Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/qV_9AVxPWae0y5-fLZuto-85kDg.roa
File: qV_9AVxPWae0y5-fLZuto-85kDg.roa (raw, json)
Hash identifier: OSp098/Lccrx91ZNUKdEfBZVG37EvXYrZYRNYQ5KXq4=
Subject key identifier: A9:5F:FD:01:5C:4F:59:A7:B4:CB:9F:9F:2D:9B:AD:A3:EF:39:90:38
Certificate issuer: /CN=4ce37f71c933bf827118c63c07774de98645d019
Certificate serial: 019421B224E5FA4E8D6D69A06E5F8444D643
Authority key identifier: 4C:E3:7F:71:C9:33:BF:82:71:18:C6:3C:07:77:4D:E9:86:45:D0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TON_cckzv4JxGMY8B3dN6YZF0Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/qV_9AVxPWae0y5-fLZuto-85kDg.roa
Signing time: Wed 01 Jan 2025 11:48:30 +0000
ROA not before: Wed 01 Jan 2025 11:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207143
IP address blocks: 45.131.254.0/24 maxlen: 24
185.142.212.0/22 maxlen: 22
185.142.212.0/24 maxlen: 24
185.142.213.0/24 maxlen: 24
185.142.214.0/24 maxlen: 24
185.142.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/TON_cckzv4JxGMY8B3dN6YZF0Bk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/TON_cckzv4JxGMY8B3dN6YZF0Bk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TON_cckzv4JxGMY8B3dN6YZF0Bk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:24:e5:fa:4e:8d:6d:69:a0:6e:5f:84:44:d6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce37f71c933bf827118c63c07774de98645d019
Validity
Not Before: Jan 1 11:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a95ffd015c4f59a7b4cb9f9f2d9bada3ef399038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:27:02:4b:14:e6:70:32:1e:7d:e4:3c:21:28:
54:b4:76:fb:38:0d:03:02:eb:26:eb:83:e4:9e:33:
79:b0:02:8e:3a:88:85:a2:96:cd:53:45:06:94:62:
ad:cf:d3:1f:9d:49:6d:b3:79:fc:52:23:40:e4:45:
40:fc:b7:33:2e:58:21:12:8d:86:8a:e3:99:a8:26:
cd:5e:3b:d1:05:11:3c:14:c4:b1:da:da:cf:b3:a6:
ba:c1:0d:f7:65:5e:a0:9e:cb:5c:b1:f2:34:69:8d:
f0:0b:5c:d5:ac:03:fb:d6:e3:f6:ec:d8:fb:cb:0b:
65:a7:53:68:1b:21:7b:14:16:10:ba:e6:2b:55:e9:
fa:47:af:f4:99:a9:71:16:69:0e:70:f6:0a:b9:39:
e6:50:8b:71:c7:aa:0b:52:55:83:64:d8:9a:7c:cf:
a2:4e:bf:11:40:1e:f4:95:a7:be:17:c5:48:13:bb:
90:de:42:6b:9b:9b:58:c8:ea:20:d5:9f:4f:4a:58:
c5:08:bb:91:ba:5b:7b:63:31:95:cb:4f:9f:ad:35:
3a:4c:62:ef:db:11:8a:95:e4:fd:94:3a:9f:1a:9c:
a8:23:ad:f3:bf:fa:e4:01:a8:71:97:2c:0a:cc:40:
ba:43:81:9b:b6:66:75:b4:73:e7:ae:1f:10:47:1c:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5F:FD:01:5C:4F:59:A7:B4:CB:9F:9F:2D:9B:AD:A3:EF:39:90:38
X509v3 Authority Key Identifier:
keyid:4C:E3:7F:71:C9:33:BF:82:71:18:C6:3C:07:77:4D:E9:86:45:D0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON_cckzv4JxGMY8B3dN6YZF0Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/qV_9AVxPWae0y5-fLZuto-85kDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/efdfc9-da3a-46bd-8300-e1c8a4febdee/1/TON_cckzv4JxGMY8B3dN6YZF0Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.254.0/24
185.142.212.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:af:b3:9f:80:47:af:c0:4d:6e:db:a0:03:12:f4:74:b7:e3:
19:a9:89:da:a5:d8:6c:1c:55:62:a2:d3:a9:73:b7:c9:22:77:
d5:45:71:17:e9:4b:43:77:c9:e5:05:36:d5:c9:7b:ce:03:c9:
c5:d1:2b:d9:66:dd:86:b9:3c:bd:1c:2f:11:9c:8e:1f:a1:96:
36:f5:07:cf:69:89:7d:0a:e1:22:ff:06:0c:3e:6a:33:ff:aa:
5a:fc:e1:0a:75:18:b8:86:28:3d:2d:71:03:dc:b1:1d:da:3e:
7c:72:89:83:c2:c0:ea:1c:af:91:41:7a:e9:6e:71:d2:b3:58:
98:51:9e:8b:6d:12:31:e6:68:a1:60:54:99:f6:2f:51:36:6b:
1d:15:99:99:0a:34:a5:42:04:61:7b:13:16:f8:57:3c:45:bc:
f2:e4:af:b6:86:7b:4a:90:0b:11:d3:87:ea:9b:12:3f:1f:f2:
37:e3:3e:df:23:71:4d:a4:09:85:7f:5e:37:fe:fa:c0:40:bb:
a2:85:be:fa:b8:c2:27:3c:5a:2e:ed:6d:7c:84:e7:aa:dd:b2:
77:b7:06:37:73:26:31:a1:a1:4d:45:14:da:d0:81:23:19:05:
10:f9:fe:f4:91:8d:eb:97:24:a4:bd:de:4f:7c:96:a7:86:0c:
f1:db:56:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsiTl+k6NbWmgbl+ERNZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTM3ZjcxYzkzM2JmODI3MTE4YzYzYzA3Nzc0ZGU5ODY0
NWQwMTkwHhcNMjUwMTAxMTE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTVmZmQwMTVjNGY1OWE3YjRjYjlmOWYyZDliYWRhM2VmMzk5MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ScCSxTmcDIefeQ8IShUtHb7OA0D
Ausm64PknjN5sAKOOoiFopbNU0UGlGKtz9MfnUlts3n8UiNA5EVA/LczLlghEo2G
iuOZqCbNXjvRBRE8FMSx2trPs6a6wQ33ZV6gnstcsfI0aY3wC1zVrAP71uP27Nj7
ywtlp1NoGyF7FBYQuuYrVen6R6/0malxFmkOcPYKuTnmUItxx6oLUlWDZNiafM+i
Tr8RQB70lae+F8VIE7uQ3kJrm5tYyOog1Z9PSljFCLuRult7YzGVy0+frTU6TGLv
2xGKleT9lDqfGpyoI63zv/rkAahxlywKzEC6Q4GbtmZ1tHPnrh8QRxz/uQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKlf/QFcT1mntMufny2braPvOZA4MB8GA1UdIwQY
MBaAFEzjf3HJM7+CcRjGPAd3TemGRdAZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9OX2Nja3p2NEp4R01ZOEIzZE42WVpGMEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmRmYzktZGEzYS00NmJkLTgzMDAt
ZTFjOGE0ZmViZGVlLzEvcVZfOUFWeFBXYWUweTUtZkxadXRvLTg1a0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmRmYzktZGEzYS00NmJkLTgzMDAtZTFjOGE0ZmViZGVl
LzEvVE9OX2Nja3p2NEp4R01ZOEIzZE42WVpGMEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYP+AwQC
uY7UMA0GCSqGSIb3DQEBCwUAA4IBAQArr7OfgEevwE1u26ADEvR0t+MZqYnapdhs
HFViotOpc7fJInfVRXEX6UtDd8nlBTbVyXvOA8nF0SvZZt2GuTy9HC8RnI4foZY2
9QfPaYl9CuEi/wYMPmoz/6pa/OEKdRi4hig9LXED3LEd2j58comDwsDqHK+RQXrp
bnHSs1iYUZ6LbRIx5mihYFSZ9i9RNmsdFZmZCjSlQgRhexMW+Fc8Rbzy5K+2hntK
kAsR04fqmxI/H/I34z7fI3FNpAmFf143/vrAQLuihb76uMInPFou7W18hOeq3bJ3
twY3cyYxoaFNRRTa0IEjGQUQ+f70kY3rlySkvd5PfJanhgzx21Zp
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:08 2025 by rpki-client