Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/QWkT31GYhkK2dZU3UMSr2Ck3CMY.roa
File: QWkT31GYhkK2dZU3UMSr2Ck3CMY.roa (raw, json)
Hash identifier: bsZQ/G0U8862JpB88PTG8FxX7m4i8ha16ESClmf3E34=
Subject key identifier: 41:69:13:DF:51:98:86:42:B6:75:95:37:50:C4:AB:D8:29:37:08:C6
Certificate issuer: /CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Certificate serial: 0194222041C498F1CCCD4606795FFD5F0262
Authority key identifier: 49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/QWkT31GYhkK2dZU3UMSr2Ck3CMY.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198904
IP address blocks: 5.32.184.0/24 maxlen: 24
5.32.185.0/24 maxlen: 24
5.32.186.0/24 maxlen: 24
5.32.187.0/24 maxlen: 24
5.32.188.0/24 maxlen: 24
2a01:6ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:41:c4:98:f1:cc:cd:46:06:79:5f:fd:5f:02:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=416913df51988642b675953750c4abd8293708c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:97:11:5d:7d:94:5d:eb:bb:a8:3c:62:23:
40:06:9c:4b:0d:bf:ce:dc:f4:7a:b5:59:6b:87:23:
df:92:67:77:cd:57:6c:55:22:1f:26:32:12:54:b0:
1d:a9:62:7c:3b:d7:68:0a:31:70:73:a4:ac:dc:83:
d2:65:10:57:d0:28:4c:6c:6e:b0:03:ef:ed:2a:65:
28:2a:8b:83:4e:10:36:82:d9:f9:e8:ab:36:fd:2d:
34:ea:17:f1:ac:3a:b5:d9:04:ce:fc:6b:92:e2:26:
6c:5b:64:a1:0d:40:55:06:c6:f2:4c:66:05:ab:0d:
1e:cf:c4:68:68:9f:13:f9:eb:6f:d6:c6:f5:92:dd:
07:f6:e3:5a:1c:a5:ca:55:4e:0b:c6:40:73:00:e8:
55:f7:c3:0f:b3:05:95:4d:e6:ea:64:ae:b9:8f:b0:
cc:07:b3:38:c1:f6:5f:49:5e:02:cf:c6:b6:e4:84:
f0:9a:4c:5c:3e:15:e6:03:d5:f0:1e:b3:eb:84:a8:
c4:85:b0:d3:fa:17:74:32:e3:f5:a4:a8:dd:99:e4:
42:1d:b2:e1:50:5a:26:ef:5e:55:fd:4f:46:9c:46:
13:b1:04:6d:e6:58:ae:13:8e:27:1c:c5:fc:04:01:
b4:7e:00:35:ee:88:d7:bc:27:d0:1e:eb:1b:41:03:
0a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:69:13:DF:51:98:86:42:B6:75:95:37:50:C4:AB:D8:29:37:08:C6
X509v3 Authority Key Identifier:
keyid:49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/QWkT31GYhkK2dZU3UMSr2Ck3CMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.184.0-5.32.188.255
IPv6:
2a01:6ec0::/32
Signature Algorithm: sha256WithRSAEncryption
89:04:d3:46:52:7f:bb:e8:56:b2:32:a8:50:6c:31:c3:b9:bb:
57:bb:e1:31:95:8c:a1:2c:f6:75:b4:51:f9:6e:66:9b:78:b4:
a5:9b:ee:62:1a:17:01:3a:d9:64:5d:03:07:81:2f:85:08:e6:
19:38:d5:4d:e6:32:d5:93:ed:b8:a1:a1:06:ad:86:00:c9:1f:
d9:e5:70:8d:e9:1a:dd:3c:2c:61:7e:90:61:83:f6:b4:65:db:
47:f4:3b:74:d1:80:e9:46:aa:10:a2:70:43:fe:de:69:04:8c:
01:7a:d0:de:10:66:bd:03:73:6f:9b:b4:15:c0:73:2a:cf:9e:
d5:08:4c:5a:05:83:10:14:53:4a:7c:15:ac:b5:08:ec:da:a6:
0c:ad:13:30:b5:02:91:ec:de:4c:52:3a:27:ae:42:46:99:9c:
b3:e8:be:59:7b:69:9e:5c:40:d6:de:6a:4f:34:23:39:4b:bb:
93:8b:49:cd:e4:ed:f3:f2:c8:4c:ca:10:16:52:3d:48:6a:f9:
ed:be:7a:c3:6e:30:08:f0:a5:0b:57:5d:0a:2c:c7:b7:92:fd:
10:16:b3:b6:43:3a:67:63:08:82:35:c6:16:3d:80:d7:29:08:
47:cb:f5:e0:15:55:97:0d:83:d3:9a:41:e5:b1:95:98:97:f0:
39:78:bc:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQiIEHEmPHMzUYGeV/9XwJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjA5M2JiOGU4YWQxMWM0YzgzNGVkZmQyZGY1NGQ0MWNi
NDlmNzkwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY5MTNkZjUxOTg4NjQyYjY3NTk1Mzc1MGM0YWJkODI5MzcwOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtESXEV19lF3ru6g8YiNABpxLDb/O
3PR6tVlrhyPfkmd3zVdsVSIfJjISVLAdqWJ8O9doCjFwc6Ss3IPSZRBX0ChMbG6w
A+/tKmUoKouDThA2gtn56Ks2/S006hfxrDq12QTO/GuS4iZsW2ShDUBVBsbyTGYF
qw0ez8RoaJ8T+etv1sb1kt0H9uNaHKXKVU4LxkBzAOhV98MPswWVTebqZK65j7DM
B7M4wfZfSV4Cz8a25ITwmkxcPhXmA9XwHrPrhKjEhbDT+hd0MuP1pKjdmeRCHbLh
UFom715V/U9GnEYTsQRt5liuE44nHMX8BAG0fgA17ojXvCfQHusbQQMKlwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEFpE99RmIZCtnWVN1DEq9gpNwjGMB8GA1UdIwQY
MBaAFEnwk7uOitEcTINO39LfVNQctJ95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMt
ZTk2MTdkNjZhNzRiLzEvUVdrVDMxR1loa0syZFpVM1VNU3IyQ2szQ01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMtZTk2MTdkNjZhNzRi
LzEvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMFILgD
BAAFILwwDQQCAAIwBwMFACoBbsAwDQYJKoZIhvcNAQELBQADggEBAIkE00ZSf7vo
VrIyqFBsMcO5u1e74TGVjKEs9nW0UfluZpt4tKWb7mIaFwE62WRdAweBL4UI5hk4
1U3mMtWT7bihoQathgDJH9nlcI3pGt08LGF+kGGD9rRl20f0O3TRgOlGqhCicEP+
3mkEjAF60N4QZr0Dc2+btBXAcyrPntUITFoFgxAUU0p8Fay1COzapgytEzC1ApHs
3kxSOieuQkaZnLPovll7aZ5cQNbeak80IzlLu5OLSc3k7fPyyEzKEBZSPUhq+e2+
esNuMAjwpQtXXQosx7eS/RAWs7ZDOmdjCII1xhY9gNcpCEfL9eAVVZcNg9OaQeWx
lZiX8Dl4vKY=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:45 2025 by rpki-client