Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/qzRYbIxueG7BxO2kIyNYDm59o0o.roa
File: qzRYbIxueG7BxO2kIyNYDm59o0o.roa (raw, json)
Hash identifier: ZxnZOMA5hmEug+cRf8g9nRIfM3tLtcITJFQSj4Zq/Vg=
Subject key identifier: AB:34:58:6C:8C:6E:78:6E:C1:C4:ED:A4:23:23:58:0E:6E:7D:A3:4A
Certificate issuer: /CN=751483655b35a2b847185f689c8fd1601dcc7187
Certificate serial: 0194266B52D4D18F90C5EF13946592EFB0AC
Authority key identifier: 75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/qzRYbIxueG7BxO2kIyNYDm59o0o.roa
Signing time: Thu 02 Jan 2025 09:49:15 +0000
ROA not before: Thu 02 Jan 2025 09:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35171
IP address blocks: 45.143.32.0/22 maxlen: 22
45.143.32.0/24 maxlen: 24
45.143.33.0/24 maxlen: 24
45.143.34.0/24 maxlen: 24
45.143.35.0/24 maxlen: 24
85.118.240.0/21 maxlen: 21
85.118.240.0/24 maxlen: 24
85.118.241.0/24 maxlen: 24
85.118.242.0/24 maxlen: 24
85.118.243.0/24 maxlen: 24
85.118.244.0/24 maxlen: 24
85.118.245.0/24 maxlen: 24
85.118.246.0/24 maxlen: 24
85.118.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:52:d4:d1:8f:90:c5:ef:13:94:65:92:ef:b0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=751483655b35a2b847185f689c8fd1601dcc7187
Validity
Not Before: Jan 2 09:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab34586c8c6e786ec1c4eda42323580e6e7da34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:69:8b:f3:06:e2:69:b2:d0:b9:e4:06:be:a6:
d0:ca:81:73:a8:d9:5b:e1:50:0a:64:e2:cb:89:63:
f4:2b:fd:bd:be:88:be:9b:e3:ff:9a:f7:63:2e:f2:
f1:50:a4:5e:56:1a:26:f6:0d:79:96:ff:07:ce:ee:
51:05:33:7a:2f:ea:a5:90:52:69:4e:28:78:7b:00:
ef:43:64:09:2b:d9:7e:0e:77:94:dd:bd:17:9f:66:
c0:62:5f:8a:bf:e2:0f:0d:af:64:9d:ee:f1:ee:33:
cd:50:96:0b:c7:63:1e:a6:f3:0a:10:dc:75:3b:18:
fe:ef:09:b8:42:75:07:4d:3f:ca:ec:0d:db:22:bd:
8d:c7:29:c6:55:e1:f1:6d:1a:ef:e6:c1:a8:7e:a9:
67:56:8a:6e:e1:55:66:55:68:28:43:7f:32:eb:b8:
20:15:81:7d:a7:75:08:a5:2b:f9:6a:a1:a3:6b:92:
7e:33:c5:92:31:62:40:87:42:5e:8d:9b:03:49:26:
be:81:8a:27:a3:3f:25:32:bd:37:c3:ad:8f:9e:e8:
2c:d2:3a:c1:da:c4:93:6d:4e:24:d2:cf:94:85:0f:
2b:fd:1b:f7:ac:f1:e1:09:b7:5c:69:a4:0c:63:f3:
5b:6d:87:33:de:a2:50:91:58:85:92:8f:8c:2b:c3:
6c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:34:58:6C:8C:6E:78:6E:C1:C4:ED:A4:23:23:58:0E:6E:7D:A3:4A
X509v3 Authority Key Identifier:
keyid:75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/qzRYbIxueG7BxO2kIyNYDm59o0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.32.0/22
85.118.240.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:79:ff:ae:67:76:04:5c:f8:48:15:42:ec:0b:d5:65:49:b2:
20:58:3b:5f:da:a5:1a:87:ef:b3:9a:35:5e:7c:1e:0a:da:b5:
01:65:12:00:9f:8a:14:c5:75:87:75:78:8d:4e:c6:4d:10:23:
90:5b:3a:6f:13:56:0e:d8:0f:a1:50:9d:b2:28:6e:b2:1d:66:
e2:56:59:22:72:b2:e1:9d:9c:c5:bf:a5:ce:7a:85:0e:33:27:
31:29:92:63:68:88:2a:89:7a:21:1d:4e:4b:db:9d:22:ef:88:
8e:2a:96:33:d2:ce:ce:46:f6:32:df:28:7d:d5:a5:f2:9d:8c:
16:28:00:2a:56:67:20:32:c7:4a:66:36:dd:cb:bd:4f:7b:fc:
36:9c:73:ca:4d:64:fd:43:41:b9:51:13:85:4b:c8:ce:64:32:
75:85:e9:c7:59:7d:85:01:31:96:c3:ac:7c:fc:09:95:e9:94:
f5:bd:c2:34:14:19:f0:b6:34:31:33:5f:e9:aa:30:ca:e7:80:
f5:4c:26:a3:01:e8:4c:12:d8:66:f6:70:78:98:e4:72:4b:6a:
b9:8c:12:8c:a8:54:b3:ff:2c:36:ee:b3:f4:14:15:d1:e4:4e:
86:1b:42:5f:0f:5f:b8:85:48:1c:50:3b:0e:ad:7c:e0:da:fe:
96:de:75:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma1LU0Y+Qxe8TlGWS77CsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTQ4MzY1NWIzNWEyYjg0NzE4NWY2ODljOGZkMTYwMWRj
YzcxODcwHhcNMjUwMTAyMDk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM0NTg2YzhjNmU3ODZlYzFjNGVkYTQyMzIzNTgwZTZlN2RhMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GmL8wbiabLQueQGvqbQyoFzqNlb
4VAKZOLLiWP0K/29voi+m+P/mvdjLvLxUKReVhom9g15lv8Hzu5RBTN6L+qlkFJp
Tih4ewDvQ2QJK9l+DneU3b0Xn2bAYl+Kv+IPDa9kne7x7jPNUJYLx2MepvMKENx1
Oxj+7wm4QnUHTT/K7A3bIr2NxynGVeHxbRrv5sGofqlnVopu4VVmVWgoQ38y67gg
FYF9p3UIpSv5aqGja5J+M8WSMWJAh0JejZsDSSa+gYonoz8lMr03w62Pnugs0jrB
2sSTbU4k0s+UhQ8r/Rv3rPHhCbdcaaQMY/NbbYcz3qJQkViFko+MK8Ns7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKs0WGyMbnhuwcTtpCMjWA5ufaNKMB8GA1UdIwQY
MBaAFHUUg2VbNaK4RxhfaJyP0WAdzHGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQt
YTdmYjM2Y2MyZmUzLzEvcXpSWWJJeHVlRzdCeE8ya0l5TllEbTU5bzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQtYTdmYjM2Y2MyZmUz
LzEvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY8gAwQD
VXbwMA0GCSqGSIb3DQEBCwUAA4IBAQCsef+uZ3YEXPhIFULsC9VlSbIgWDtf2qUa
h++zmjVefB4K2rUBZRIAn4oUxXWHdXiNTsZNECOQWzpvE1YO2A+hUJ2yKG6yHWbi
VlkicrLhnZzFv6XOeoUOMycxKZJjaIgqiXohHU5L250i74iOKpYz0s7ORvYy3yh9
1aXynYwWKAAqVmcgMsdKZjbdy71Pe/w2nHPKTWT9Q0G5UROFS8jOZDJ1henHWX2F
ATGWw6x8/AmV6ZT1vcI0FBnwtjQxM1/pqjDK54D1TCajAehMEthm9nB4mORyS2q5
jBKMqFSz/yw27rP0FBXR5E6GG0JfD1+4hUgcUDsOrXzg2v6W3nUI
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:21 2025 by rpki-client