Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/qgSgsUNmjGc3XOuValdIkwwl07g.roa
File: qgSgsUNmjGc3XOuValdIkwwl07g.roa (raw, json)
Hash identifier: K6iu6N/DtzSRuE8h4cXXnk/shnPgBX6kLrlWrpVPx3E=
Subject key identifier: AA:04:A0:B1:43:66:8C:67:37:5C:EB:95:6A:57:48:93:0C:25:D3:B8
Certificate issuer: /CN=6d8e0e7e86775b415d3d5780ce4cfec0c859189c
Certificate serial: 019424B2CF41706AB1D3DDD39F173B58EFDD
Authority key identifier: 6D:8E:0E:7E:86:77:5B:41:5D:3D:57:80:CE:4C:FE:C0:C8:59:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/qgSgsUNmjGc3XOuValdIkwwl07g.roa
Signing time: Thu 02 Jan 2025 01:48:05 +0000
ROA not before: Thu 02 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212976
IP address blocks: 185.45.254.0/23 maxlen: 23
185.45.254.0/24 maxlen: 24
185.45.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:cf:41:70:6a:b1:d3:dd:d3:9f:17:3b:58:ef:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d8e0e7e86775b415d3d5780ce4cfec0c859189c
Validity
Not Before: Jan 2 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa04a0b143668c67375ceb956a5748930c25d3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:9d:73:50:cb:e7:9e:47:f9:94:f6:64:39:
df:f1:e2:bc:0d:66:83:47:c5:45:a1:0c:8d:05:2d:
3e:1a:5d:7a:51:2d:f2:7b:b4:65:bb:44:61:f8:7e:
60:be:3c:b9:23:69:e8:79:00:99:23:d4:13:0e:e9:
f4:c1:ef:3f:64:b5:4d:fc:e7:c5:e7:6b:d2:4a:8c:
1c:c9:ea:9f:03:43:da:be:a2:73:f8:49:ec:ed:5d:
33:48:24:ee:a1:af:b2:fe:18:31:c7:dc:8e:dc:4d:
c7:83:76:12:ee:12:5b:f5:f5:94:6f:6d:47:75:00:
29:21:1f:95:f0:59:c5:df:57:bd:db:bf:1e:ae:ed:
89:f9:4b:87:ca:0d:e8:e0:34:84:26:0b:ac:27:dd:
c7:21:34:0b:5a:7f:ec:50:1e:af:97:5c:0d:ef:d5:
7b:19:2f:2d:1b:c5:fa:cd:3b:55:f2:5b:a3:18:ec:
26:5a:8a:c9:1a:e1:9f:0b:a0:aa:51:eb:1e:bb:5d:
54:a0:40:6e:a2:cd:12:6d:fa:49:5d:d0:09:0e:dc:
84:f5:21:1a:21:7c:13:e5:fb:ee:55:a0:10:83:be:
48:a3:18:d7:b2:e5:17:4d:33:d1:21:f3:af:43:2d:
30:6e:93:e2:a3:3f:81:0f:09:12:02:a1:39:60:cc:
6d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:04:A0:B1:43:66:8C:67:37:5C:EB:95:6A:57:48:93:0C:25:D3:B8
X509v3 Authority Key Identifier:
keyid:6D:8E:0E:7E:86:77:5B:41:5D:3D:57:80:CE:4C:FE:C0:C8:59:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/qgSgsUNmjGc3XOuValdIkwwl07g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.254.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:2a:1f:81:3c:3b:56:5b:07:8d:a2:38:80:ef:1f:16:51:04:
d8:24:36:b9:7d:8b:e7:71:c9:0c:d8:40:6e:c3:36:da:8a:85:
a2:1a:b6:2f:73:c8:b6:06:00:64:a2:27:4f:7e:3b:a8:9e:cc:
d1:e5:7b:82:dc:71:6d:d2:6a:3c:1b:58:69:0b:9e:0d:94:34:
d5:a2:04:de:72:4e:24:79:e3:0b:b5:d5:1d:38:e0:91:5c:a8:
21:6f:34:ae:62:46:7c:29:c4:b5:ba:e8:ec:82:5f:7d:7d:52:
ad:6b:13:68:fb:66:4e:d9:49:18:31:15:b4:87:d3:d7:3b:cc:
16:6b:04:6e:d9:cb:59:bc:32:10:a1:20:67:b8:f4:d1:33:a7:
38:36:51:26:0b:f1:76:e9:6e:4d:fe:99:7d:3e:7b:84:95:53:
9c:f8:29:6a:52:6d:c2:c9:d3:1a:02:bd:72:91:9e:f6:0c:ca:
99:9f:88:ea:bc:0d:78:6b:f2:17:93:c3:d4:13:3f:28:74:4f:
5e:a2:8e:6a:1d:e9:0b:bc:c3:8d:06:d3:2a:a2:b6:1e:2a:8f:
82:6a:84:bd:ba:82:86:e3:93:fc:9c:bd:d1:9a:5e:72:10:52:
74:d0:34:85:8b:41:88:7c:2c:57:71:fa:e5:89:29:bd:d8:d9:
25:cc:4c:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkss9BcGqx093Tnxc7WO/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOGUwZTdlODY3NzViNDE1ZDNkNTc4MGNlNGNmZWMwYzg1
OTE4OWMwHhcNMjUwMTAyMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA0YTBiMTQzNjY4YzY3Mzc1Y2ViOTU2YTU3NDg5MzBjMjVkM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSydc1DL555H+ZT2ZDnf8eK8DWaD
R8VFoQyNBS0+Gl16US3ye7Rlu0Rh+H5gvjy5I2noeQCZI9QTDun0we8/ZLVN/OfF
52vSSowcyeqfA0PavqJz+Ens7V0zSCTuoa+y/hgxx9yO3E3Hg3YS7hJb9fWUb21H
dQApIR+V8FnF31e9278eru2J+UuHyg3o4DSEJgusJ93HITQLWn/sUB6vl1wN79V7
GS8tG8X6zTtV8lujGOwmWorJGuGfC6CqUeseu11UoEBuos0SbfpJXdAJDtyE9SEa
IXwT5fvuVaAQg75IoxjXsuUXTTPRIfOvQy0wbpPioz+BDwkSAqE5YMxtJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKoEoLFDZoxnN1zrlWpXSJMMJdO4MB8GA1UdIwQY
MBaAFG2ODn6Gd1tBXT1XgM5M/sDIWRicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlk0T2ZvWjNXMEZkUFZlQXprei13TWhaR0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8wNTYyMzUtZGYzNi00ODcwLTg3NDYt
YWU1ZjRjMTJkZTc5LzEvcWdTZ3NVTm1qR2MzWE91VmFsZElrd3dsMDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8wNTYyMzUtZGYzNi00ODcwLTg3NDYtYWU1ZjRjMTJkZTc5
LzEvYlk0T2ZvWjNXMEZkUFZlQXprei13TWhaR0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuS3+MA0G
CSqGSIb3DQEBCwUAA4IBAQDAKh+BPDtWWweNojiA7x8WUQTYJDa5fYvncckM2EBu
wzbaioWiGrYvc8i2BgBkoidPfjuonszR5XuC3HFt0mo8G1hpC54NlDTVogTeck4k
eeMLtdUdOOCRXKghbzSuYkZ8KcS1uujsgl99fVKtaxNo+2ZO2UkYMRW0h9PXO8wW
awRu2ctZvDIQoSBnuPTRM6c4NlEmC/F26W5N/pl9PnuElVOc+ClqUm3CydMaAr1y
kZ72DMqZn4jqvA14a/IXk8PUEz8odE9eoo5qHekLvMONBtMqorYeKo+CaoS9uoKG
45P8nL3Rml5yEFJ00DSFi0GIfCxXcfrliSm92NklzEzo
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:50 2025 by rpki-client