Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/qT9a3yWCoydql47MfRG9zQlfRRU.roa
File: qT9a3yWCoydql47MfRG9zQlfRRU.roa (raw, json)
Hash identifier: sztKYcCFWM27FMQp6a+1b3A1caK/AF/jWPueCOzMPvo=
Subject key identifier: A9:3F:5A:DF:25:82:A3:27:6A:97:8E:CC:7D:11:BD:CD:09:5F:45:15
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 019421B20C538AF60C220187482CB991C67F
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/qT9a3yWCoydql47MfRG9zQlfRRU.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48901
IP address blocks: 81.90.128.0/20 maxlen: 24
81.90.131.0/28 maxlen: 28
81.90.134.0/24 maxlen: 24
81.90.136.0/23 maxlen: 24
2a00:e27::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0c:53:8a:f6:0c:22:01:87:48:2c:b9:91:c6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a93f5adf2582a3276a978ecc7d11bdcd095f4515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:e0:99:e5:f3:ee:96:3f:64:09:65:a0:bc:
30:38:45:b4:81:9b:cd:58:29:a9:c4:81:18:ce:3a:
f3:41:f0:06:d6:76:e8:29:4b:9e:65:59:fb:24:f5:
23:54:d6:97:89:b8:4f:9f:6f:ba:4f:37:d7:47:ae:
8a:53:f0:4f:37:33:8f:0c:bc:15:39:48:13:11:e8:
c9:f8:0b:b2:8d:f0:7a:c6:b1:6f:10:07:1d:aa:cc:
62:cf:1e:a2:f1:fc:c3:21:73:21:f4:2d:99:5d:d0:
c3:85:da:f8:92:50:b7:cc:0c:c4:aa:02:c3:0a:a3:
59:1b:ee:92:14:d6:8e:ad:47:d8:fe:23:65:c6:9a:
6a:e7:9c:dd:64:40:21:f7:43:fc:b3:a5:0e:7a:f2:
79:ad:26:4b:fd:26:8e:dc:30:4a:34:74:58:bc:45:
6d:2b:77:47:62:53:d7:55:91:ca:e7:14:87:2a:93:
9b:37:8b:fc:f2:36:29:b8:2f:26:f4:da:4d:3c:fd:
69:b1:6c:b4:45:5b:31:8a:50:eb:c4:6b:82:0c:26:
cb:9c:be:4b:48:f8:9a:6b:9a:15:0a:ac:27:e5:b8:
5e:7f:20:67:d5:ed:57:fc:7f:0c:f4:cd:3d:b5:ce:
43:f6:ae:52:f2:79:2f:68:fa:d0:f4:80:8c:da:d4:
db:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3F:5A:DF:25:82:A3:27:6A:97:8E:CC:7D:11:BD:CD:09:5F:45:15
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/qT9a3yWCoydql47MfRG9zQlfRRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.128.0/20
IPv6:
2a00:e27::/32
Signature Algorithm: sha256WithRSAEncryption
4c:3a:b2:ee:d9:4f:f5:22:53:7c:e9:e2:97:f5:44:3a:40:a0:
2d:e1:91:98:20:e7:e8:19:8a:75:92:1b:f1:8c:c1:b0:4a:e5:
c5:11:82:8f:c7:96:72:71:5e:df:6b:40:2c:69:5b:7b:10:17:
72:59:a3:90:96:0a:f5:e4:87:cc:4b:12:86:1d:df:fc:3a:97:
67:f1:85:91:2e:ef:de:97:53:d0:10:dc:e8:9e:e1:4d:45:d7:
36:bf:27:27:bb:ab:eb:09:38:cc:ba:95:90:01:d4:19:a5:5b:
48:95:5c:c8:af:31:d8:0a:30:81:75:83:6c:ce:bd:ed:6d:0a:
53:f5:0a:3d:d8:41:89:c6:f0:4c:4f:ea:61:b0:16:bd:f1:89:
83:51:a0:70:6a:32:ea:30:d2:51:3d:2d:8b:c4:ba:4c:78:6a:
74:a1:e8:2c:6e:84:14:2e:46:50:86:25:3a:09:94:36:2d:71:
50:d6:b2:59:75:70:33:ed:c9:c4:f2:6e:ff:78:81:c9:c3:cb:
64:4e:97:73:aa:96:d8:28:6d:a3:05:21:b5:63:5f:a5:6f:8f:
9d:d9:99:fe:19:5e:b2:47:fa:3a:0c:4b:fc:7c:dc:3b:b1:79:
f7:3a:15:4e:9c:59:1e:32:db:88:01:36:c9:95:36:a2:72:44:
c2:68:90:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsgxTivYMIgGHSCy5kcZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTNmNWFkZjI1ODJhMzI3NmE5NzhlY2M3ZDExYmRjZDA5NWY0NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPPgmeXz7pY/ZAlloLwwOEW0gZvN
WCmpxIEYzjrzQfAG1nboKUueZVn7JPUjVNaXibhPn2+6TzfXR66KU/BPNzOPDLwV
OUgTEejJ+AuyjfB6xrFvEAcdqsxizx6i8fzDIXMh9C2ZXdDDhdr4klC3zAzEqgLD
CqNZG+6SFNaOrUfY/iNlxppq55zdZEAh90P8s6UOevJ5rSZL/SaO3DBKNHRYvEVt
K3dHYlPXVZHK5xSHKpObN4v88jYpuC8m9NpNPP1psWy0RVsxilDrxGuCDCbLnL5L
SPiaa5oVCqwn5bhefyBn1e1X/H8M9M09tc5D9q5S8nkvaPrQ9ICM2tTbOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKk/Wt8lgqMnapeOzH0Rvc0JX0UVMB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvcVQ5YTN5V0NveWRxbDQ3TWZSRzl6UWxmUlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQAqAA4nMA0GCSqGSIb3DQEBCwUAA4IBAQBMOrLu2U/1IlN86eKX9UQ6
QKAt4ZGYIOfoGYp1khvxjMGwSuXFEYKPx5ZycV7fa0AsaVt7EBdyWaOQlgr15IfM
SxKGHd/8Opdn8YWRLu/el1PQENzonuFNRdc2vycnu6vrCTjMupWQAdQZpVtIlVzI
rzHYCjCBdYNszr3tbQpT9Qo92EGJxvBMT+phsBa98YmDUaBwajLqMNJRPS2LxLpM
eGp0oegsboQULkZQhiU6CZQ2LXFQ1rJZdXAz7cnE8m7/eIHJw8tkTpdzqpbYKG2j
BSG1Y1+lb4+d2Zn+GV6yR/o6DEv8fNw7sXn3OhVOnFkeMtuIATbJlTaickTCaJCb
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:53:57 2025 by rpki-client