Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4QR_9ICDY1eAjAMQinzDvd_fSbM.roa
File: 4QR_9ICDY1eAjAMQinzDvd_fSbM.roa (raw, json)
Hash identifier: QOGIl5yTiA09+cvbQSor4wKyODpGweFUOGDGmoa5Fkw=
Subject key identifier: E1:04:7F:F4:80:83:63:57:80:8C:03:10:8A:7C:C3:BD:DF:DF:49:B3
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 019421B201718976C5C8F229315DD297A0F4
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4QR_9ICDY1eAjAMQinzDvd_fSbM.roa
Signing time: Wed 01 Jan 2025 11:48:21 +0000
ROA not before: Wed 01 Jan 2025 11:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42811
IP address blocks: 81.14.0.0/17 maxlen: 17
95.176.0.0/17 maxlen: 17
185.147.220.0/22 maxlen: 22
2a00:be80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.mft
rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:01:71:89:76:c5:c8:f2:29:31:5d:d2:97:a0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 1 11:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1047ff480836357808c03108a7cc3bddfdf49b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0f:cc:d4:c3:f1:66:e3:a1:51:e4:a6:bb:59:
94:34:12:2c:06:cb:b3:23:52:aa:b1:3b:74:48:8a:
48:f0:3f:a3:02:a3:8d:9c:51:e5:80:8f:49:ca:e0:
72:56:77:61:78:e2:17:f2:6a:0a:de:cf:f3:74:46:
5d:8e:dd:ac:c8:26:f4:6d:fd:22:00:d6:fb:c9:73:
9b:e1:61:5b:d1:88:98:08:f7:4f:88:91:e3:bc:4d:
79:08:83:19:0a:1d:a1:1f:72:8e:9c:58:9c:53:7f:
7b:37:28:10:80:c6:15:e2:cd:56:91:a1:19:dd:76:
77:c1:90:90:ad:8d:f9:b9:8c:0c:4d:db:67:01:f4:
21:11:f9:42:41:e3:a9:97:b6:64:d5:6c:e9:12:21:
43:bc:9a:24:c9:99:bf:63:f4:04:a5:60:b9:ab:49:
c3:4a:55:9d:3f:98:bd:b4:fd:fb:ab:56:58:22:39:
8d:72:62:59:7b:f2:66:2a:3d:6c:b7:f5:77:b3:ae:
cf:13:9a:c9:d5:f8:88:65:c2:9d:05:1b:45:99:f3:
24:cf:32:f6:f2:a2:77:c2:a5:f0:aa:ca:f6:42:be:
b4:c1:4e:ab:17:ea:cd:7c:d9:5a:f7:cd:e3:90:e2:
7f:c3:13:71:3b:71:af:48:3b:40:cd:fa:eb:9e:c0:
e0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:04:7F:F4:80:83:63:57:80:8C:03:10:8A:7C:C3:BD:DF:DF:49:B3
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/4QR_9ICDY1eAjAMQinzDvd_fSbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
5c:4d:cd:f8:63:e9:1e:98:73:fe:84:0f:9f:b2:ec:10:0f:01:
22:67:c6:19:9d:7f:fa:6f:2a:ff:52:4a:e8:2f:40:8d:c4:53:
14:b0:39:f5:93:fd:98:43:90:dd:f4:4f:c5:72:3c:6d:ea:5a:
3c:04:18:59:66:c2:7b:25:8e:bd:e8:23:a9:4c:6d:4b:26:80:
a0:bf:89:2c:44:9f:d5:2f:f5:aa:ec:62:9b:cd:4a:9b:79:66:
b9:ba:ed:b9:56:7c:48:33:6f:a8:db:c5:68:41:83:33:a7:69:
45:de:02:61:f7:3a:da:c4:ef:9a:aa:81:88:ba:f1:44:d2:47:
a3:cc:c6:6b:43:19:8c:05:76:66:51:fd:bd:a3:8b:ce:03:ef:
ba:24:0c:cf:bd:73:92:dc:1c:1d:cf:7a:8c:43:b2:55:c4:f9:
51:e8:45:49:e7:c7:9c:05:1d:bc:7f:1a:07:3d:7e:73:39:c5:
ef:b3:3e:87:42:25:27:f0:65:0c:bc:79:69:1f:d9:91:05:8b:
6b:53:f3:21:35:55:0a:ca:24:24:a5:a6:3e:6d:e4:72:2e:f0:
b5:12:fd:77:fe:c3:5b:3d:21:85:82:a4:4c:f7:4f:74:2e:f1:
2c:09:2c:1b:2c:ba:be:08:e9:4c:3f:ca:91:3a:c0:58:e1:0f:
58:0b:a5:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsgFxiXbFyPIpMV3Sl6D0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTI4NzkyN2FkN2IxZGI0NzlhZTVhYjkyYWI4N2M0YTRm
YWY0OTYwHhcNMjUwMTAxMTE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA0N2ZmNDgwODM2MzU3ODA4YzAzMTA4YTdjYzNiZGRmZGY0OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7w/M1MPxZuOhUeSmu1mUNBIsBsuz
I1KqsTt0SIpI8D+jAqONnFHlgI9JyuByVndheOIX8moK3s/zdEZdjt2syCb0bf0i
ANb7yXOb4WFb0YiYCPdPiJHjvE15CIMZCh2hH3KOnFicU397NygQgMYV4s1WkaEZ
3XZ3wZCQrY35uYwMTdtnAfQhEflCQeOpl7Zk1WzpEiFDvJokyZm/Y/QEpWC5q0nD
SlWdP5i9tP37q1ZYIjmNcmJZe/JmKj1st/V3s67PE5rJ1fiIZcKdBRtFmfMkzzL2
8qJ3wqXwqsr2Qr60wU6rF+rNfNla983jkOJ/wxNxO3GvSDtAzfrrnsDg8QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOEEf/SAg2NXgIwDEIp8w73f30mzMB8GA1UdIwQY
MBaAFBASh5J617HbR5rlq5Krh8Sk+vSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMt
NzNhNDUyYmFmYjQ2LzEvNFFSXzlJQ0RZMWVBakFNUWluekR2ZF9mU2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMtNzNhNDUyYmFmYjQ2
LzEvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHUQ4AAwQH
X7AAAwQCuZPcMA0EAgACMAcDBQAqAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQBcTc34
Y+kemHP+hA+fsuwQDwEiZ8YZnX/6byr/UkroL0CNxFMUsDn1k/2YQ5Dd9E/Fcjxt
6lo8BBhZZsJ7JY696COpTG1LJoCgv4ksRJ/VL/Wq7GKbzUqbeWa5uu25VnxIM2+o
28VoQYMzp2lF3gJh9zraxO+aqoGIuvFE0kejzMZrQxmMBXZmUf29o4vOA++6JAzP
vXOS3Bwdz3qMQ7JVxPlR6EVJ58ecBR28fxoHPX5zOcXvsz6HQiUn8GUMvHlpH9mR
BYtrU/MhNVUKyiQkpaY+beRyLvC1Ev13/sNbPSGFgqRM9090LvEsCSwbLLq+COlM
P8qROsBY4Q9YC6XU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:22 2025 by rpki-client