
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qSJVGMUAqwZgOUGBBbC8SbtMa-g.roa
File: qSJVGMUAqwZgOUGBBbC8SbtMa-g.roa (raw, json)
Hash identifier: NwQuDHx/UK0wUMGUJSHkaH5zf9+K9jZBieKI+5b3oEE=
Subject key identifier: A9:22:55:18:C5:00:AB:06:60:39:41:81:05:B0:BC:49:BB:4C:6B:E8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143FCAF83FA7AD36C2F3EE0EB5F6391
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qSJVGMUAqwZgOUGBBbC8SbtMa-g.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198100
IP address blocks: 89.213.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Feb 2025 12:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fc:af:83:fa:7a:d3:6c:2f:3e:e0:eb:5f:63:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9225518c500ab066039418105b0bc49bb4c6be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7e:1a:d2:75:60:e6:d4:26:e8:97:5b:f7:d5:
08:64:eb:ec:51:64:d7:35:c5:73:71:eb:81:7a:04:
1b:bd:39:0b:37:6b:ed:ae:39:74:a7:45:de:43:7f:
ee:24:11:fe:7d:cf:ed:97:aa:15:60:92:5a:7a:73:
51:18:59:a9:86:4d:1e:61:02:88:64:94:03:9d:92:
06:87:fc:b2:84:c2:ec:13:8d:49:bb:17:69:ff:42:
15:c4:67:24:7f:91:5e:f5:4d:ee:1a:39:be:82:67:
e4:f1:e9:61:67:7b:91:ac:e7:56:b6:f7:98:e3:43:
85:f4:78:52:95:fd:a5:f3:82:ea:e6:db:1f:f6:61:
c3:56:1f:49:6a:d0:dd:20:77:0f:13:e7:16:4c:31:
ac:11:60:c0:e6:18:33:20:0c:6a:20:d8:46:ff:a5:
f1:9c:24:52:b2:f6:8b:1c:c4:df:84:35:bc:81:b0:
74:1f:23:c4:69:96:ed:1b:f8:a9:91:35:45:1d:4c:
05:a5:d6:24:eb:42:34:75:d5:ee:71:08:ec:6b:17:
00:7f:46:2d:2f:99:9f:a5:e3:97:d4:dd:9d:7c:b3:
cb:29:b6:d8:be:dc:ad:20:17:a8:1c:9b:bb:50:3b:
94:46:30:d1:4c:7f:f1:d6:e4:93:5d:c0:3c:8f:a9:
df:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:22:55:18:C5:00:AB:06:60:39:41:81:05:B0:BC:49:BB:4C:6B:E8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qSJVGMUAqwZgOUGBBbC8SbtMa-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d3:d0:55:c1:0c:9c:0b:88:96:ec:a2:e2:61:b8:fe:5f:e2:
dc:68:59:ef:b5:20:86:17:8f:4d:be:38:9d:e0:60:17:44:69:
50:a4:5c:99:76:e4:85:3f:f3:c2:9b:49:12:b2:70:fc:1e:38:
87:6a:41:59:ca:36:77:fe:16:ad:9d:cc:6d:f8:f9:ab:f7:0e:
53:7d:7d:dd:e6:d8:c9:cb:9f:b7:f3:b1:37:96:a2:40:24:87:
9c:72:f1:50:ab:c4:47:5c:02:13:c5:09:dd:fb:71:55:2d:4e:
09:6f:e1:31:cd:3e:e4:36:6b:bd:f9:d7:52:8f:22:6a:bc:75:
27:fa:9e:b0:fa:43:95:e5:71:6a:a4:87:37:20:6e:fd:2f:66:
07:c3:a6:74:29:a4:8a:b7:d0:0c:3d:8d:8f:03:85:25:08:b8:
1e:be:5e:d1:cc:f2:79:1b:69:58:52:26:3d:d1:8e:45:c3:d6:
d7:61:e6:8a:8f:2d:d3:f0:df:93:84:81:3e:14:3d:ae:b2:2c:
6c:93:75:02:55:7d:32:7e:fe:05:ab:46:a8:75:88:2b:27:88:
11:f7:db:f5:f8:d0:a2:41:1d:3e:ba:3a:bb:6d:8b:e3:57:cf:
bf:79:10:4a:88:9c:93:fb:81:98:bb:9c:75:c7:a0:39:d0:db:
b5:17:9c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/yvg/p602wvPuDrX2ORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIyNTUxOGM1MDBhYjA2NjAzOTQxODEwNWIwYmM0OWJiNGM2YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n4a0nVg5tQm6Jdb99UIZOvsUWTX
NcVzceuBegQbvTkLN2vtrjl0p0XeQ3/uJBH+fc/tl6oVYJJaenNRGFmphk0eYQKI
ZJQDnZIGh/yyhMLsE41Juxdp/0IVxGckf5Fe9U3uGjm+gmfk8elhZ3uRrOdWtveY
40OF9HhSlf2l84Lq5tsf9mHDVh9JatDdIHcPE+cWTDGsEWDA5hgzIAxqINhG/6Xx
nCRSsvaLHMTfhDW8gbB0HyPEaZbtG/ipkTVFHUwFpdYk60I0ddXucQjsaxcAf0Yt
L5mfpeOX1N2dfLPLKbbYvtytIBeoHJu7UDuURjDRTH/x1uSTXcA8j6nfuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkiVRjFAKsGYDlBgQWwvEm7TGvoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVNKVkdNVUFxd1pnT1VHQkJiQzhTYnRNYS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWcMA0G
CSqGSIb3DQEBCwUAA4IBAQCj09BVwQycC4iW7KLiYbj+X+LcaFnvtSCGF49Nvjid
4GAXRGlQpFyZduSFP/PCm0kSsnD8HjiHakFZyjZ3/hatncxt+Pmr9w5TfX3d5tjJ
y5+387E3lqJAJIeccvFQq8RHXAITxQnd+3FVLU4Jb+ExzT7kNmu9+ddSjyJqvHUn
+p6w+kOV5XFqpIc3IG79L2YHw6Z0KaSKt9AMPY2PA4UlCLgevl7RzPJ5G2lYUiY9
0Y5Fw9bXYeaKjy3T8N+ThIE+FD2usixsk3UCVX0yfv4Fq0aodYgrJ4gR99v1+NCi
QR0+ujq7bYvjV8+/eRBKiJyT+4GYu5x1x6A50Nu1F5xY
-----END CERTIFICATE-----
Generated at Thu Feb 13 16:38:22 2025 by rpki-client