Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/QXbfJIh1eRteU9Wzrebe-Y-tzSY.roa
File: QXbfJIh1eRteU9Wzrebe-Y-tzSY.roa (raw, json)
Hash identifier: SsanvIDWtEhKsoV2dkvCk+7YzGR4haX0tXLi2hZEJiE=
Subject key identifier: 41:76:DF:24:88:75:79:1B:5E:53:D5:B3:AD:E6:DE:F9:8F:AD:CD:26
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 0194236A34B666774C487D8F8072B6A51845
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/QXbfJIh1eRteU9Wzrebe-Y-tzSY.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 93.180.222.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:34:b6:66:77:4c:48:7d:8f:80:72:b6:a5:18:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4176df248875791b5e53d5b3ade6def98fadcd26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:7d:5a:e4:72:43:21:8c:d8:d9:f7:5b:2d:
72:fe:b0:d0:0a:db:47:35:04:ce:86:4f:e8:f8:e4:
ed:85:f3:bb:f3:81:33:f4:a5:ad:bc:34:38:c8:db:
c8:41:db:57:2c:70:67:b5:67:fb:8f:b4:02:64:b4:
74:e8:b3:f1:cd:a2:2b:54:5f:a7:60:d6:9f:da:53:
fe:b7:e9:18:79:01:ca:6b:1c:97:61:15:02:93:cc:
a1:ca:7b:f8:10:81:a3:13:a4:d9:90:72:2c:42:20:
8b:94:38:46:69:2c:86:af:f4:25:d5:1e:03:12:34:
b5:e6:02:74:8d:89:23:41:01:e0:a4:ad:9d:a1:51:
9c:4d:86:f4:9f:b7:8e:69:7b:20:6e:1c:c1:cf:aa:
67:ee:3b:98:56:92:fc:25:59:92:17:cf:88:27:3d:
7d:3b:01:27:62:7b:a0:be:ba:c8:3e:31:73:0b:4a:
2c:82:1e:ae:e0:48:26:79:57:d3:00:4f:59:58:11:
a1:a6:f2:66:64:94:ac:01:38:94:50:c8:0f:e2:cb:
fb:98:09:b6:83:f9:10:08:83:6d:19:9c:99:4e:8d:
4c:c8:34:da:ec:9c:36:d6:99:b5:4f:b3:36:2f:5d:
dd:c2:03:99:24:67:ed:78:00:3e:d7:a1:06:c8:31:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:76:DF:24:88:75:79:1B:5E:53:D5:B3:AD:E6:DE:F9:8F:AD:CD:26
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/QXbfJIh1eRteU9Wzrebe-Y-tzSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.222.0/24
185.254.15.0/24
199.74.188.0/24
199.74.190.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:ae:76:57:83:9c:e4:9a:a0:04:47:cf:7b:58:c7:fb:0c:02:
4b:78:00:af:ce:4a:bc:86:4e:4f:6e:7d:d0:5c:2c:c8:bc:3f:
f7:7c:bb:f6:53:b0:d6:19:a6:08:60:be:7d:37:64:1c:17:db:
ca:fc:66:fe:28:8f:21:61:49:1a:32:f6:ac:50:1b:59:2c:ed:
68:e6:7f:84:37:a7:b2:15:36:7e:d0:0b:1c:76:55:ab:6a:b2:
5c:75:d5:09:4b:a6:55:0a:3f:dc:1c:08:fd:39:8a:7d:0f:c9:
bf:db:4c:1c:3a:b7:f3:15:a5:f3:00:bb:02:e7:64:be:20:a3:
01:11:58:81:05:f7:60:8c:93:23:08:2e:5b:c0:db:19:62:3d:
38:c9:a5:67:fe:78:91:1c:1b:42:bb:e1:63:f7:cf:3e:eb:4e:
ce:fc:79:3c:22:63:37:56:ca:99:d1:01:09:83:f2:87:ae:0c:
52:ef:68:a4:f8:58:5b:a6:9f:ef:6a:04:5f:19:e8:e5:32:71:
6e:6e:96:f6:64:7c:25:11:6f:15:11:93:11:0a:b9:51:dd:1e:
63:39:8c:d5:b9:98:be:c1:b3:e6:7b:7e:8d:db:79:58:c8:fe:
ba:64:d7:4f:26:bd:1e:33:3b:fc:73:98:e2:00:65:31:82:06:
d5:c8:36:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjajS2ZndMSH2PgHK2pRhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc2ZGYyNDg4NzU3OTFiNWU1M2Q1YjNhZGU2ZGVmOThmYWRjZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIF9WuRyQyGM2Nn3Wy1y/rDQCttH
NQTOhk/o+OTthfO784Ez9KWtvDQ4yNvIQdtXLHBntWf7j7QCZLR06LPxzaIrVF+n
YNaf2lP+t+kYeQHKaxyXYRUCk8yhynv4EIGjE6TZkHIsQiCLlDhGaSyGr/Ql1R4D
EjS15gJ0jYkjQQHgpK2doVGcTYb0n7eOaXsgbhzBz6pn7juYVpL8JVmSF8+IJz19
OwEnYnugvrrIPjFzC0osgh6u4EgmeVfTAE9ZWBGhpvJmZJSsATiUUMgP4sv7mAm2
g/kQCINtGZyZTo1MyDTa7Jw21pm1T7M2L13dwgOZJGfteAA+16EGyDHKnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEF23ySIdXkbXlPVs63m3vmPrc0mMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvUVhiZkpJaDFlUnRlVTlXenJlYmUtWS10elNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXbTeAwQA
uf4PAwQAx0q8AwQAx0q+MA0GCSqGSIb3DQEBCwUAA4IBAQC9rnZXg5zkmqAER897
WMf7DAJLeACvzkq8hk5Pbn3QXCzIvD/3fLv2U7DWGaYIYL59N2QcF9vK/Gb+KI8h
YUkaMvasUBtZLO1o5n+EN6eyFTZ+0AscdlWrarJcddUJS6ZVCj/cHAj9OYp9D8m/
20wcOrfzFaXzALsC52S+IKMBEViBBfdgjJMjCC5bwNsZYj04yaVn/niRHBtCu+Fj
988+607O/Hk8ImM3VsqZ0QEJg/KHrgxS72ik+Fhbpp/vagRfGejlMnFubpb2ZHwl
EW8VEZMRCrlR3R5jOYzVuZi+wbPme36N23lYyP66ZNdPJr0eMzv8c5jiAGUxggbV
yDbv
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:01:41 2025 by rpki-client