Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bqT0YeAhtl8HXgKWXTHsXvzrmxM.roa
File: bqT0YeAhtl8HXgKWXTHsXvzrmxM.roa (raw, json)
Hash identifier: MeQQwtYVritPs/rwvak/6/BqNGkePOEhbf9TfPte6Fc=
Subject key identifier: 6E:A4:F4:61:E0:21:B6:5F:07:5E:02:96:5D:31:EC:5E:FC:EB:9B:13
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0194228D16BFE36B7CDE832C4589EBA12BA3
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bqT0YeAhtl8HXgKWXTHsXvzrmxM.roa
Signing time: Wed 01 Jan 2025 15:47:39 +0000
ROA not before: Wed 01 Jan 2025 15:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3261
IP address blocks: 2.57.112.0/22 maxlen: 24
5.153.128.0/19 maxlen: 24
5.153.160.0/22 maxlen: 22
5.153.160.0/24 maxlen: 24
5.153.161.0/24 maxlen: 24
5.153.162.0/24 maxlen: 24
5.153.163.0/24 maxlen: 24
5.153.164.0/24 maxlen: 24
5.153.165.0/24 maxlen: 24
5.153.166.0/24 maxlen: 24
5.153.167.0/24 maxlen: 24
5.153.168.0/24 maxlen: 24
5.153.169.0/24 maxlen: 24
5.153.170.0/24 maxlen: 24
5.153.171.0/24 maxlen: 24
5.153.173.0/24 maxlen: 24
5.153.174.0/24 maxlen: 24
92.242.96.0/19 maxlen: 24
195.184.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:16:bf:e3:6b:7c:de:83:2c:45:89:eb:a1:2b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 15:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ea4f461e021b65f075e02965d31ec5efceb9b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:61:3b:5a:d2:37:a5:01:ae:76:5d:95:30:77:
27:51:e6:a8:c8:d0:da:33:6b:17:dd:dc:07:d5:33:
c6:cf:a0:7a:0b:14:9a:14:72:08:bb:a6:02:16:2b:
e3:f9:73:70:78:9b:8d:a4:88:24:b6:8e:0f:47:8e:
05:5b:34:93:67:9c:c8:88:d1:e9:59:6e:45:80:4c:
57:f8:0f:36:24:1f:8f:3a:80:b7:0a:cb:be:57:e5:
56:96:10:c0:6a:b0:c9:1c:5d:6d:f5:f6:d7:77:38:
c3:e0:20:1e:29:e5:e7:6e:3a:93:c4:f1:43:3c:d0:
6a:26:bd:e6:33:f2:87:f4:ea:f8:7a:9c:fc:79:3d:
03:74:c4:60:16:11:a9:e6:7b:4b:3a:0f:16:0d:f7:
86:d1:57:14:b2:97:d5:41:ab:1a:ff:a0:c1:ec:0e:
d8:b7:02:2c:f1:51:78:b3:5b:35:e0:b8:d5:8c:2a:
0d:63:6c:22:a9:ae:ad:bb:9e:8d:0b:44:37:5a:0e:
c4:f7:b2:43:05:e2:d5:d4:72:82:4b:47:42:51:7a:
ce:92:6a:2c:a8:67:f7:03:88:c1:e3:b0:49:2c:e5:
69:aa:d0:29:b3:1e:eb:cd:17:48:f3:fd:c0:43:9b:
39:d3:03:b9:1f:ec:8e:d0:5e:8a:81:ac:5c:c8:99:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A4:F4:61:E0:21:B6:5F:07:5E:02:96:5D:31:EC:5E:FC:EB:9B:13
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/bqT0YeAhtl8HXgKWXTHsXvzrmxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.112.0/22
5.153.128.0-5.153.171.255
5.153.173.0-5.153.174.255
92.242.96.0/19
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
91:8f:4b:53:4d:20:f1:55:f1:07:ed:09:1f:02:66:f1:cc:05:
40:e0:13:e4:02:aa:2a:cb:a9:d3:24:cf:44:f1:65:de:37:94:
1a:f7:b3:77:c1:0d:b5:28:f6:48:5b:4b:d3:d1:f9:bd:11:96:
46:40:f9:40:13:53:d5:24:c0:67:0e:83:22:5b:12:ba:1d:ce:
40:7d:0c:99:f3:29:d8:68:0c:26:cb:4a:57:e3:52:0b:a4:12:
3a:ea:9b:b0:1b:29:ab:e3:12:08:f5:cb:43:8e:3c:ae:c7:0c:
47:8d:f0:c7:ef:5e:8e:59:c4:8c:7f:81:aa:d0:df:c7:e8:ee:
97:18:dd:b8:02:b3:9b:4b:58:ae:3b:e4:7c:24:39:41:d2:89:
c6:81:86:bb:ff:5f:96:39:c7:f2:b9:0a:42:85:30:2d:6e:b1:
37:02:1e:a4:63:b6:ea:63:70:f9:5f:0f:f6:d1:25:bd:2b:fd:
75:58:45:5d:42:98:6f:00:10:9b:0b:d8:90:33:08:c4:94:3b:
a9:5e:be:a7:a7:ef:94:44:df:f9:7c:5b:3d:de:82:36:16:5e:
b8:1c:92:3f:5b:34:fd:66:25:04:0b:11:01:07:95:c0:ca:d4:
83:0e:03:84:66:ac:2d:5c:2f:4d:b9:ed:a1:37:76:53:73:67:
ce:52:67:56
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQijRa/42t83oMsRYnroSujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTAxMTU0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE0ZjQ2MWUwMjFiNjVmMDc1ZTAyOTY1ZDMxZWM1ZWZjZWI5YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumE7WtI3pQGudl2VMHcnUeaoyNDa
M2sX3dwH1TPGz6B6CxSaFHIIu6YCFivj+XNweJuNpIgkto4PR44FWzSTZ5zIiNHp
WW5FgExX+A82JB+POoC3Csu+V+VWlhDAarDJHF1t9fbXdzjD4CAeKeXnbjqTxPFD
PNBqJr3mM/KH9Or4epz8eT0DdMRgFhGp5ntLOg8WDfeG0VcUspfVQasa/6DB7A7Y
twIs8VF4s1s14LjVjCoNY2wiqa6tu56NC0Q3Wg7E97JDBeLV1HKCS0dCUXrOkmos
qGf3A4jB47BJLOVpqtApsx7rzRdI8/3AQ5s50wO5H+yO0F6KgaxcyJkcmwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFG6k9GHgIbZfB14Cll0x7F7865sTMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvYnFUMFllQWh0bDhIWGdLV1hUSHNYdnpybXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCAjlwMAwD
BAcFmYADBAIFmagwDAMEAAWZrQMEAAWZrgMEBVzyYAMEBcO4wDANBgkqhkiG9w0B
AQsFAAOCAQEAkY9LU00g8VXxB+0JHwJm8cwFQOAT5AKqKsup0yTPRPFl3jeUGvez
d8ENtSj2SFtL09H5vRGWRkD5QBNT1STAZw6DIlsSuh3OQH0MmfMp2GgMJstKV+NS
C6QSOuqbsBspq+MSCPXLQ448rscMR43wx+9ejlnEjH+BqtDfx+julxjduAKzm0tY
rjvkfCQ5QdKJxoGGu/9fljnH8rkKQoUwLW6xNwIepGO26mNw+V8P9tElvSv9dVhF
XUKYbwAQmwvYkDMIxJQ7qV6+p6fvlETf+XxbPd6CNhZeuBySP1s0/WYlBAsRAQeV
wMrUgw4DhGasLVwvTbntoTd2U3NnzlJnVg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:45:42 2025 by rpki-client