Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/qgbAAtOcnU1uj0vsxF1XX4uS6aw.roa
File: qgbAAtOcnU1uj0vsxF1XX4uS6aw.roa (raw, json)
Hash identifier: sqwZAEeBQvSXLjPqcFlAmMMOVHBKwCNCWM9uKLuZCYE=
Subject key identifier: AA:06:C0:02:D3:9C:9D:4D:6E:8F:4B:EC:C4:5D:57:5F:8B:92:E9:AC
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 019427B5D3F3F1D43E8C05DCB6E10CD68068
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/qgbAAtOcnU1uj0vsxF1XX4uS6aw.roa
Signing time: Thu 02 Jan 2025 15:50:15 +0000
ROA not before: Thu 02 Jan 2025 15:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57264
IP address blocks: 45.159.36.0/22 maxlen: 22
45.159.36.0/24 maxlen: 24
45.159.37.0/24 maxlen: 24
45.159.38.0/24 maxlen: 24
45.159.39.0/24 maxlen: 24
2a0f:7080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.mft
rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d3:f3:f1:d4:3e:8c:05:dc:b6:e1:0c:d6:80:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 2 15:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa06c002d39c9d4d6e8f4becc45d575f8b92e9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:05:19:ad:20:bd:a2:27:f5:b6:31:0e:c1:7a:
8d:83:91:61:f6:ea:0c:e3:d8:04:a2:06:4b:0c:5a:
4f:a0:3d:d5:c9:2b:bb:f7:5b:f6:f9:82:03:83:04:
fe:30:d2:aa:4e:8a:5b:0b:62:e9:64:4a:eb:66:d7:
ba:d1:a9:ff:80:05:b2:29:ae:20:5e:cb:12:64:d6:
d9:80:6d:28:e2:d8:01:8c:9c:3f:eb:5b:1d:0c:58:
4d:cd:b8:e7:24:a2:c4:34:6e:fb:32:77:ac:16:e9:
08:fe:6c:25:a1:f1:92:3b:fc:1f:b9:0d:a2:ba:fd:
13:7c:95:de:d9:fb:88:7c:c1:35:78:dd:7f:fb:8d:
f5:29:7f:95:37:59:80:b5:c4:73:c5:4c:c7:49:68:
43:82:f0:2b:3b:f2:15:6d:16:4a:1b:0b:dc:f2:80:
d0:70:07:c9:fa:2a:af:56:96:17:2f:91:98:72:f2:
17:4c:86:78:e4:7e:ff:78:1b:bb:22:50:25:1b:96:
39:28:4d:6c:d9:95:7e:e2:f0:9a:13:78:49:a8:29:
88:33:89:4b:22:40:a8:4a:99:c4:cc:79:b7:57:e4:
d1:87:c2:73:3a:f1:28:06:dc:7b:e2:f9:45:25:83:
1d:ed:3d:6d:6d:08:d4:df:5d:92:97:20:4b:c5:c7:
bd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:06:C0:02:D3:9C:9D:4D:6E:8F:4B:EC:C4:5D:57:5F:8B:92:E9:AC
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/qgbAAtOcnU1uj0vsxF1XX4uS6aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.36.0/22
IPv6:
2a0f:7080::/29
Signature Algorithm: sha256WithRSAEncryption
43:da:91:41:7a:30:12:1a:25:ba:06:96:9d:ca:92:6a:fb:08:
5f:52:ae:20:e5:1b:95:46:ba:a9:9f:76:c8:32:16:19:17:52:
80:96:7a:1b:23:db:1a:b6:3a:d8:3b:0d:33:3c:d0:f1:a6:ff:
e0:08:9e:da:99:f8:56:24:51:9a:f3:ba:2e:68:5d:a8:a8:c6:
5c:9e:3d:c6:7d:e1:2a:bb:85:bc:20:01:5f:fb:a1:5f:b5:aa:
46:ca:e1:78:4b:ba:9f:5b:c3:16:b1:73:ef:79:79:f4:cd:58:
ce:8f:91:68:f2:c6:f0:c4:58:da:0a:25:83:d0:1f:5d:cb:b8:
78:7a:4d:37:30:fd:e8:dd:12:27:66:37:39:22:3a:c4:68:c1:
58:71:f6:07:e9:05:ee:6b:05:79:0c:87:c2:8a:7b:d4:59:60:
0d:6b:bc:74:37:46:48:3e:e7:b3:c1:39:16:45:9d:ab:58:87:
24:04:43:23:4f:77:d7:77:41:66:4d:f5:30:5b:6e:ee:8c:54:
09:dd:82:dd:0a:09:40:d6:93:39:c0:46:73:f4:52:24:56:0d:
0d:63:8b:b8:d5:d2:55:64:10:70:38:4a:9b:d2:c8:76:87:3b:
30:86:61:1c:14:42:7e:44:4d:ea:c5:64:34:90:ad:67:b5:5c:
18:b7:b2:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntdPz8dQ+jAXctuEM1oBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjUwMTAyMTU1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA2YzAwMmQzOWM5ZDRkNmU4ZjRiZWNjNDVkNTc1ZjhiOTJlOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAUZrSC9oif1tjEOwXqNg5Fh9uoM
49gEogZLDFpPoD3VySu791v2+YIDgwT+MNKqTopbC2LpZErrZte60an/gAWyKa4g
XssSZNbZgG0o4tgBjJw/61sdDFhNzbjnJKLENG77MnesFukI/mwlofGSO/wfuQ2i
uv0TfJXe2fuIfME1eN1/+431KX+VN1mAtcRzxUzHSWhDgvArO/IVbRZKGwvc8oDQ
cAfJ+iqvVpYXL5GYcvIXTIZ45H7/eBu7IlAlG5Y5KE1s2ZV+4vCaE3hJqCmIM4lL
IkCoSpnEzHm3V+TRh8JzOvEoBtx74vlFJYMd7T1tbQjU312SlyBLxce9zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKoGwALTnJ1Nbo9L7MRdV1+LkumsMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvcWdiQUF0T2NuVTF1ajB2c3hGMVhYNHVTNmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ8kMA0E
AgACMAcDBQMqD3CAMA0GCSqGSIb3DQEBCwUAA4IBAQBD2pFBejASGiW6BpadypJq
+whfUq4g5RuVRrqpn3bIMhYZF1KAlnobI9satjrYOw0zPNDxpv/gCJ7amfhWJFGa
87ouaF2oqMZcnj3GfeEqu4W8IAFf+6FftapGyuF4S7qfW8MWsXPveXn0zVjOj5Fo
8sbwxFjaCiWD0B9dy7h4ek03MP3o3RInZjc5IjrEaMFYcfYH6QXuawV5DIfCinvU
WWANa7x0N0ZIPuezwTkWRZ2rWIckBEMjT3fXd0FmTfUwW27ujFQJ3YLdCglA1pM5
wEZz9FIkVg0NY4u41dJVZBBwOEqb0sh2hzswhmEcFEJ+RE3qxWQ0kK1ntVwYt7JP
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:43 2025 by rpki-client