Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QkziaVrFwftxZYDqsXIGB4Jq2uw.roa
File: QkziaVrFwftxZYDqsXIGB4Jq2uw.roa (raw, json)
Hash identifier: pM3N/qTCiW8nIslpyb9l5cXJ6oSFLdGNgW8xpAE3kFI=
Subject key identifier: 42:4C:E2:69:5A:C5:C1:FB:71:65:80:EA:B1:72:06:07:82:6A:DA:EC
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0195CDC53BEE3F33FA120E03F1F3D95B874C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QkziaVrFwftxZYDqsXIGB4Jq2uw.roa
Signing time: Tue 25 Mar 2025 14:46:50 +0000
ROA not before: Tue 25 Mar 2025 14:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:c5:3b:ee:3f:33:fa:12:0e:03:f1:f3:d9:5b:87:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Mar 25 14:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=424ce2695ac5c1fb716580eab1720607826adaec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:27:ea:d2:48:da:c7:0e:4f:50:04:6a:e1:2b:
0e:3e:e6:f0:bb:cb:31:0f:38:e4:cf:35:3a:4e:e2:
84:24:d7:a8:5d:a9:70:78:8e:ee:08:42:27:e3:59:
6d:00:b8:ab:0c:d9:35:ab:16:a1:b2:18:ea:59:32:
45:f8:76:f8:30:eb:2a:bd:eb:f3:ea:b4:1c:cb:15:
fd:ca:88:0b:58:bb:ee:cc:4c:38:21:9c:1a:04:01:
78:89:3d:fc:a7:0b:c0:a0:86:7c:11:19:66:c5:a7:
e9:74:39:27:a0:d9:6b:d4:21:7d:04:ed:75:29:11:
11:3a:8f:0f:ca:50:af:e4:af:60:12:42:2a:6b:76:
d9:99:ee:fe:bf:07:b8:05:ea:a2:0c:60:16:02:db:
55:e6:84:c6:c5:50:2b:62:bd:22:78:8e:a3:74:dd:
2e:68:34:9d:b8:3e:4b:bd:e7:a9:5f:29:37:84:ef:
1a:98:3a:5d:31:8b:91:18:f0:2c:7c:b5:39:ae:90:
76:74:be:6d:b8:92:6d:3f:7d:23:33:0e:6a:87:f4:
8b:d2:51:9e:c9:90:53:11:aa:bd:c5:48:8c:f9:9a:
b9:a2:25:eb:f0:bd:d2:ae:52:4a:9c:07:ac:c6:3a:
8b:95:cb:f9:a9:69:e2:fa:d2:79:a4:f5:4e:73:0a:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4C:E2:69:5A:C5:C1:FB:71:65:80:EA:B1:72:06:07:82:6A:DA:EC
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QkziaVrFwftxZYDqsXIGB4Jq2uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
213.18.192.0/22
213.18.216.0/22
217.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:21:a7:f2:e8:1b:de:ba:c8:a5:e5:3c:7e:00:8c:88:f0:22:
6b:0b:0c:97:63:44:e5:33:b4:1b:11:d9:9e:8b:d8:98:22:a5:
e6:9d:53:62:b0:f6:24:b8:af:b3:fc:22:59:9a:3b:c2:3d:93:
ff:6b:66:3a:24:af:d7:24:e1:35:6e:b7:3d:aa:11:21:64:bf:
d2:a3:5a:61:0c:d6:2d:2b:41:8e:b2:e1:83:bf:7b:f9:70:ef:
eb:b6:3e:05:4e:20:a6:e3:60:95:94:57:e0:31:c7:8a:f0:23:
d7:39:bd:8b:33:6f:87:06:3a:3a:ca:f3:70:4f:e2:f8:7a:33:
5a:27:05:b5:ff:08:bf:79:7e:16:b4:07:47:ae:6f:e7:4c:e4:
ae:87:a2:82:a0:fe:2a:02:b9:06:fd:0d:e6:78:49:e5:2a:54:
0d:e1:94:b5:f3:bf:aa:b8:3d:ee:d5:8e:c3:ba:a1:fb:4e:87:
dc:72:ab:84:36:1a:b0:24:31:cf:33:e5:4f:92:56:92:b9:df:
34:a1:c9:73:eb:30:fc:a0:3b:ba:bc:d0:62:a1:75:02:79:40:
b3:d5:68:47:88:ec:f8:2d:5b:a4:7c:ce:c4:3c:0d:b0:1c:c6:
5c:dc:ad:49:b0:48:8d:71:17:e6:7a:24:14:9e:71:ee:bc:a8:
82:1d:33:c1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXNxTvuPzP6Eg4D8fPZW4dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMzI1MTQ0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRjZTI2OTVhYzVjMWZiNzE2NTgwZWFiMTcyMDYwNzgyNmFkYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyfq0kjaxw5PUARq4SsOPubwu8sx
DzjkzzU6TuKEJNeoXalweI7uCEIn41ltALirDNk1qxahshjqWTJF+Hb4MOsqvevz
6rQcyxX9yogLWLvuzEw4IZwaBAF4iT38pwvAoIZ8ERlmxafpdDknoNlr1CF9BO11
KREROo8PylCv5K9gEkIqa3bZme7+vwe4BeqiDGAWAttV5oTGxVArYr0ieI6jdN0u
aDSduD5LveepXyk3hO8amDpdMYuRGPAsfLU5rpB2dL5tuJJtP30jMw5qh/SL0lGe
yZBTEaq9xUiM+Zq5oiXr8L3SrlJKnAesxjqLlcv5qWni+tJ5pPVOcwowWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEJM4mlaxcH7cWWA6rFyBgeCatrsMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvUWt6aWFWckZ3ZnR4WllEcXNYSUdCNEpxMnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwu4sAwQC
wu5IAwQC1RLAAwQC1RLYAwQC2bVYMA0GCSqGSIb3DQEBCwUAA4IBAQC3Iafy6Bve
usil5Tx+AIyI8CJrCwyXY0TlM7QbEdmei9iYIqXmnVNisPYkuK+z/CJZmjvCPZP/
a2Y6JK/XJOE1brc9qhEhZL/So1phDNYtK0GOsuGDv3v5cO/rtj4FTiCm42CVlFfg
MceK8CPXOb2LM2+HBjo6yvNwT+L4ejNaJwW1/wi/eX4WtAdHrm/nTOSuh6KCoP4q
ArkG/Q3meEnlKlQN4ZS187+quD3u1Y7DuqH7TofccquENhqwJDHPM+VPklaSud80
oclz6zD8oDu6vNBioXUCeUCz1WhHiOz4LVukfM7EPA2wHMZc3K1JsEiNcRfmeiQU
nnHuvKiCHTPB
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:17:10 2025 by rpki-client