Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/QtRJtyTXK9puBBhr03zEdUXhmJU.roa
File: QtRJtyTXK9puBBhr03zEdUXhmJU.roa (raw, json)
Hash identifier: CQ2ku4izWTP3qE6q4oVtwl9pjXsYwvh3E/JxpBvTMZw=
Subject key identifier: 42:D4:49:B7:24:D7:2B:DA:6E:04:18:6B:D3:7C:C4:75:45:E1:98:95
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA5FFB89F06F60B7245C02CA84C55
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/QtRJtyTXK9puBBhr03zEdUXhmJU.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201825
IP address blocks: 37.230.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a5:ff:b8:9f:06:f6:0b:72:45:c0:2c:a8:4c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42d449b724d72bda6e04186bd37cc47545e19895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:06:a8:e1:55:8d:a9:1a:5d:7a:cc:dc:59:72:
0d:f6:f4:02:3c:fc:9a:ca:3c:c8:b1:0b:b5:8e:16:
64:7d:e5:b8:24:5c:e1:5e:ef:43:68:f2:e2:0f:68:
9f:b3:15:fa:12:5f:5a:24:3a:5f:20:da:ee:91:0a:
11:b6:f5:4b:92:ad:74:46:31:4e:77:87:45:22:2b:
cc:77:e3:7d:88:ee:01:7f:78:57:24:95:8f:46:72:
97:85:18:22:d9:20:7e:a6:22:81:d2:b6:51:6c:d9:
8c:e5:f8:8a:d5:3e:3e:b6:13:ab:fa:61:21:03:03:
5f:48:3e:27:60:2b:00:ba:57:f2:c6:f2:26:55:f6:
78:85:34:fc:93:d0:b8:19:44:c9:1b:e6:3e:4d:42:
10:1d:41:db:48:63:10:39:73:3c:5b:cb:10:05:7e:
f1:30:fa:26:4d:5c:dc:73:cf:84:0d:42:80:02:21:
27:3d:0b:a8:b7:5f:3d:56:53:0e:b4:69:09:df:29:
82:81:17:fe:06:e8:f0:d7:7f:3c:08:2d:3d:3f:c9:
39:5e:f8:2d:a9:fd:c1:e2:83:8e:28:6a:02:be:c1:
15:e5:c4:a7:39:e1:c3:14:2b:49:09:f6:c6:96:3b:
e2:31:68:69:f7:d7:98:c5:db:80:05:58:48:fb:ec:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D4:49:B7:24:D7:2B:DA:6E:04:18:6B:D3:7C:C4:75:45:E1:98:95
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/QtRJtyTXK9puBBhr03zEdUXhmJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.237.0/24
Signature Algorithm: sha256WithRSAEncryption
72:3f:ab:4a:ae:10:54:a8:31:d7:62:43:af:0a:39:50:6f:62:
fe:75:2e:8b:bb:4a:02:bf:e8:42:74:67:7e:da:82:f7:bd:d1:
02:4a:b4:24:e1:97:1d:4e:a3:73:eb:44:7d:f6:da:a8:6d:78:
14:5d:1f:17:d2:77:08:79:20:07:51:82:9e:ba:0b:b6:3d:fa:
f9:cc:24:61:cc:e3:69:ef:7f:55:f4:85:d7:b3:20:8b:ca:91:
b6:e6:2d:8a:f4:e7:1e:8e:97:15:da:0f:ba:f8:f1:ae:27:5d:
72:b4:6d:07:96:04:17:34:3f:95:60:21:a0:06:d7:12:9e:77:
5b:66:20:11:0b:71:07:98:df:27:8b:16:f0:0a:95:cc:56:6f:
b4:fa:81:e3:7c:e0:4f:a9:b3:29:fd:d5:9d:b4:9f:b5:2e:7f:
86:51:d5:57:0c:91:96:27:0d:64:3b:c3:e1:69:8c:44:67:d7:
a5:21:de:bd:f7:7d:47:0f:ae:7e:3d:24:d8:4e:7a:af:f6:1a:
b4:b7:41:f0:28:9d:78:fd:5c:4c:97:86:1d:47:eb:be:29:1e:
15:62:21:33:84:51:cf:ac:3c:b9:91:0b:09:0b:d3:76:c2:59:
57:57:a4:3c:8a:a4:bb:ae:8c:bb:14:4a:a3:0e:3c:44:e3:ba:
8c:c8:66:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qX/uJ8G9gtyRcAsqExVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ0NDliNzI0ZDcyYmRhNmUwNDE4NmJkMzdjYzQ3NTQ1ZTE5ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gao4VWNqRpdeszcWXIN9vQCPPya
yjzIsQu1jhZkfeW4JFzhXu9DaPLiD2ifsxX6El9aJDpfINrukQoRtvVLkq10RjFO
d4dFIivMd+N9iO4Bf3hXJJWPRnKXhRgi2SB+piKB0rZRbNmM5fiK1T4+thOr+mEh
AwNfSD4nYCsAulfyxvImVfZ4hTT8k9C4GUTJG+Y+TUIQHUHbSGMQOXM8W8sQBX7x
MPomTVzcc8+EDUKAAiEnPQuot189VlMOtGkJ3ymCgRf+Bujw1388CC09P8k5Xvgt
qf3B4oOOKGoCvsEV5cSnOeHDFCtJCfbGljviMWhp99eYxduABVhI++z19wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELUSbck1yvabgQYa9N8xHVF4ZiVMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvUXRSSnR5VFhLOXB1QkJocjAzekVkVVhobUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJebtMA0G
CSqGSIb3DQEBCwUAA4IBAQByP6tKrhBUqDHXYkOvCjlQb2L+dS6Lu0oCv+hCdGd+
2oL3vdECSrQk4ZcdTqNz60R99tqobXgUXR8X0ncIeSAHUYKeugu2Pfr5zCRhzONp
739V9IXXsyCLypG25i2K9OcejpcV2g+6+PGuJ11ytG0HlgQXND+VYCGgBtcSnndb
ZiARC3EHmN8nixbwCpXMVm+0+oHjfOBPqbMp/dWdtJ+1Ln+GUdVXDJGWJw1kO8Ph
aYxEZ9elId69931HD65+PSTYTnqv9hq0t0HwKJ14/VxMl4YdR+u+KR4VYiEzhFHP
rDy5kQsJC9N2wllXV6Q8iqS7roy7FEqjDjxE47qMyGbS
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:29 2025 by rpki-client