thu 02 Jan 2025 09:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211493
IP address blocks: 193.32.84.0/24 maxlen: 24
2a10:d2c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/AaDVhox6Qdb-ncvPk4BaxCy9vb8.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/AaDVhox6Qdb-ncvPk4BaxCy9vb8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AaDVhox6Qdb-ncvPk4BaxCy9vb8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:08:7e:32:cc:9f:bf:24:35:7b:d9:a6:ce:fd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01a0d5868c7a41d6fe9dcbcf93805ac42cbdbdbf
Validity
Not Before: Jan 2 09:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a99fef1b0c379a207086688f250e000f41d6a52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:88:4c:0e:93:33:ed:60:ef:0d:75:62:63:
43:0a:5f:2b:ee:64:18:5e:5c:a3:58:42:b4:06:5f:
53:ea:d9:d2:e7:81:77:05:80:01:62:6f:cf:26:9e:
83:63:90:a6:20:a6:74:3a:e9:1b:5e:aa:e3:a5:af:
d2:bc:6e:76:f6:94:d9:04:73:8f:fc:50:96:5e:37:
1c:0a:6b:fc:9d:72:5b:66:23:93:91:1e:94:e1:9e:
2f:d7:14:ab:69:7d:51:04:92:5b:44:7b:b4:d3:4c:
5a:72:39:a9:85:8d:b5:8f:ec:ad:cf:4e:04:8f:72:
8e:bb:79:8c:8b:da:6b:57:e8:f8:23:28:ce:3d:ac:
31:34:41:fd:f5:1f:06:1c:4d:57:79:d5:25:45:6d:
fa:00:95:86:62:c2:e8:26:b2:93:f6:54:e2:bb:47:
1a:e2:09:1e:8b:30:56:bc:e9:20:14:5b:3b:8b:5e:
65:ce:3a:74:2d:25:d3:d2:ad:7e:b1:1e:b9:d5:13:
15:fd:91:9a:c7:4e:97:0f:a5:bf:ca:94:cb:18:13:
b6:17:fb:ac:71:bb:8d:6d:a1:28:f8:75:96:00:b2:
9d:75:be:ca:97:21:f6:02:a3:65:d0:d1:01:3d:0e:
48:e6:0e:b9:1f:04:b3:05:51:10:84:19:0d:5f:c5:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9F:EF:1B:0C:37:9A:20:70:86:68:8F:25:0E:00:0F:41:D6:A5:2A
X509v3 Authority Key Identifier:
keyid:01:A0:D5:86:8C:7A:41:D6:FE:9D:CB:CF:93:80:5A:C4:2C:BD:BD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaDVhox6Qdb-ncvPk4BaxCy9vb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/qZ_vGww3miBwhmiPJQ4AD0HWpSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fcdbee-db9d-46b8-9e03-146e0b178085/1/AaDVhox6Qdb-ncvPk4BaxCy9vb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.84.0/24
IPv6:
2a10:d2c0::/32
Signature Algorithm: sha256WithRSAEncryption
20:37:77:c6:72:f4:c4:00:5b:ed:62:18:53:29:86:2c:49:83:
c9:00:92:d9:f2:d3:f8:6d:07:d4:19:52:72:49:b3:da:08:7c:
df:89:fa:6a:a5:02:5d:81:a5:f8:ee:48:b7:f6:1e:31:f3:6b:
fa:fe:97:2c:00:8e:67:04:6a:5f:02:3a:01:eb:0d:c9:d2:68:
9b:61:67:68:91:57:fc:b4:a5:c7:3c:b4:1b:db:df:9e:95:9f:
31:50:e2:25:ea:f9:6a:9f:f5:0a:28:60:a0:e5:3f:90:cc:b4:
3f:35:b9:30:04:85:04:a9:1a:0a:b4:2f:40:37:e3:1c:2b:0f:
21:cb:16:2d:62:22:54:66:1d:3d:01:1e:a3:96:06:e6:38:00:
c7:91:8b:5b:61:49:c0:7e:c9:81:d1:ca:cf:48:ef:9a:6d:f9:
3c:9a:c8:8b:2c:be:ca:35:8d:11:4e:07:f3:01:fd:67:cf:a9:
12:05:18:13:8c:3c:e8:76:56:43:1f:f5:07:03:b4:81:79:4f:
38:7b:a3:33:68:a0:5a:b4:3f:e7:19:26:85:da:a9:c2:6e:6f:
f0:53:9b:8c:fc:5c:6d:b5:bc:17:10:c2:eb:99:01:ed:b2:7e:
55:7f:d4:e2:d2:9d:28:d3:f0:4d:bd:66:5d:81:1f:4b:1b:9b:
5d:fc:f1:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbAh+MsyfvyQ1e9mmzv3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYTBkNTg2OGM3YTQxZDZmZTlkY2JjZjkzODA1YWM0MmNi
ZGJkYmYwHhcNMjUwMTAyMDk1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlmZWYxYjBjMzc5YTIwNzA4NjY4OGYyNTBlMDAwZjQxZDZhNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp36ITA6TM+1g7w11YmNDCl8r7mQY
XlyjWEK0Bl9T6tnS54F3BYABYm/PJp6DY5CmIKZ0OukbXqrjpa/SvG529pTZBHOP
/FCWXjccCmv8nXJbZiOTkR6U4Z4v1xSraX1RBJJbRHu000xacjmphY21j+ytz04E
j3KOu3mMi9prV+j4IyjOPawxNEH99R8GHE1XedUlRW36AJWGYsLoJrKT9lTiu0ca
4gkeizBWvOkgFFs7i15lzjp0LSXT0q1+sR651RMV/ZGax06XD6W/ypTLGBO2F/us
cbuNbaEo+HWWALKddb7KlyH2AqNl0NEBPQ5I5g65HwSzBVEQhBkNX8WO1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKmf7xsMN5ogcIZojyUOAA9B1qUqMB8GA1UdIwQY
MBaAFAGg1YaMekHW/p3Lz5OAWsQsvb2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWFEVmhveDZRZGItbmN2UGs0QmF4Q3k5dmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mY2RiZWUtZGI5ZC00NmI4LTllMDMt
MTQ2ZTBiMTc4MDg1LzEvcVpfdkd3dzNtaUJ3aG1pUEpRNEFEMEhXcFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mY2RiZWUtZGI5ZC00NmI4LTllMDMtMTQ2ZTBiMTc4MDg1
LzEvQWFEVmhveDZRZGItbmN2UGs0QmF4Q3k5dmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSBUMA0E
AgACMAcDBQAqENLAMA0GCSqGSIb3DQEBCwUAA4IBAQAgN3fGcvTEAFvtYhhTKYYs
SYPJAJLZ8tP4bQfUGVJySbPaCHzfifpqpQJdgaX47ki39h4x82v6/pcsAI5nBGpf
AjoB6w3J0mibYWdokVf8tKXHPLQb29+elZ8xUOIl6vlqn/UKKGCg5T+QzLQ/Nbkw
BIUEqRoKtC9AN+McKw8hyxYtYiJUZh09AR6jlgbmOADHkYtbYUnAfsmB0crPSO+a
bfk8msiLLL7KNY0RTgfzAf1nz6kSBRgTjDzodlZDH/UHA7SBeU84e6MzaKBatD/n
GSaF2qnCbm/wU5uM/FxttbwXEMLrmQHtsn5Vf9Ti0p0o0/BNvWZdgR9LG5td/PEr
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:25 2025 by rpki-client