Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/q9xJeN8PofnE74G9SyXfTH60ZME.roa
File: q9xJeN8PofnE74G9SyXfTH60ZME.roa (raw, json)
Hash identifier: yftwsdAWhtCdoWRv+jAeZvxiXWe//Rf4F2VF/Lbsjio=
Subject key identifier: AB:DC:49:78:DF:0F:A1:F9:C4:EF:81:BD:4B:25:DF:4C:7E:B4:64:C1
Certificate issuer: /CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Certificate serial: 019427B6026166232141ABC87D658B8B6912
Authority key identifier: 3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/q9xJeN8PofnE74G9SyXfTH60ZME.roa
Signing time: Thu 02 Jan 2025 15:50:27 +0000
ROA not before: Thu 02 Jan 2025 15:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 80.112.128.0/18 maxlen: 18
80.112.128.0/19 maxlen: 19
80.112.160.0/19 maxlen: 19
80.114.128.0/18 maxlen: 18
80.114.128.0/19 maxlen: 19
80.114.160.0/19 maxlen: 19
80.115.224.0/19 maxlen: 19
80.115.224.0/20 maxlen: 20
80.115.240.0/20 maxlen: 20
80.242.224.0/19 maxlen: 19
80.242.224.0/20 maxlen: 20
80.242.240.0/20 maxlen: 20
91.221.96.0/23 maxlen: 23
185.130.174.0/23 maxlen: 23
195.35.128.0/17 maxlen: 17
195.35.128.0/18 maxlen: 18
195.35.192.0/18 maxlen: 18
195.85.128.0/18 maxlen: 18
195.85.128.0/19 maxlen: 19
195.85.160.0/19 maxlen: 19
212.178.64.0/18 maxlen: 18
212.178.64.0/19 maxlen: 19
212.178.96.0/19 maxlen: 19
212.178.128.0/19 maxlen: 19
212.178.128.0/20 maxlen: 20
212.178.144.0/20 maxlen: 20
212.178.192.0/19 maxlen: 19
212.178.192.0/20 maxlen: 20
212.178.208.0/20 maxlen: 20
212.203.0.0/19 maxlen: 19
212.203.0.0/20 maxlen: 20
212.203.16.0/20 maxlen: 20
213.34.64.0/19 maxlen: 19
213.34.64.0/20 maxlen: 20
213.34.80.0/20 maxlen: 20
213.34.160.0/19 maxlen: 19
213.34.160.0/20 maxlen: 20
213.34.176.0/20 maxlen: 20
213.124.0.0/17 maxlen: 17
213.124.0.0/18 maxlen: 18
213.124.64.0/18 maxlen: 18
213.124.128.0/19 maxlen: 19
213.124.128.0/20 maxlen: 20
213.124.144.0/20 maxlen: 20
213.125.0.0/16 maxlen: 16
213.125.0.0/17 maxlen: 17
213.125.128.0/17 maxlen: 17
213.126.0.0/17 maxlen: 17
213.126.0.0/18 maxlen: 18
213.126.64.0/18 maxlen: 18
213.132.160.0/19 maxlen: 19
213.132.160.0/20 maxlen: 20
213.132.176.0/20 maxlen: 20
217.100.0.0/16 maxlen: 16
217.100.0.0/17 maxlen: 17
217.100.128.0/17 maxlen: 17
217.102.224.0/21 maxlen: 21
217.102.224.0/22 maxlen: 22
217.102.228.0/22 maxlen: 22
217.105.192.0/19 maxlen: 19
217.105.192.0/20 maxlen: 20
217.105.208.0/20 maxlen: 20
2001:41f0::/32 maxlen: 32
2001:41f0::/33 maxlen: 33
2001:41f0:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:02:61:66:23:21:41:ab:c8:7d:65:8b:8b:69:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Validity
Not Before: Jan 2 15:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abdc4978df0fa1f9c4ef81bd4b25df4c7eb464c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:64:9d:7d:27:e1:b7:86:e5:4f:bb:6b:e8:
a2:49:51:1a:f6:16:c4:f2:02:17:49:7e:2e:65:8c:
3a:eb:2f:5c:78:25:95:a3:ea:ae:ea:1b:5a:b1:2b:
64:db:89:00:f0:46:19:b0:b5:c1:77:c2:52:47:7a:
06:92:c3:78:48:83:f3:3e:ee:ae:47:2c:bc:0e:d9:
ef:f1:c5:43:35:38:44:04:d2:1e:92:84:b7:86:d5:
fb:25:13:e1:04:14:28:17:f2:4f:07:84:c2:d9:13:
40:61:3f:75:76:58:ca:68:9d:67:67:1e:e3:fc:d4:
b1:3a:4f:4b:52:ec:a1:c5:24:66:c1:ef:b4:89:cf:
60:a8:29:a8:8e:ce:ac:48:32:40:f3:46:cb:a0:29:
e1:09:56:55:97:12:3c:6d:6c:68:41:30:51:44:46:
96:45:d7:13:69:86:81:ed:4a:46:23:9f:2d:da:70:
8e:89:3c:04:32:8d:da:2b:35:cd:46:c4:57:08:ce:
00:f8:81:3c:ac:94:bf:86:75:cd:65:aa:88:c9:68:
ac:63:74:73:ba:67:b8:44:5b:94:18:e2:e1:15:75:
b2:df:41:23:6b:8b:28:d4:bc:37:09:fb:ab:ff:fd:
a6:71:4d:5c:88:70:23:7e:5c:f3:ad:cb:ca:97:b2:
25:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DC:49:78:DF:0F:A1:F9:C4:EF:81:BD:4B:25:DF:4C:7E:B4:64:C1
X509v3 Authority Key Identifier:
keyid:3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/q9xJeN8PofnE74G9SyXfTH60ZME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.112.128.0/18
80.114.128.0/18
80.115.224.0/19
80.242.224.0/19
91.221.96.0/23
185.130.174.0/23
195.35.128.0/17
195.85.128.0/18
212.178.64.0-212.178.159.255
212.178.192.0/19
212.203.0.0/19
213.34.64.0/19
213.34.160.0/19
213.124.0.0-213.124.159.255
213.125.0.0-213.126.127.255
213.132.160.0/19
217.100.0.0/16
217.102.224.0/21
217.105.192.0/19
IPv6:
2001:41f0::/32
Signature Algorithm: sha256WithRSAEncryption
81:ce:e5:e3:59:1c:4a:80:90:d8:e0:21:e2:e1:40:f5:4d:c0:
c7:8b:4c:94:9e:22:b5:8b:51:36:53:95:25:0e:e9:b1:37:d5:
d4:56:0b:ce:70:5e:66:1b:a1:05:4c:98:44:89:d6:f9:44:55:
c0:f8:dd:4a:27:7d:60:d0:9f:1f:a0:03:7c:15:c6:df:f5:ce:
b6:e8:d8:93:04:9d:8d:89:c8:30:60:b4:18:93:de:c3:32:2a:
a7:7a:e1:ca:ca:10:16:75:25:0b:62:4a:1c:4e:02:0a:35:ba:
ee:32:81:87:a4:88:17:77:4e:d6:29:df:41:e0:e6:c4:4d:ac:
e2:dc:85:55:a3:74:f7:c1:4e:75:15:9d:f0:c4:d4:4f:8b:40:
e2:4a:4b:37:39:08:23:a6:e1:c3:0d:b2:e8:3e:19:72:b1:33:
25:04:95:57:77:5d:4a:f4:42:8a:8d:05:3f:59:1e:66:56:01:
eb:a9:a5:6f:69:59:7a:68:30:e9:45:17:b4:96:57:5a:4b:2d:
de:f6:dc:a9:39:2f:15:ca:96:5a:ac:27:9f:d0:b6:43:d2:fe:
67:f3:4b:a7:11:bd:28:a3:fd:a3:57:ec:55:2b:6a:7d:82:65:
80:d4:72:6b:51:40:a0:4d:d6:df:77:69:04:ae:86:34:11:59:
0b:f6:dc:e9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZQntgJhZiMhQavIfWWLi2kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGUyY2Q1MjE1ZTkzYmZhMGNhNmRmOGIyYzFmNWVkMmM5
NGFmNzQwHhcNMjUwMTAyMTU1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRjNDk3OGRmMGZhMWY5YzRlZjgxYmQ0YjI1ZGY0YzdlYjQ2NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutxknX0n4beG5U+7a+iiSVEa9hbE
8gIXSX4uZYw66y9ceCWVo+qu6htasStk24kA8EYZsLXBd8JSR3oGksN4SIPzPu6u
Ryy8Dtnv8cVDNThEBNIekoS3htX7JRPhBBQoF/JPB4TC2RNAYT91dljKaJ1nZx7j
/NSxOk9LUuyhxSRmwe+0ic9gqCmojs6sSDJA80bLoCnhCVZVlxI8bWxoQTBRREaW
RdcTaYaB7UpGI58t2nCOiTwEMo3aKzXNRsRXCM4A+IE8rJS/hnXNZaqIyWisY3Rz
ume4RFuUGOLhFXWy30Eja4so1Lw3Cfur//2mcU1ciHAjflzzrcvKl7IltQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFKvcSXjfD6H5xO+BvUsl30x+tGTBMB8GA1UdIwQY
MBaAFDveLNUhXpO/oMpt+LLB9e0slK90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmIt
ZGIzMTlhMzFiZGY3LzEvcTl4SmVOOFBvZm5FNzRHOVN5WGZUSDYwWk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmItZGIzMTlhMzFiZGY3
LzEvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBjgQCAAEwgYcDBAZQ
cIADBAZQcoADBAVQc+ADBAVQ8uADBAFb3WADBAG5gq4DBAfDI4ADBAbDVYAwDAME
BtSyQAMEBdSygAMEBdSywAMEBdTLAAMEBdUiQAMEBdUioDALAwMC1XwDBAXVfIAw
CwMDANV9AwQH1X4AAwQF1YSgAwMA2WQDBAPZZuADBAXZacAwDQQCAAIwBwMFACAB
QfAwDQYJKoZIhvcNAQELBQADggEBAIHO5eNZHEqAkNjgIeLhQPVNwMeLTJSeIrWL
UTZTlSUO6bE31dRWC85wXmYboQVMmESJ1vlEVcD43UonfWDQnx+gA3wVxt/1zrbo
2JMEnY2JyDBgtBiT3sMyKqd64crKEBZ1JQtiShxOAgo1uu4ygYekiBd3TtYp30Hg
5sRNrOLchVWjdPfBTnUVnfDE1E+LQOJKSzc5CCOm4cMNsug+GXKxMyUElVd3XUr0
QoqNBT9ZHmZWAeuppW9pWXpoMOlFF7SWV1pLLd723Kk5LxXKllqsJ5/QtkPS/mfz
S6cRvSij/aNX7FUran2CZYDUcmtRQKBN1t93aQSuhjQRWQv23Ok=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:20:48 2025 by rpki-client