Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/q7sVZrLDAVZQekWMRkAvaSDSl9g.roa
File: q7sVZrLDAVZQekWMRkAvaSDSl9g.roa (raw, json)
Hash identifier: RRTQ5jExs41DvyGCsYtTzal7l6KRuDTnah7ylDN5VEE=
Subject key identifier: AB:BB:15:66:B2:C3:01:56:50:7A:45:8C:46:40:2F:69:20:D2:97:D8
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 0194266C44386FED17DBA6A494EDB319C76C
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/q7sVZrLDAVZQekWMRkAvaSDSl9g.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203576
IP address blocks: 83.150.212.0/24 maxlen: 24
83.150.213.0/24 maxlen: 24
83.150.214.0/24 maxlen: 24
83.150.215.0/24 maxlen: 24
89.252.188.0/24 maxlen: 32
89.252.189.0/24 maxlen: 32
89.252.190.0/24 maxlen: 32
89.252.191.0/24 maxlen: 32
185.126.216.0/24 maxlen: 32
185.126.217.0/24 maxlen: 32
185.126.218.0/24 maxlen: 32
185.126.219.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:44:38:6f:ed:17:db:a6:a4:94:ed:b3:19:c7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abbb1566b2c30156507a458c46402f6920d297d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8d:49:e6:2f:34:90:f8:72:b5:b0:02:96:1d:
d5:4d:ac:eb:29:5f:79:53:eb:bd:9d:4b:1e:88:7c:
86:f9:67:4c:22:5d:45:e8:5d:cf:80:05:d1:e7:95:
74:22:ec:63:f2:b4:37:92:a6:69:ec:c9:2a:88:cb:
68:41:54:d4:c8:85:3e:aa:b9:07:3c:7b:35:0f:cc:
2c:d3:85:13:ab:16:e1:ba:c6:b7:ab:12:e4:3c:7f:
cc:a3:6a:5f:fe:56:9a:f2:31:a5:24:92:e2:dc:05:
07:ae:6d:74:f4:e0:23:a7:97:dd:4c:ea:9f:c7:c5:
2e:5a:1b:0e:ac:5d:97:cc:f4:4f:e9:ab:f3:1d:50:
5e:f6:92:ba:bc:d0:af:8d:61:f1:3d:ef:4b:ac:4a:
b0:6a:ea:aa:f6:a1:44:5e:13:50:b5:79:c0:6a:56:
18:47:de:03:a4:cd:49:86:90:e9:01:13:4e:74:9b:
cc:7a:83:cf:9f:2a:7a:b0:1f:46:c6:e2:48:15:a8:
07:05:d1:c8:5e:c4:15:2b:a9:00:bf:61:7d:3e:3e:
8b:9f:8a:d7:a7:90:b3:69:ce:41:e4:39:3d:9c:d0:
84:b8:41:0f:d9:40:ae:85:f0:85:c7:f3:52:79:ab:
2a:bd:81:80:1f:41:14:ac:e7:69:4b:13:a8:ca:d5:
14:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BB:15:66:B2:C3:01:56:50:7A:45:8C:46:40:2F:69:20:D2:97:D8
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/q7sVZrLDAVZQekWMRkAvaSDSl9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.212.0/22
89.252.188.0/22
185.126.216.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:7a:38:d1:b0:4c:1a:9f:77:9e:c1:85:54:14:c0:5a:48:11:
71:84:d8:ef:9a:96:8d:03:e4:b1:a6:f0:f8:c2:60:49:3a:07:
8d:fb:a9:b7:ba:cc:6e:bd:75:cc:44:ee:4f:52:cd:ce:a1:f2:
c8:2a:ce:af:03:a0:03:fb:38:82:c2:fa:64:75:2d:0f:c0:17:
e1:42:98:ae:09:b7:b2:de:ad:70:8f:cd:0b:4f:84:2a:a9:c0:
10:04:38:de:69:df:e0:af:9c:90:fd:06:73:61:3d:2f:78:0f:
77:80:57:ec:f1:41:3c:86:df:2b:6b:e6:18:a0:ad:0f:c3:13:
6e:97:33:f9:3e:d6:d9:10:dd:f0:78:3f:4e:78:b9:cb:d5:5a:
d8:0e:6c:65:a2:06:4f:7a:22:b0:94:1e:6a:8c:f2:10:fb:56:
a8:ae:0a:51:0c:66:c9:45:63:18:89:9f:6c:f8:7f:2a:ca:72:
89:52:25:2d:34:8e:c5:ac:20:87:b6:40:03:1e:bc:2c:0e:0a:
9d:7f:19:f2:85:ab:d0:0c:c4:10:a7:90:e2:bb:33:0c:59:ff:
1e:1b:53:d9:bf:a4:0a:ae:fe:32:70:52:5b:ac:62:e0:9f:87:
69:fe:91:f7:83:d1:2f:f8:74:4d:5f:58:7e:dc:10:b8:d4:45:
7b:16:bf:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbEQ4b+0X26aklO2zGcdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmJiMTU2NmIyYzMwMTU2NTA3YTQ1OGM0NjQwMmY2OTIwZDI5N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3I1J5i80kPhytbAClh3VTazrKV95
U+u9nUseiHyG+WdMIl1F6F3PgAXR55V0Iuxj8rQ3kqZp7MkqiMtoQVTUyIU+qrkH
PHs1D8ws04UTqxbhusa3qxLkPH/Mo2pf/laa8jGlJJLi3AUHrm109OAjp5fdTOqf
x8UuWhsOrF2XzPRP6avzHVBe9pK6vNCvjWHxPe9LrEqwauqq9qFEXhNQtXnAalYY
R94DpM1JhpDpARNOdJvMeoPPnyp6sB9GxuJIFagHBdHIXsQVK6kAv2F9Pj6Ln4rX
p5Czac5B5Dk9nNCEuEEP2UCuhfCFx/NSeasqvYGAH0EUrOdpSxOoytUUJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKu7FWaywwFWUHpFjEZAL2kg0pfYMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvcTdzVlpyTERBVlpRZWtXTVJrQXZhU0RTbDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5bUAwQC
Wfy8AwQCuX7YMA0GCSqGSIb3DQEBCwUAA4IBAQCeejjRsEwan3eewYVUFMBaSBFx
hNjvmpaNA+SxpvD4wmBJOgeN+6m3usxuvXXMRO5PUs3OofLIKs6vA6AD+ziCwvpk
dS0PwBfhQpiuCbey3q1wj80LT4QqqcAQBDjead/gr5yQ/QZzYT0veA93gFfs8UE8
ht8ra+YYoK0PwxNulzP5PtbZEN3weD9OeLnL1VrYDmxlogZPeiKwlB5qjPIQ+1ao
rgpRDGbJRWMYiZ9s+H8qynKJUiUtNI7FrCCHtkADHrwsDgqdfxnyhavQDMQQp5Di
uzMMWf8eG1PZv6QKrv4ycFJbrGLgn4dp/pH3g9Ev+HRNX1h+3BC41EV7Fr9Y
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:31:21 2025 by rpki-client