Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/qrJ2-0cTvD-M2EZlQRWwfc9W0ek.roa
File: qrJ2-0cTvD-M2EZlQRWwfc9W0ek.roa (raw, json)
Hash identifier: 4bA9jmULg0CvGkkToEtHl5uaDxzTVZEhsLwmhxwDpEk=
Subject key identifier: AA:B2:76:FB:47:13:BC:3F:8C:D8:46:65:41:15:B0:7D:CF:56:D1:E9
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 0194228E2327AF3BDA6C4F753943E6161452
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/qrJ2-0cTvD-M2EZlQRWwfc9W0ek.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201080
IP address blocks: 37.60.155.0/24 maxlen: 24
37.60.156.0/23 maxlen: 24
37.60.157.0/24 maxlen: 24
37.60.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:23:27:af:3b:da:6c:4f:75:39:43:e6:16:14:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aab276fb4713bc3f8cd846654115b07dcf56d1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:db:d6:41:27:30:8d:6d:b7:18:72:d6:f3:6d:
d6:b6:43:11:37:56:a9:a7:39:9d:02:39:46:6a:de:
04:97:91:b1:29:70:c4:07:01:9d:a4:f3:c9:88:58:
92:00:61:d4:f1:1e:4d:bd:82:b5:8e:c1:49:c8:12:
46:18:48:13:55:9f:dd:68:51:d9:28:39:f9:06:72:
91:d5:00:4d:75:20:60:d6:0f:15:33:94:d1:44:51:
25:a7:fb:b6:a2:fa:53:73:ae:65:98:99:ba:f9:1b:
dc:c9:94:f4:13:3b:9c:a2:cd:8a:1f:8c:1f:03:8c:
85:b8:f4:6e:18:46:d6:a7:6e:33:85:15:56:9e:42:
74:5e:a6:0f:7a:67:eb:81:6f:30:e9:3d:a1:d8:c7:
33:84:3f:bf:31:51:fe:49:19:19:f4:12:e8:93:ef:
54:e3:b9:1e:bd:51:bc:6c:2b:6a:4c:bb:9d:8d:7c:
6a:57:ae:4c:d4:e6:e3:37:37:60:40:27:ae:f2:05:
e0:11:5d:66:d4:c5:77:be:37:d4:8a:df:db:8f:ea:
5c:09:f1:0c:f4:07:12:75:f5:46:e0:1f:a9:7e:34:
3d:66:b4:39:0c:61:a1:0f:0d:06:ab:22:94:f8:16:
30:04:ba:ba:54:ec:84:01:52:09:99:4a:3b:0c:6c:
89:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B2:76:FB:47:13:BC:3F:8C:D8:46:65:41:15:B0:7D:CF:56:D1:E9
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/qrJ2-0cTvD-M2EZlQRWwfc9W0ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.155.0-37.60.158.255
Signature Algorithm: sha256WithRSAEncryption
3d:42:32:78:20:27:cb:1e:2d:25:7b:c6:81:43:8a:24:09:90:
49:dd:09:6f:dc:1b:e4:5a:bd:15:eb:4e:6e:05:6f:c7:89:ea:
5d:0e:25:da:79:e0:1b:4d:e2:b2:25:3b:4f:8f:b9:e7:6b:78:
bf:86:06:ac:99:d1:33:fd:a2:d4:03:6a:bd:2b:9a:d7:6c:74:
b4:b8:77:76:46:53:59:9b:3e:30:9a:1a:af:34:54:75:b7:63:
c0:b4:37:e6:d3:5c:c3:4f:38:d5:bd:82:af:49:29:91:78:a9:
1e:e1:c8:be:1a:02:75:56:88:21:1e:cc:ca:28:60:df:41:52:
a6:51:34:67:e1:8f:40:94:ef:c0:59:bf:ca:87:d3:51:f5:40:
5c:83:f6:54:51:83:d8:07:95:45:6b:78:92:d7:29:ef:32:c2:
d0:a0:90:1e:16:a7:f6:10:2b:76:b8:72:7f:f7:2a:51:a5:60:
1d:52:5f:6a:66:95:54:5c:2b:20:ec:8f:bb:13:f8:73:07:a3:
50:12:80:05:46:66:b4:45:6f:da:0c:36:e1:b7:8f:6c:33:40:
03:48:c8:ca:66:f4:6b:9c:11:0b:88:da:c2:1a:07:d8:01:c3:
e2:c8:03:a0:91:fe:22:59:db:64:6d:a8:09:ac:20:d8:53:23:
dd:7c:34:17
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijiMnrzvabE91OUPmFhRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTMyZTQ0NWMyNGRlZDliODUyMTJkNDc5Yjg4MDA4MTY1
ZWJkYmEwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWIyNzZmYjQ3MTNiYzNmOGNkODQ2NjU0MTE1YjA3ZGNmNTZkMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitvWQScwjW23GHLW823WtkMRN1ap
pzmdAjlGat4El5GxKXDEBwGdpPPJiFiSAGHU8R5NvYK1jsFJyBJGGEgTVZ/daFHZ
KDn5BnKR1QBNdSBg1g8VM5TRRFElp/u2ovpTc65lmJm6+RvcyZT0Ezucos2KH4wf
A4yFuPRuGEbWp24zhRVWnkJ0XqYPemfrgW8w6T2h2MczhD+/MVH+SRkZ9BLok+9U
47kevVG8bCtqTLudjXxqV65M1ObjNzdgQCeu8gXgEV1m1MV3vjfUit/bj+pcCfEM
9AcSdfVG4B+pfjQ9ZrQ5DGGhDw0GqyKU+BYwBLq6VOyEAVIJmUo7DGyJXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKqydvtHE7w/jNhGZUEVsH3PVtHpMB8GA1UdIwQY
MBaAFJSjLkRcJN7ZuFIS1Hm4gAgWXr26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODIt
ZTE0ODdhNTRjMWU1LzEvcXJKMi0wY1R2RC1NMkVabFFSV3dmYzlXMGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODItZTE0ODdhNTRjMWU1
LzEvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlPJsD
BAAlPJ4wDQYJKoZIhvcNAQELBQADggEBAD1CMnggJ8seLSV7xoFDiiQJkEndCW/c
G+RavRXrTm4Fb8eJ6l0OJdp54BtN4rIlO0+PuedreL+GBqyZ0TP9otQDar0rmtds
dLS4d3ZGU1mbPjCaGq80VHW3Y8C0N+bTXMNPONW9gq9JKZF4qR7hyL4aAnVWiCEe
zMooYN9BUqZRNGfhj0CU78BZv8qH01H1QFyD9lRRg9gHlUVreJLXKe8ywtCgkB4W
p/YQK3a4cn/3KlGlYB1SX2pmlVRcKyDsj7sT+HMHo1ASgAVGZrRFb9oMNuG3j2wz
QANIyMpm9GucEQuI2sIaB9gBw+LIA6CR/iJZ22RtqAmsINhTI918NBc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:21 2025 by rpki-client