Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Q8hPg5UjvdR5qe3RUKGr181TIsc.roa
File: Q8hPg5UjvdR5qe3RUKGr181TIsc.roa (raw, json)
Hash identifier: HQ9muwIQ/VGCuDJxXs8tCzXWThyvXdcPzV4TeZjGo30=
Subject key identifier: 43:C8:4F:83:95:23:BD:D4:79:A9:ED:D1:50:A1:AB:D7:CD:53:22:C7
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 019421B18AA349A751BAFBF74936E24959EF
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Q8hPg5UjvdR5qe3RUKGr181TIsc.roa
Signing time: Wed 01 Jan 2025 11:47:51 +0000
ROA not before: Wed 01 Jan 2025 11:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 84.247.105.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8a:a3:49:a7:51:ba:fb:f7:49:36:e2:49:59:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 11:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43c84f839523bdd479a9edd150a1abd7cd5322c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4b:c2:00:e5:77:d2:2a:91:ee:af:89:61:fa:
58:89:ce:a0:0b:d5:61:46:bb:b6:09:72:d3:c0:3f:
d3:ea:21:60:14:e5:29:5b:90:8c:80:f1:f3:a7:86:
99:87:eb:4b:27:16:6c:c9:06:26:c2:b1:ae:71:a1:
dd:3b:55:aa:12:16:8b:78:7e:06:6d:c2:4a:80:5e:
1b:18:73:5f:7d:5d:9e:5e:7e:55:3f:c8:42:18:92:
e5:b6:83:f2:e6:d7:83:fa:84:2f:70:ab:51:c2:08:
5e:bf:7e:2d:59:06:74:16:a5:c3:ac:00:9d:26:ae:
31:9a:bb:87:84:09:8b:bb:16:4c:42:d4:c9:f7:75:
2e:f7:da:5d:aa:40:7f:64:b3:5c:30:c7:8d:1c:0e:
f7:a2:82:d8:d0:25:84:80:94:ed:cc:09:94:aa:f1:
a6:e5:32:38:e1:41:a9:24:d1:f6:34:e2:d4:2b:e0:
ec:b3:99:a2:a1:42:e9:e2:3c:75:ce:8c:a3:68:20:
fd:2c:4d:4e:21:97:65:ff:35:7c:09:93:72:58:e1:
a8:f5:91:30:01:df:64:ec:c2:58:7b:0e:52:54:44:
44:1b:24:8b:2d:76:47:fe:aa:7f:99:5d:6e:fe:42:
4b:8f:df:8b:f7:73:ff:63:ed:8d:20:1f:d6:69:aa:
53:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C8:4F:83:95:23:BD:D4:79:A9:ED:D1:50:A1:AB:D7:CD:53:22:C7
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Q8hPg5UjvdR5qe3RUKGr181TIsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.105.0/24
89.149.52.0/24
Signature Algorithm: sha256WithRSAEncryption
50:d0:5c:1a:ea:6e:c6:d5:bd:69:8f:af:5b:37:65:39:8d:21:
55:52:09:43:8f:25:f9:4a:64:7b:8f:7b:a8:70:03:50:c5:ef:
58:49:89:3f:7d:43:fb:0a:62:8a:67:28:d9:18:1f:12:65:3e:
e9:ed:5e:1d:5b:f0:b5:ae:ff:1c:ca:32:48:fe:44:fb:c5:2f:
cf:55:04:9b:5c:81:cc:06:f5:6f:7e:af:a7:0c:86:fe:34:3c:
72:c3:ec:07:16:b9:4d:ae:95:01:0e:5d:70:6e:3d:65:eb:70:
f4:df:88:23:de:20:d6:c5:d4:0c:61:2c:f9:ff:71:93:e1:c1:
fe:5b:af:81:f1:b6:b4:e3:83:4f:d8:bd:ab:c3:f1:e1:24:e7:
f8:89:51:a6:4f:08:66:68:fc:20:3b:c7:97:4e:f0:f3:b3:fb:
2c:cb:4c:27:02:cb:18:13:de:f3:cf:8f:be:ba:e6:90:2b:d6:
6d:41:7b:39:11:ea:5d:f9:47:f7:1e:90:28:d4:23:ff:23:8b:
bd:ae:2b:4e:dd:98:3d:9c:ca:3c:c0:23:ee:18:3b:b5:aa:ee:
b6:19:d4:cc:a3:25:35:c5:4c:74:e2:ea:b0:5d:63:16:8e:3e:
89:17:59:91:82:67:e2:e3:50:c5:9c:83:f5:ed:1f:c3:57:72:
28:d6:ee:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsYqjSadRuvv3STbiSVnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjUwMTAxMTE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2M4NGY4Mzk1MjNiZGQ0NzlhOWVkZDE1MGExYWJkN2NkNTMyMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEvCAOV30iqR7q+JYfpYic6gC9Vh
Rru2CXLTwD/T6iFgFOUpW5CMgPHzp4aZh+tLJxZsyQYmwrGucaHdO1WqEhaLeH4G
bcJKgF4bGHNffV2eXn5VP8hCGJLltoPy5teD+oQvcKtRwghev34tWQZ0FqXDrACd
Jq4xmruHhAmLuxZMQtTJ93Uu99pdqkB/ZLNcMMeNHA73ooLY0CWEgJTtzAmUqvGm
5TI44UGpJNH2NOLUK+Dss5mioULp4jx1zoyjaCD9LE1OIZdl/zV8CZNyWOGo9ZEw
Ad9k7MJYew5SVEREGySLLXZH/qp/mV1u/kJLj9+L93P/Y+2NIB/WaapTgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEPIT4OVI73Ueant0VChq9fNUyLHMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvUThoUGc1VWp2ZFI1cWUzUlVLR3IxODFUSXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPdpAwQA
WZU0MA0GCSqGSIb3DQEBCwUAA4IBAQBQ0Fwa6m7G1b1pj69bN2U5jSFVUglDjyX5
SmR7j3uocANQxe9YSYk/fUP7CmKKZyjZGB8SZT7p7V4dW/C1rv8cyjJI/kT7xS/P
VQSbXIHMBvVvfq+nDIb+NDxyw+wHFrlNrpUBDl1wbj1l63D034gj3iDWxdQMYSz5
/3GT4cH+W6+B8ba044NP2L2rw/HhJOf4iVGmTwhmaPwgO8eXTvDzs/ssy0wnAssY
E97zz4++uuaQK9ZtQXs5Eepd+Uf3HpAo1CP/I4u9ritO3Zg9nMo8wCPuGDu1qu62
GdTMoyU1xUx04uqwXWMWjj6JF1mRgmfi41DFnIP17R/DV3Io1u7B
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:57 2025 by rpki-client