Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/quPo7XCo9Vfzvmqn9xr_avi8-tY.roa
File: quPo7XCo9Vfzvmqn9xr_avi8-tY.roa (raw, json)
Hash identifier: HQMmbd9lhqZh9SKkFkTx4LcJ68UuN+T5QYA7MHoKGSY=
Subject key identifier: AA:E3:E8:ED:70:A8:F5:57:F3:BE:6A:A7:F7:1A:FF:6A:F8:BC:FA:D6
Certificate issuer: /CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Certificate serial: 019420D63A51A0805679A326F299EBE9287E
Authority key identifier: B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/quPo7XCo9Vfzvmqn9xr_avi8-tY.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208124
IP address blocks: 91.209.161.0/24 maxlen: 24
2a10:b240::/29 maxlen: 29
2a10:c4c0::/29 maxlen: 29
2a12:8840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.mft
rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3a:51:a0:80:56:79:a3:26:f2:99:eb:e9:28:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8dafa7ea553178133e7e84feeb8ac3a9dbcf9ca
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aae3e8ed70a8f557f3be6aa7f71aff6af8bcfad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:88:63:1b:f5:44:7f:4f:8a:d1:b8:37:ea:5d:
c1:e8:cd:62:26:9a:b3:7f:00:7b:64:91:a3:aa:26:
a7:46:8f:53:40:f1:29:f1:98:e9:be:00:30:64:e7:
29:32:19:4d:01:51:49:1a:df:a0:97:be:fa:7a:9f:
5a:51:96:bf:43:2b:49:66:7b:7f:f5:7d:d7:30:1d:
45:40:34:3d:7a:b2:69:3e:b9:e9:8d:92:e6:6c:4d:
e8:68:31:91:82:8c:47:77:19:d8:5f:79:f8:f6:80:
78:29:fb:bc:88:f6:b6:23:41:72:f1:f7:cb:45:a1:
f2:4d:9d:96:d1:0f:1d:9b:fb:12:87:a5:96:c8:43:
a3:6d:4d:1a:59:42:34:54:e4:98:3a:71:fb:06:8a:
d6:d3:8e:94:ae:48:a1:24:1f:02:03:bf:b2:92:30:
b2:b8:82:55:44:ad:23:ea:f1:ad:d2:7d:e9:3e:4b:
01:03:27:9c:46:30:03:9d:13:70:0f:a9:38:69:8e:
94:e8:35:95:61:c4:0d:c3:67:01:2c:99:58:25:5f:
1e:d8:40:ac:8e:7a:79:03:72:9d:3d:c6:d0:5b:d3:
be:1f:33:f4:c8:a8:25:5d:f8:12:78:c3:54:ab:83:
43:be:52:74:d3:1a:77:dc:7e:ed:26:18:f1:db:78:
16:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E3:E8:ED:70:A8:F5:57:F3:BE:6A:A7:F7:1A:FF:6A:F8:BC:FA:D6
X509v3 Authority Key Identifier:
keyid:B8:DA:FA:7E:A5:53:17:81:33:E7:E8:4F:EE:B8:AC:3A:9D:BC:F9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNr6fqVTF4Ez5-hP7risOp28-co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/quPo7XCo9Vfzvmqn9xr_avi8-tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f57b93-d253-4fbb-a31e-6b89fa46757c/1/uNr6fqVTF4Ez5-hP7risOp28-co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.161.0/24
IPv6:
2a10:b240::/29
2a10:c4c0::/29
2a12:8840::/29
Signature Algorithm: sha256WithRSAEncryption
30:40:fd:ee:ef:3d:1d:8e:7d:b7:b9:f9:8f:f2:ec:56:bc:fc:
7f:e2:db:11:b5:f6:92:df:28:62:1c:29:4f:55:fb:64:9a:ab:
af:01:65:c5:8e:fc:0d:61:c9:cc:c9:e7:91:01:b4:a8:51:b0:
ad:39:ae:24:00:ba:8b:40:c1:3b:98:2e:85:c7:ab:08:f2:40:
d2:f5:b9:12:0a:9e:76:da:6e:ab:87:9a:5d:2f:1c:77:8e:18:
1f:97:55:37:fa:a2:05:cb:93:d9:aa:7e:ee:47:c6:07:68:1c:
1a:3f:1c:89:17:81:e6:24:e6:bd:15:7b:02:9e:ef:99:e1:6e:
f0:1e:d6:a3:ba:b5:b0:de:e4:0a:16:0f:23:e6:16:c7:6a:1c:
7e:7d:cc:97:19:37:66:e8:96:5f:72:b1:ae:1b:1f:76:1d:2d:
2e:67:81:b1:5e:63:fe:40:b7:8b:73:af:51:5b:ba:a3:80:6d:
b1:9a:fb:05:41:77:32:70:56:61:f6:ed:3c:56:bc:34:4e:a1:
51:82:ed:f4:2f:b0:76:25:1a:a7:f4:43:d4:f9:7e:25:5d:4b:
23:3b:90:91:79:a9:eb:27:69:c8:25:93:95:35:cb:c7:26:99:
91:51:e9:4e:13:5e:c5:3a:7a:fa:1b:6c:67:e3:73:a7:6e:68:
76:f8:4f:c3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQg1jpRoIBWeaMm8pnr6Sh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZGFmYTdlYTU1MzE3ODEzM2U3ZTg0ZmVlYjhhYzNhOWRi
Y2Y5Y2EwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWUzZThlZDcwYThmNTU3ZjNiZTZhYTdmNzFhZmY2YWY4YmNmYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IhjG/VEf0+K0bg36l3B6M1iJpqz
fwB7ZJGjqianRo9TQPEp8ZjpvgAwZOcpMhlNAVFJGt+gl776ep9aUZa/QytJZnt/
9X3XMB1FQDQ9erJpPrnpjZLmbE3oaDGRgoxHdxnYX3n49oB4Kfu8iPa2I0Fy8ffL
RaHyTZ2W0Q8dm/sSh6WWyEOjbU0aWUI0VOSYOnH7BorW046UrkihJB8CA7+ykjCy
uIJVRK0j6vGt0n3pPksBAyecRjADnRNwD6k4aY6U6DWVYcQNw2cBLJlYJV8e2ECs
jnp5A3KdPcbQW9O+HzP0yKglXfgSeMNUq4NDvlJ00xp33H7tJhjx23gWzwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKrj6O1wqPVX875qp/ca/2r4vPrWMB8GA1UdIwQY
MBaAFLja+n6lUxeBM+foT+64rDqdvPnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUt
NmI4OWZhNDY3NTdjLzEvcXVQbzdYQ285VmZ6dm1xbjl4cl9hdmk4LXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNTdiOTMtZDI1My00ZmJiLWEzMWUtNmI4OWZhNDY3NTdj
LzEvdU5yNmZxVlRGNEV6NS1oUDdyaXNPcDI4LWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAW9GhMBsE
AgACMBUDBQMqELJAAwUDKhDEwAMFAyoSiEAwDQYJKoZIhvcNAQELBQADggEBADBA
/e7vPR2Ofbe5+Y/y7Fa8/H/i2xG19pLfKGIcKU9V+2Saq68BZcWO/A1hyczJ55EB
tKhRsK05riQAuotAwTuYLoXHqwjyQNL1uRIKnnbabquHml0vHHeOGB+XVTf6ogXL
k9mqfu5HxgdoHBo/HIkXgeYk5r0VewKe75nhbvAe1qO6tbDe5AoWDyPmFsdqHH59
zJcZN2boll9ysa4bH3YdLS5ngbFeY/5At4tzr1FbuqOAbbGa+wVBdzJwVmH27TxW
vDROoVGC7fQvsHYlGqf0Q9T5fiVdSyM7kJF5qesnacglk5U1y8cmmZFR6U4TXsU6
evobbGfjc6duaHb4T8M=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:47 2025 by rpki-client