Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qTL2vom_vyIqp140e3YMb3TYkng.roa
File: qTL2vom_vyIqp140e3YMb3TYkng.roa (raw, json)
Hash identifier: RtSgcYHtgwTUFsVw/jT+61N3Xf/BMJsIvs/rqgIjnvI=
Subject key identifier: A9:32:F6:BE:89:BF:BF:22:2A:A7:5E:34:7B:76:0C:6F:74:D8:92:78
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01954774513BA327AE26122A96511D64BDC6
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qTL2vom_vyIqp140e3YMb3TYkng.roa
Signing time: Thu 27 Feb 2025 12:49:20 +0000
ROA not before: Thu 27 Feb 2025 12:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 89.44.242.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
109.122.241.0/24 maxlen: 24
109.122.254.0/23 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:74:51:3b:a3:27:ae:26:12:2a:96:51:1d:64:bd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 27 12:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a932f6be89bfbf222aa75e347b760c6f74d89278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:06:5e:4f:5c:b6:c6:72:53:bb:50:5d:aa:5e:
14:e0:26:e1:61:7d:0b:0e:66:ed:a4:74:d6:a3:c1:
08:5d:9b:fa:92:d3:3b:83:15:cc:28:70:6d:a2:50:
c9:41:29:d6:8d:43:c1:c9:2c:36:10:b7:de:e5:1b:
c3:c2:fc:c3:92:4f:5f:b1:05:ec:43:de:3e:60:67:
0f:f1:70:ff:03:b2:12:30:5e:28:fb:17:1f:05:29:
2d:91:32:14:18:aa:a5:d4:35:45:2e:f5:a9:91:11:
f1:17:33:61:3e:80:96:00:75:ba:ea:b2:cf:7f:a5:
c8:6b:31:18:f2:75:15:d2:fd:aa:dd:af:ea:df:0c:
21:e4:13:b6:5a:b3:94:74:f4:11:a4:a5:80:d8:7a:
2c:1a:f6:d8:a9:97:dd:a0:cf:77:89:95:65:81:f0:
39:8f:ec:35:b4:f8:7a:b1:a4:d0:f2:66:0b:ce:36:
2b:a9:2d:14:29:56:2d:4f:b7:4d:de:3d:a7:39:1c:
e5:71:28:07:da:34:0f:4d:13:7f:ab:2b:4f:d8:50:
8b:34:ff:0e:93:83:b3:c3:39:f1:4a:93:a1:79:d0:
20:4c:20:b5:dc:1e:fe:68:55:6f:80:23:14:70:b4:
5f:43:22:5e:f4:81:a7:51:bc:6b:6d:56:af:06:4e:
da:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:32:F6:BE:89:BF:BF:22:2A:A7:5E:34:7B:76:0C:6F:74:D8:92:78
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/qTL2vom_vyIqp140e3YMb3TYkng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.242.0/24
89.46.217.0/24
109.122.241.0/24
109.122.254.0/23
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:5d:90:8f:e4:32:f9:28:b9:f4:d7:f8:06:8e:99:4c:8c:08:
31:8b:3a:d6:d1:1e:b6:1f:e6:4e:1f:52:ff:78:4d:74:11:9b:
de:f7:3e:44:e6:04:9c:dd:c3:94:72:ff:ce:2a:55:f1:69:4c:
d2:d5:55:27:79:ab:a0:bc:07:d0:09:49:13:3f:4e:44:d0:3b:
d9:e0:a4:86:5f:80:64:d8:f2:55:b3:6c:bb:dc:9d:83:5b:e6:
87:a7:f1:8a:fb:be:42:52:50:2b:06:8f:c6:82:b4:cc:38:0d:
59:ef:1e:c4:55:12:c4:19:db:d6:68:2c:93:81:02:da:68:ad:
8b:1a:14:c8:14:15:91:1f:2f:48:ed:8a:99:27:4b:e5:8e:4a:
0b:11:18:c2:17:37:b8:10:f9:61:14:3f:58:72:e8:db:77:b7:
be:bb:89:c7:0d:ce:cb:24:ba:ef:a1:e3:43:d8:0d:3d:72:b4:
c6:d8:fc:b7:be:ed:e1:bf:85:72:67:46:2f:63:78:ac:15:32:
01:a9:bf:ac:5b:bb:9a:b6:a2:3d:83:08:4b:39:98:91:7f:f8:
a1:62:d8:7a:b9:d4:35:3b:8b:d6:c0:d8:34:be:30:36:41:4f:
7c:10:95:f6:a4:20:66:0d:9e:b4:13:d7:07:d9:e9:86:44:e5:
30:d5:a1:d7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVHdFE7oyeuJhIqllEdZL3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwMjI3MTI0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTMyZjZiZTg5YmZiZjIyMmFhNzVlMzQ3Yjc2MGM2Zjc0ZDg5Mjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwZeT1y2xnJTu1Bdql4U4CbhYX0L
DmbtpHTWo8EIXZv6ktM7gxXMKHBtolDJQSnWjUPBySw2ELfe5RvDwvzDkk9fsQXs
Q94+YGcP8XD/A7ISMF4o+xcfBSktkTIUGKql1DVFLvWpkRHxFzNhPoCWAHW66rLP
f6XIazEY8nUV0v2q3a/q3wwh5BO2WrOUdPQRpKWA2HosGvbYqZfdoM93iZVlgfA5
j+w1tPh6saTQ8mYLzjYrqS0UKVYtT7dN3j2nORzlcSgH2jQPTRN/qytP2FCLNP8O
k4OzwznxSpOhedAgTCC13B7+aFVvgCMUcLRfQyJe9IGnUbxrbVavBk7acwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKky9r6Jv78iKqdeNHt2DG902JJ4MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvcVRMMnZvbV92eUlxcDE0MGUzWU1iM1RZa25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSzyAwQA
WS7ZAwQAbXrxAwQBbXr+AwQAvNRjMA0GCSqGSIb3DQEBCwUAA4IBAQCsXZCP5DL5
KLn01/gGjplMjAgxizrW0R62H+ZOH1L/eE10EZve9z5E5gSc3cOUcv/OKlXxaUzS
1VUneaugvAfQCUkTP05E0DvZ4KSGX4Bk2PJVs2y73J2DW+aHp/GK+75CUlArBo/G
grTMOA1Z7x7EVRLEGdvWaCyTgQLaaK2LGhTIFBWRHy9I7YqZJ0vljkoLERjCFze4
EPlhFD9Ycujbd7e+u4nHDc7LJLrvoeND2A09crTG2Py3vu3hv4VyZ0YvY3isFTIB
qb+sW7uatqI9gwhLOZiRf/ihYth6udQ1O4vWwNg0vjA2QU98EJX2pCBmDZ60E9cH
2emGROUw1aHX
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:08:43 2025 by rpki-client