Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/Qb83VG82QGzWbpalRRMPH518SYo.roa
File: Qb83VG82QGzWbpalRRMPH518SYo.roa (raw, json)
Hash identifier: AiyxH3+S5rR7yJjoD/YrQHR/3h9nA1hJpL55scIpUTs=
Subject key identifier: 41:BF:37:54:6F:36:40:6C:D6:6E:96:A5:45:13:0F:1F:9D:7C:49:8A
Certificate issuer: /CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Certificate serial: 0194236A09C485D7D63C83A03860CC66E720
Authority key identifier: 77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/Qb83VG82QGzWbpalRRMPH518SYo.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60277
IP address blocks: 185.32.252.0/22 maxlen: 22
185.190.204.0/22 maxlen: 22
193.57.206.0/23 maxlen: 23
193.57.216.0/23 maxlen: 23
2a00:ca20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:09:c4:85:d7:d6:3c:83:a0:38:60:cc:66:e7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41bf37546f36406cd66e96a545130f1f9d7c498a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:75:42:20:a9:6a:22:d4:85:43:5c:be:e8:
36:59:2c:86:05:ad:11:5d:e4:a3:9e:da:9b:91:58:
1e:5c:e7:0d:91:35:94:13:ce:58:49:a7:e9:6e:1c:
76:b9:f7:71:36:e0:8f:43:5c:f0:ff:8e:67:c5:3e:
a3:80:c6:4a:5f:9b:e5:11:9b:62:60:e3:fd:79:42:
ba:17:38:4c:79:7f:3d:cd:63:df:71:66:64:92:0b:
e4:d9:e8:fd:17:2c:44:35:f5:2a:65:80:31:6c:df:
53:4c:0d:00:12:d1:cf:cb:ed:84:f2:ef:aa:04:d1:
fc:00:92:38:09:43:a8:48:61:d0:34:67:7c:c5:36:
a8:a5:19:2c:04:6c:cc:dd:ec:1a:ab:d4:6a:51:12:
87:f2:cb:7e:03:07:86:b0:6c:e1:8c:c1:9a:5f:ba:
31:a8:1b:bd:81:92:e9:33:18:73:9e:f1:9e:6b:19:
5f:e1:8c:4b:02:c6:8d:44:55:f6:1b:95:8f:3d:39:
86:c6:b1:59:5b:c3:d1:b7:d8:37:75:8f:4b:69:09:
88:7c:bf:f0:d9:71:4c:be:70:19:2a:75:86:5e:3e:
4e:ef:c7:87:fd:82:c4:86:60:34:ea:24:26:d5:6f:
7e:f8:d7:4d:0f:eb:f9:e7:7b:ad:5d:12:90:78:da:
9a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BF:37:54:6F:36:40:6C:D6:6E:96:A5:45:13:0F:1F:9D:7C:49:8A
X509v3 Authority Key Identifier:
keyid:77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/Qb83VG82QGzWbpalRRMPH518SYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.252.0/22
185.190.204.0/22
193.57.206.0/23
193.57.216.0/23
IPv6:
2a00:ca20::/29
Signature Algorithm: sha256WithRSAEncryption
05:37:98:6e:44:0c:68:a3:5b:36:41:84:1f:48:d9:4a:79:05:
71:b3:57:4b:1b:19:0a:d7:42:aa:a7:62:be:4f:62:43:e5:fe:
f8:05:28:a7:b2:15:97:d2:0e:f7:80:1a:0c:8d:96:52:07:6b:
05:9d:a9:ba:aa:f4:c8:a4:9e:d0:bb:1c:9a:a0:52:8e:8d:e5:
08:2d:1d:dd:a3:10:b5:df:2a:e3:f0:96:e4:34:c6:a3:91:96:
63:99:d4:7a:f4:a8:f6:92:38:83:4d:e6:78:17:0d:25:bd:cb:
0a:7e:59:f6:ee:5a:d5:13:6c:61:ca:2c:0e:b0:21:32:45:ec:
a6:62:6e:f8:af:5d:60:38:46:95:99:5d:93:6f:30:14:cf:58:
20:8f:c0:55:38:57:b0:30:8d:ed:fd:b8:58:26:5f:cf:b5:b1:
04:8d:70:5a:64:22:f4:cb:89:aa:ff:83:b1:69:0c:70:26:e8:
84:16:9a:b4:0d:f7:d8:87:18:dd:cb:40:5f:92:f9:df:61:ff:
75:d1:02:56:b5:8a:c2:38:4e:b6:6f:da:69:35:df:80:7e:c0:
0b:90:ab:f1:1f:04:48:63:9b:a6:f3:4d:03:88:f8:ff:9e:a7:
ae:8d:6b:43:14:c5:0a:2f:cf:7b:81:58:22:f9:51:2e:0f:34:
2e:12:c7:64
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjagnEhdfWPIOgOGDMZucgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MmY3MDM1YzI4OTNiMjhjZDA0ZmQxYTliM2NhY2QyNDI4
YzhkZmQwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJmMzc1NDZmMzY0MDZjZDY2ZTk2YTU0NTEzMGYxZjlkN2M0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiJ1QiCpaiLUhUNcvug2WSyGBa0R
XeSjntqbkVgeXOcNkTWUE85YSafpbhx2ufdxNuCPQ1zw/45nxT6jgMZKX5vlEZti
YOP9eUK6FzhMeX89zWPfcWZkkgvk2ej9FyxENfUqZYAxbN9TTA0AEtHPy+2E8u+q
BNH8AJI4CUOoSGHQNGd8xTaopRksBGzM3ewaq9RqURKH8st+AweGsGzhjMGaX7ox
qBu9gZLpMxhznvGeaxlf4YxLAsaNRFX2G5WPPTmGxrFZW8PRt9g3dY9LaQmIfL/w
2XFMvnAZKnWGXj5O78eH/YLEhmA06iQm1W9++NdND+v553utXRKQeNqaEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEG/N1RvNkBs1m6WpUUTDx+dfEmKMB8GA1UdIwQY
MBaAFHcvcDXCiTsozQT9Gps8rNJCjI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQt
ODMwMzVhZmU0YTM3LzEvUWI4M1ZHODJRR3pXYnBhbFJSTVBINTE4U1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQtODMwMzVhZmU0YTM3
LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSD8AwQC
ub7MAwQBwTnOAwQBwTnYMA0EAgACMAcDBQMqAMogMA0GCSqGSIb3DQEBCwUAA4IB
AQAFN5huRAxoo1s2QYQfSNlKeQVxs1dLGxkK10Kqp2K+T2JD5f74BSinshWX0g73
gBoMjZZSB2sFnam6qvTIpJ7QuxyaoFKOjeUILR3doxC13yrj8JbkNMajkZZjmdR6
9Kj2kjiDTeZ4Fw0lvcsKfln27lrVE2xhyiwOsCEyReymYm74r11gOEaVmV2TbzAU
z1ggj8BVOFewMI3t/bhYJl/PtbEEjXBaZCL0y4mq/4OxaQxwJuiEFpq0DffYhxjd
y0BfkvnfYf910QJWtYrCOE62b9ppNd+AfsALkKvxHwRIY5um800DiPj/nqeujWtD
FMUKL897gVgi+VEuDzQuEsdk
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:22 2025 by rpki-client