Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/qjQhZowEfdGa2UYTjjFEd5YoNZU.roa
File: qjQhZowEfdGa2UYTjjFEd5YoNZU.roa (raw, json)
Hash identifier: TNuRM9AWklcY8X4FhEL9ThUHd3ohdbsa495akoRBBzs=
Subject key identifier: AA:34:21:66:8C:04:7D:D1:9A:D9:46:13:8E:31:44:77:96:28:35:95
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01957F72BC335E899808418F5E9E97C2C6A3
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/qjQhZowEfdGa2UYTjjFEd5YoNZU.roa
Signing time: Mon 10 Mar 2025 09:46:20 +0000
ROA not before: Mon 10 Mar 2025 09:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:7f45::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:72:bc:33:5e:89:98:08:41:8f:5e:9e:97:c2:c6:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Mar 10 09:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa3421668c047dd19ad946138e31447796283595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:19:a1:c4:c2:f3:3d:74:ce:53:56:00:66:
eb:4f:76:b7:17:3b:7e:38:02:35:56:b5:36:e6:3d:
bb:c3:08:b8:ba:30:9f:c6:b5:3c:33:cf:42:54:f1:
c8:10:c7:5c:97:20:3b:9f:54:c6:48:a7:5c:b9:9b:
4a:e8:eb:7e:7c:3f:79:9a:81:5d:3c:19:69:58:0e:
d5:20:e8:05:06:8e:b5:e2:be:dd:9c:46:f6:76:91:
8e:a5:58:d7:ae:f9:88:3b:4f:99:a2:2b:3f:4c:fa:
2f:ba:23:2f:f8:e2:33:c2:4b:79:03:60:c0:c1:6e:
03:01:a7:a9:a8:7c:76:60:56:17:51:bd:04:16:8c:
d1:ea:85:cb:ad:5c:93:08:ce:75:bc:e9:28:2c:4c:
cf:61:6d:c8:54:42:a6:4d:a1:e1:35:7a:fb:ba:0d:
74:11:46:4c:ec:49:f0:14:e4:c4:f8:ca:68:5d:ae:
20:fe:15:00:eb:76:e9:61:0a:d7:da:23:28:b4:b2:
e4:01:8c:ca:1b:03:1b:06:2d:78:56:4a:5e:2d:66:
29:4a:a4:b0:e6:fb:b3:90:43:50:e9:be:1c:a6:f4:
22:f2:17:b3:64:0b:ce:6a:1d:70:f3:9a:bd:d6:36:
ce:27:44:b3:5c:90:59:41:b3:4b:22:09:61:d9:3a:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:34:21:66:8C:04:7D:D1:9A:D9:46:13:8E:31:44:77:96:28:35:95
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/qjQhZowEfdGa2UYTjjFEd5YoNZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f45::/32
Signature Algorithm: sha256WithRSAEncryption
5f:84:a8:d9:80:6c:e1:2b:d7:29:4a:e4:b9:96:d2:99:74:9d:
26:ec:dd:2b:20:da:2e:53:46:d1:14:ba:b7:fc:63:2b:39:05:
7b:11:a2:fd:5a:66:be:db:bf:87:e7:2c:76:d0:a1:a2:30:d7:
56:c4:ce:c8:c7:df:40:e8:84:c4:7c:db:3f:5e:26:ad:00:9d:
b8:57:63:5c:d4:46:ef:86:f6:2d:3d:b7:af:2d:91:11:99:0d:
0c:6e:af:34:86:b8:47:87:59:52:81:24:0b:d2:ee:eb:0a:6d:
2b:1a:39:2c:3a:01:f1:94:4e:eb:11:30:46:55:39:43:b6:5d:
52:fd:ab:a2:fa:26:be:3f:e7:90:9a:97:0c:25:62:6a:7e:e8:
1c:6f:90:e0:72:d9:88:8e:71:91:08:34:ae:44:d4:83:6c:b7:
bc:c0:b0:7c:4a:f6:83:c4:99:d0:73:a1:e6:2e:50:b0:4f:19:
e3:9b:eb:5c:d1:f0:91:97:ec:01:2a:3c:a3:7f:9f:1a:4d:b7:
23:04:e5:1c:0b:84:7d:90:45:e2:d2:e6:d9:36:77:30:4f:9e:
a4:c5:a7:d1:39:68:2a:e1:5a:5d:e7:36:ef:1b:95:5e:50:95:
13:4e:26:cc:f7:93:b6:91:7c:86:37:a4:a8:54:a8:85:07:0f:
3f:9f:79:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZV/crwzXomYCEGPXp6XwsajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMzEwMDk0NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTM0MjE2NjhjMDQ3ZGQxOWFkOTQ2MTM4ZTMxNDQ3Nzk2MjgzNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkcZocTC8z10zlNWAGbrT3a3Fzt+
OAI1VrU25j27wwi4ujCfxrU8M89CVPHIEMdclyA7n1TGSKdcuZtK6Ot+fD95moFd
PBlpWA7VIOgFBo614r7dnEb2dpGOpVjXrvmIO0+Zois/TPovuiMv+OIzwkt5A2DA
wW4DAaepqHx2YFYXUb0EFozR6oXLrVyTCM51vOkoLEzPYW3IVEKmTaHhNXr7ug10
EUZM7EnwFOTE+MpoXa4g/hUA63bpYQrX2iMotLLkAYzKGwMbBi14VkpeLWYpSqSw
5vuzkENQ6b4cpvQi8hezZAvOah1w85q91jbOJ0SzXJBZQbNLIglh2TqT9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKo0IWaMBH3RmtlGE44xRHeWKDWVMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvcWpRaFpvd0VmZEdhMlVZVGpqRkVkNVlvTlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/RTAN
BgkqhkiG9w0BAQsFAAOCAQEAX4So2YBs4SvXKUrkuZbSmXSdJuzdKyDaLlNG0RS6
t/xjKzkFexGi/Vpmvtu/h+csdtChojDXVsTOyMffQOiExHzbP14mrQCduFdjXNRG
74b2LT23ry2REZkNDG6vNIa4R4dZUoEkC9Lu6wptKxo5LDoB8ZRO6xEwRlU5Q7Zd
Uv2rovomvj/nkJqXDCVian7oHG+Q4HLZiI5xkQg0rkTUg2y3vMCwfEr2g8SZ0HOh
5i5QsE8Z45vrXNHwkZfsASo8o3+fGk23IwTlHAuEfZBF4tLm2TZ3ME+epMWn0Tlo
KuFaXec27xuVXlCVE04mzPeTtpF8hjekqFSohQcPP595Tg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:23:06 2025 by rpki-client