Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/QMMy8yKbXHEJwsJqLmy-L7XC5s8.roa
File: QMMy8yKbXHEJwsJqLmy-L7XC5s8.roa (raw, json)
Hash identifier: YyXDtgRgJkHfVXUNq/vL+FBOo2ylA/9ZRjglYBypKl4=
Subject key identifier: 40:C3:32:F3:22:9B:5C:71:09:C2:C2:6A:2E:6C:BE:2F:B5:C2:E6:CF
Certificate issuer: /CN=8a2e2ee3be7d7525ed74b7aae07e92aecaf84936
Certificate serial: 0194266B51368A4AB7642F2C5F06A62734DB
Authority key identifier: 8A:2E:2E:E3:BE:7D:75:25:ED:74:B7:AA:E0:7E:92:AE:CA:F8:49:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ii4u4759dSXtdLeq4H6Srsr4STY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/QMMy8yKbXHEJwsJqLmy-L7XC5s8.roa
Signing time: Thu 02 Jan 2025 09:49:14 +0000
ROA not before: Thu 02 Jan 2025 09:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 194.36.12.0/22 maxlen: 22
194.169.100.0/24 maxlen: 24
194.169.116.0/24 maxlen: 24
194.169.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/ii4u4759dSXtdLeq4H6Srsr4STY.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/ii4u4759dSXtdLeq4H6Srsr4STY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ii4u4759dSXtdLeq4H6Srsr4STY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:51:36:8a:4a:b7:64:2f:2c:5f:06:a6:27:34:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a2e2ee3be7d7525ed74b7aae07e92aecaf84936
Validity
Not Before: Jan 2 09:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40c332f3229b5c7109c2c26a2e6cbe2fb5c2e6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:e9:38:2e:3a:f9:6e:85:d7:48:c8:ef:94:
4d:49:9f:c3:24:de:3d:46:00:c3:b5:ba:e6:ad:3a:
e8:b4:cf:5a:84:49:7b:ee:82:f3:07:d0:f9:6c:0e:
c1:83:33:f2:7f:3c:ab:21:f4:82:80:d6:47:5a:6d:
f4:01:35:88:aa:11:b6:de:8c:be:c1:65:c0:7d:8a:
0d:9b:a4:2a:1d:5b:b2:a9:14:75:30:85:9f:64:ff:
e0:48:e2:d4:e9:ba:25:29:0f:1f:07:54:5c:44:68:
b1:49:e3:35:13:57:05:a8:8f:47:b9:8c:0f:c8:7d:
14:cb:2c:3d:19:e2:1d:46:1d:f5:da:63:ef:f3:78:
bf:59:2d:0c:8d:0c:4a:7a:b2:75:cb:33:34:4e:6a:
11:78:45:7c:ef:9b:80:21:6d:97:09:8b:9d:83:52:
e6:14:ec:5d:85:0a:47:ab:a3:62:9e:7c:07:8f:5a:
99:f1:ca:71:2f:4e:d2:7c:8a:e7:0e:f7:95:11:12:
3d:ad:7f:80:01:b9:a5:da:05:d4:05:bb:74:80:72:
da:bb:e1:94:71:50:0a:10:e0:d0:bf:fb:ed:73:61:
63:f4:08:d7:f2:c3:e1:81:81:62:d3:a0:93:9a:8f:
3d:09:93:97:e4:52:20:d7:f6:27:9b:b3:b8:c9:b1:
4d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C3:32:F3:22:9B:5C:71:09:C2:C2:6A:2E:6C:BE:2F:B5:C2:E6:CF
X509v3 Authority Key Identifier:
keyid:8A:2E:2E:E3:BE:7D:75:25:ED:74:B7:AA:E0:7E:92:AE:CA:F8:49:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ii4u4759dSXtdLeq4H6Srsr4STY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/QMMy8yKbXHEJwsJqLmy-L7XC5s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1197f2-7f8e-48e4-bda9-f5bb2b2d63be/1/ii4u4759dSXtdLeq4H6Srsr4STY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.12.0/22
194.169.100.0/24
194.169.116.0/23
Signature Algorithm: sha256WithRSAEncryption
98:b1:fc:69:04:67:04:07:dd:78:d5:5c:76:38:6d:70:44:b0:
18:09:1a:e9:a9:0a:88:6d:79:21:27:4c:a5:99:81:ed:d8:f2:
f8:19:a0:b1:37:fa:17:7c:04:5c:57:a6:aa:26:46:b5:f8:b1:
da:fe:21:41:f6:29:e8:9c:3e:da:e0:b8:d2:f6:04:3a:34:34:
5c:2d:37:25:8e:26:37:e4:b2:2f:bf:24:57:4e:56:43:1e:77:
ac:a3:14:d9:06:bc:de:0a:10:8b:04:3f:1c:76:47:30:28:6d:
d4:a6:31:29:c8:56:be:97:d6:5f:98:35:5e:b4:83:8d:2a:bb:
c3:f8:00:05:3e:71:ce:1e:1d:52:f5:d4:f6:b7:08:89:f0:c7:
73:55:b5:8a:f4:f0:74:bb:2d:fa:0d:c5:8c:c8:ca:d3:46:05:
c1:48:35:56:32:0d:64:1b:11:0b:85:f6:e0:5d:32:e6:ca:29:
42:b1:f7:58:d5:b2:e5:73:82:c1:96:f5:29:aa:e9:81:61:75:
da:7f:3c:1b:96:a6:2f:b6:5a:73:9d:6e:b7:60:3e:6d:30:89:
9e:c5:bd:ed:c9:08:8f:94:f8:58:a0:93:0c:a7:9d:24:83:f5:
f8:02:3f:8a:3b:0c:44:e9:d9:82:48:3d:39:a3:0a:43:d5:07:
4c:8d:47:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQma1E2ikq3ZC8sXwamJzTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMmUyZWUzYmU3ZDc1MjVlZDc0YjdhYWUwN2U5MmFlY2Fm
ODQ5MzYwHhcNMjUwMTAyMDk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMzMzJmMzIyOWI1YzcxMDljMmMyNmEyZTZjYmUyZmI1YzJlNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTjpOC46+W6F10jI75RNSZ/DJN49
RgDDtbrmrTrotM9ahEl77oLzB9D5bA7BgzPyfzyrIfSCgNZHWm30ATWIqhG23oy+
wWXAfYoNm6QqHVuyqRR1MIWfZP/gSOLU6bolKQ8fB1RcRGixSeM1E1cFqI9HuYwP
yH0Uyyw9GeIdRh312mPv83i/WS0MjQxKerJ1yzM0TmoReEV875uAIW2XCYudg1Lm
FOxdhQpHq6NinnwHj1qZ8cpxL07SfIrnDveVERI9rX+AAbml2gXUBbt0gHLau+GU
cVAKEODQv/vtc2Fj9AjX8sPhgYFi06CTmo89CZOX5FIg1/Ynm7O4ybFN6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDDMvMim1xxCcLCai5svi+1wubPMB8GA1UdIwQY
MBaAFIouLuO+fXUl7XS3quB+kq7K+Ek2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWk0dTQ3NTlkU1h0ZExlcTRINlNyc3I0U1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xMTk3ZjItN2Y4ZS00OGU0LWJkYTkt
ZjViYjJiMmQ2M2JlLzEvUU1NeTh5S2JYSEVKd3NKcUxteS1MN1hDNXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xMTk3ZjItN2Y4ZS00OGU0LWJkYTktZjViYjJiMmQ2M2Jl
LzEvaWk0dTQ3NTlkU1h0ZExlcTRINlNyc3I0U1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwiQMAwQA
wqlkAwQBwql0MA0GCSqGSIb3DQEBCwUAA4IBAQCYsfxpBGcEB9141Vx2OG1wRLAY
CRrpqQqIbXkhJ0ylmYHt2PL4GaCxN/oXfARcV6aqJka1+LHa/iFB9inonD7a4LjS
9gQ6NDRcLTcljiY35LIvvyRXTlZDHnesoxTZBrzeChCLBD8cdkcwKG3UpjEpyFa+
l9ZfmDVetIONKrvD+AAFPnHOHh1S9dT2twiJ8MdzVbWK9PB0uy36DcWMyMrTRgXB
SDVWMg1kGxELhfbgXTLmyilCsfdY1bLlc4LBlvUpqumBYXXafzwblqYvtlpznW63
YD5tMImexb3tyQiPlPhYoJMMp50kg/X4Aj+KOwxE6dmCSD05owpD1QdMjUeC
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:29:14 2025 by rpki-client