Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/sQUp-AbS_KxkGCffMeLCbixURSE.roa
File: sQUp-AbS_KxkGCffMeLCbixURSE.roa (raw, json)
Hash identifier: pCvwu2+e0TI/6BJxpMcxOzTCXPwA7YINyMnHTgFQvmg=
Subject key identifier: B1:05:29:F8:06:D2:FC:AC:64:18:27:DF:31:E2:C2:6E:2C:54:45:21
Certificate issuer: /CN=24b086f4824266384e078cf777375f21bd370b70
Certificate serial: 019422FC22F9007EDE29075EA3ED04BCA432
Authority key identifier: 24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/sQUp-AbS_KxkGCffMeLCbixURSE.roa
Signing time: Wed 01 Jan 2025 17:48:56 +0000
ROA not before: Wed 01 Jan 2025 17:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62382
IP address blocks: 80.72.216.0/21 maxlen: 21
80.72.216.0/24 maxlen: 24
80.72.217.0/24 maxlen: 24
80.72.218.0/24 maxlen: 24
80.72.219.0/24 maxlen: 24
80.72.220.0/24 maxlen: 24
80.72.221.0/24 maxlen: 24
80.72.222.0/24 maxlen: 24
185.37.188.0/22 maxlen: 22
185.37.188.0/24 maxlen: 24
185.37.189.0/24 maxlen: 24
185.37.191.0/24 maxlen: 24
193.143.96.0/23 maxlen: 23
193.143.96.0/24 maxlen: 24
193.143.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:22:f9:00:7e:de:29:07:5e:a3:ed:04:bc:a4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b086f4824266384e078cf777375f21bd370b70
Validity
Not Before: Jan 1 17:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b10529f806d2fcac641827df31e2c26e2c544521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:42:99:16:98:fd:03:e1:34:6f:37:b9:ac:ef:
be:b2:d8:d9:b3:13:2f:49:e5:76:30:42:d1:e3:48:
bc:74:0d:31:a5:94:c0:d0:a0:85:52:4a:1c:d4:d4:
51:c0:36:aa:18:6f:d6:cc:c7:b6:b3:30:b7:e8:2c:
61:ad:56:e4:45:32:39:29:7e:dc:05:d3:1c:8a:3c:
f8:81:7a:13:2c:ad:78:9d:80:b3:8b:90:7f:e7:45:
2d:e8:57:b3:a6:b2:7f:4a:28:36:d0:55:50:a7:19:
4a:54:3b:c3:f0:40:a2:77:8f:24:ec:34:4c:9a:92:
d2:90:38:c3:36:70:92:f2:3b:cc:f5:d7:7c:df:11:
50:5e:bf:12:70:5c:e1:50:80:8c:7f:ce:4e:67:99:
c9:2d:31:6b:c5:22:26:f4:39:e6:df:64:74:6c:24:
9c:fd:16:44:57:25:08:cc:f6:54:f2:3c:1b:39:6d:
dc:15:3e:45:c0:e9:69:78:bd:62:7f:09:1d:d4:06:
07:c9:d4:67:6c:6a:5f:ff:12:b1:46:90:78:0e:1f:
7b:b7:d0:72:10:ec:77:f3:d7:06:45:26:69:b9:7f:
a1:13:87:56:9b:b2:fb:b1:fb:75:de:0d:15:36:a3:
cf:4a:9d:a1:12:fa:5c:c5:a3:98:4c:dc:97:ca:15:
da:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:05:29:F8:06:D2:FC:AC:64:18:27:DF:31:E2:C2:6E:2C:54:45:21
X509v3 Authority Key Identifier:
keyid:24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/sQUp-AbS_KxkGCffMeLCbixURSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.216.0/21
185.37.188.0/22
193.143.96.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:25:f1:2d:70:76:31:1a:d5:e6:62:23:e4:c9:78:20:9c:57:
a6:f3:1b:b9:8e:32:f2:4e:b6:37:15:9a:19:47:07:d5:04:15:
0d:04:12:7d:80:cf:78:1c:5f:ff:e4:8e:cb:b5:b8:b5:4b:83:
59:83:d4:9e:f6:4a:d6:a8:a4:f2:9b:63:ec:03:69:00:22:51:
fe:48:37:dc:c4:d4:a7:48:bf:4a:d7:c9:7d:4d:00:0a:03:22:
a0:92:c1:a9:33:8a:a2:ab:42:ed:cf:4f:21:af:6e:5e:4d:b4:
4a:12:b3:f1:e1:37:2f:a7:87:99:28:98:47:19:4a:2e:81:87:
71:1c:c9:a3:38:ef:e7:1e:65:23:bd:6e:c7:2d:42:c9:73:1f:
72:4f:17:3b:10:00:fe:d7:8b:d9:9f:1f:d1:40:de:46:d7:28:
21:27:42:54:1d:a4:a9:15:a9:b7:ab:f8:34:cd:0b:6e:d3:2e:
22:39:ba:74:66:f1:29:a2:0c:f1:b9:fa:cd:f7:e4:ce:5f:f6:
10:48:0b:b6:f5:8b:30:c1:cf:f6:f6:6a:05:9a:c1:dc:0e:c2:
2a:b3:8c:13:0b:c9:ab:1e:51:c4:6b:26:67:52:2f:ec:1d:bc:
b6:1b:f3:e7:6f:f1:1d:0f:1f:29:74:eb:49:04:0a:52:a8:d2:
31:1d:88:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/CL5AH7eKQdeo+0EvKQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjA4NmY0ODI0MjY2Mzg0ZTA3OGNmNzc3Mzc1ZjIxYmQz
NzBiNzAwHhcNMjUwMTAxMTc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA1MjlmODA2ZDJmY2FjNjQxODI3ZGYzMWUyYzI2ZTJjNTQ0NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUKZFpj9A+E0bze5rO++stjZsxMv
SeV2MELR40i8dA0xpZTA0KCFUkoc1NRRwDaqGG/WzMe2szC36CxhrVbkRTI5KX7c
BdMcijz4gXoTLK14nYCzi5B/50Ut6FezprJ/Sig20FVQpxlKVDvD8ECid48k7DRM
mpLSkDjDNnCS8jvM9dd83xFQXr8ScFzhUICMf85OZ5nJLTFrxSIm9Dnm32R0bCSc
/RZEVyUIzPZU8jwbOW3cFT5FwOlpeL1ifwkd1AYHydRnbGpf/xKxRpB4Dh97t9By
EOx389cGRSZpuX+hE4dWm7L7sft13g0VNqPPSp2hEvpcxaOYTNyXyhXazwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLEFKfgG0vysZBgn3zHiwm4sVEUhMB8GA1UdIwQY
MBaAFCSwhvSCQmY4TgeM93c3XyG9NwtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUt
ZGVjYjE4OGEwMDBkLzEvc1FVcC1BYlNfS3hrR0NmZk1lTENiaXhVUlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUtZGVjYjE4OGEwMDBk
LzEvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUEjYAwQC
uSW8AwQBwY9gMA0GCSqGSIb3DQEBCwUAA4IBAQC8JfEtcHYxGtXmYiPkyXggnFem
8xu5jjLyTrY3FZoZRwfVBBUNBBJ9gM94HF//5I7Ltbi1S4NZg9Se9krWqKTym2Ps
A2kAIlH+SDfcxNSnSL9K18l9TQAKAyKgksGpM4qiq0Ltz08hr25eTbRKErPx4Tcv
p4eZKJhHGUougYdxHMmjOO/nHmUjvW7HLULJcx9yTxc7EAD+14vZnx/RQN5G1ygh
J0JUHaSpFam3q/g0zQtu0y4iObp0ZvEpogzxufrN9+TOX/YQSAu29Yswwc/29moF
msHcDsIqs4wTC8mrHlHEayZnUi/sHby2G/Pnb/EdDx8pdOtJBApSqNIxHYhm
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:06:26 2025 by rpki-client