Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/qXweUlDazNZc_HIiKLFSIwEzHPw.roa
File: qXweUlDazNZc_HIiKLFSIwEzHPw.roa (raw, json)
Hash identifier: oGaFsQ++6e+ebgPcRT7Rcl6yAKvBy4S0fB3MEHjpw4U=
Subject key identifier: A9:7C:1E:52:50:DA:CC:D6:5C:FC:72:22:28:B1:52:23:01:33:1C:FC
Certificate issuer: /CN=5b00790bae3cd85a50e4f934388361763ebfbe5a
Certificate serial: 019421444702F5919D327A4DCC43CCEEED6E
Authority key identifier: 5B:00:79:0B:AE:3C:D8:5A:50:E4:F9:34:38:83:61:76:3E:BF:BE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/qXweUlDazNZc_HIiKLFSIwEzHPw.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.225.161.0/24 maxlen: 24
185.249.220.0/24 maxlen: 24
212.11.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:47:02:f5:91:9d:32:7a:4d:cc:43:cc:ee:ed:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b00790bae3cd85a50e4f934388361763ebfbe5a
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a97c1e5250daccd65cfc722228b1522301331cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:3c:2c:ed:98:61:3a:f7:0f:60:eb:f2:c8:
ab:cc:8b:4b:ee:f8:85:e6:ca:9e:69:c7:4a:59:0e:
2a:2a:5f:6b:7c:1f:03:3d:dc:fe:d3:e8:3d:21:8a:
9b:2c:f7:d9:5e:99:29:fb:4f:d8:49:ce:fa:b3:cc:
e8:bc:d3:e4:7f:5a:29:c8:5f:a8:e5:6d:89:3d:3f:
3a:08:4e:4a:5e:44:45:ed:72:2d:3e:12:4d:0d:50:
ea:62:6a:14:17:37:38:c1:a7:74:7b:e5:77:81:6f:
2b:d8:27:49:c9:3c:91:53:89:10:99:c0:7e:e5:71:
a9:6d:97:80:c4:bc:43:c7:0f:8f:b6:a0:eb:a8:fd:
13:ba:6a:09:54:21:cd:ca:5c:96:21:32:b4:f0:b2:
a6:77:0b:8c:21:52:4f:dd:8b:cd:86:97:14:11:7e:
82:ee:20:41:16:09:59:46:21:79:97:16:a8:f8:7d:
94:53:c0:76:36:7c:07:cb:a5:f0:36:25:dc:85:8d:
96:22:4c:89:6d:2d:da:71:15:19:e2:ca:17:f5:89:
c6:41:14:f9:6d:08:15:7d:93:96:c5:64:ef:a5:ad:
0a:01:e2:22:a4:00:e7:98:44:14:22:d7:47:29:11:
ee:fe:07:b0:0a:e7:df:69:37:0c:4c:d2:c8:6c:b5:
3d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:7C:1E:52:50:DA:CC:D6:5C:FC:72:22:28:B1:52:23:01:33:1C:FC
X509v3 Authority Key Identifier:
keyid:5B:00:79:0B:AE:3C:D8:5A:50:E4:F9:34:38:83:61:76:3E:BF:BE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/qXweUlDazNZc_HIiKLFSIwEzHPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.161.0/24
185.249.220.0/24
212.11.79.0/24
Signature Algorithm: sha256WithRSAEncryption
17:72:b5:51:60:d5:11:1a:f8:48:54:a7:77:a8:ff:c1:a4:04:
60:b7:7e:7e:4c:33:c5:47:ad:18:d6:bf:77:8a:59:0a:89:0f:
7f:2e:8c:45:44:d4:5f:41:6b:df:05:4a:cd:61:17:e0:64:54:
20:37:88:fc:93:fb:84:9e:9e:1c:de:8f:74:40:44:50:be:99:
b2:6d:6d:0f:87:c7:58:30:c4:4f:cc:78:f7:ef:eb:6a:13:a3:
e6:f7:ee:e6:14:88:1e:bd:79:09:6c:28:13:ea:d7:ca:1f:30:
9d:a4:08:d0:1e:12:2d:39:5e:9c:29:6a:0c:7b:8d:ea:30:38:
1c:45:7d:ac:ea:3d:0e:2b:db:9c:24:88:c3:55:fd:ba:62:32:
2b:32:ca:82:3e:2e:ba:06:53:6c:df:88:fb:13:d5:29:4c:32:
64:76:91:2d:f6:44:67:18:32:61:96:b1:43:50:eb:ec:7d:c4:
ea:f4:ec:44:ca:de:c8:77:1f:17:2d:e8:ef:bb:1c:e3:30:65:
71:e5:a0:8e:44:a7:f0:c8:67:dd:13:db:fb:ec:d8:29:22:dc:
7d:31:8a:b3:28:05:34:38:3a:06:35:f1:2b:2f:0f:e8:de:d6:
99:d9:16:b5:03:3e:e6:02:ac:fd:5f:15:b9:c2:79:19:c1:a2:
fc:5d:b0:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhREcC9ZGdMnpNzEPM7u1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDA3OTBiYWUzY2Q4NWE1MGU0ZjkzNDM4ODM2MTc2M2Vi
ZmJlNWEwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTdjMWU1MjUwZGFjY2Q2NWNmYzcyMjIyOGIxNTIyMzAxMzMxY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIk8LO2YYTr3D2Dr8sirzItL7viF
5sqeacdKWQ4qKl9rfB8DPdz+0+g9IYqbLPfZXpkp+0/YSc76s8zovNPkf1opyF+o
5W2JPT86CE5KXkRF7XItPhJNDVDqYmoUFzc4wad0e+V3gW8r2CdJyTyRU4kQmcB+
5XGpbZeAxLxDxw+PtqDrqP0TumoJVCHNylyWITK08LKmdwuMIVJP3YvNhpcUEX6C
7iBBFglZRiF5lxao+H2UU8B2NnwHy6XwNiXchY2WIkyJbS3acRUZ4soX9YnGQRT5
bQgVfZOWxWTvpa0KAeIipADnmEQUItdHKRHu/gewCuffaTcMTNLIbLU9iwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKl8HlJQ2szWXPxyIiixUiMBMxz8MB8GA1UdIwQY
MBaAFFsAeQuuPNhaUOT5NDiDYXY+v75aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dCNUM2NDgyRnBRNVBrME9JTmhkajZfdmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZTQxNmMtNTU1MC00ZTgxLWE4YzQt
ZDYyMzViNWZlNjdhLzEvcVh3ZVVsRGF6TlpjX0hJaUtMRlNJd0V6SFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZTQxNmMtNTU1MC00ZTgxLWE4YzQtZDYyMzViNWZlNjdh
LzEvV3dCNUM2NDgyRnBRNVBrME9JTmhkajZfdmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueGhAwQA
ufncAwQA1AtPMA0GCSqGSIb3DQEBCwUAA4IBAQAXcrVRYNURGvhIVKd3qP/BpARg
t35+TDPFR60Y1r93ilkKiQ9/LoxFRNRfQWvfBUrNYRfgZFQgN4j8k/uEnp4c3o90
QERQvpmybW0Ph8dYMMRPzHj37+tqE6Pm9+7mFIgevXkJbCgT6tfKHzCdpAjQHhIt
OV6cKWoMe43qMDgcRX2s6j0OK9ucJIjDVf26YjIrMsqCPi66BlNs34j7E9UpTDJk
dpEt9kRnGDJhlrFDUOvsfcTq9OxEyt7Idx8XLejvuxzjMGVx5aCORKfwyGfdE9v7
7NgpItx9MYqzKAU0ODoGNfErLw/o3taZ2Ra1Az7mAqz9XxW5wnkZwaL8XbBx
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:43:05 2025 by rpki-client