Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/QPyAJIUON4G4tX46dieXV6CSDPw.roa
File: QPyAJIUON4G4tX46dieXV6CSDPw.roa (raw, json)
Hash identifier: mWn0PQCuoeDc/wLK7pLB85zcCXi6wOqEnTUyXmjEFZw=
Subject key identifier: 40:FC:80:24:85:0E:37:81:B8:B5:7E:3A:76:27:97:57:A0:92:0C:FC
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 0194E4534214FDFBD3126E22F063B7CEFA4C
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/QPyAJIUON4G4tX46dieXV6CSDPw.roa
Signing time: Sat 08 Feb 2025 06:50:49 +0000
ROA not before: Sat 08 Feb 2025 06:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 932
IP address blocks: 45.86.140.0/22 maxlen: 24
45.133.228.0/22 maxlen: 24
45.138.80.0/22 maxlen: 24
45.147.24.0/22 maxlen: 24
45.158.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e4:53:42:14:fd:fb:d3:12:6e:22:f0:63:b7:ce:fa:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Feb 8 06:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40fc8024850e3781b8b57e3a76279757a0920cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8b:c1:cd:78:88:9d:1a:80:14:fe:21:5f:fe:
04:30:43:ac:8b:d2:c4:65:70:38:2f:d6:ca:5c:a5:
47:f7:53:3e:16:7a:0f:86:86:90:e9:79:2a:64:82:
8f:1a:a7:bb:bc:a2:3a:95:81:ac:8b:b1:f9:2a:d0:
7b:19:2b:35:42:4a:e2:50:e0:06:1a:64:44:1a:a2:
e9:59:25:6c:9c:b1:95:83:8c:28:7b:de:f6:7a:41:
48:eb:48:25:9f:d0:f5:d2:a9:4f:85:38:52:88:55:
85:e5:56:f9:f6:e5:f4:fb:99:de:da:de:6e:ae:9b:
43:dd:da:96:7c:5c:af:d8:1b:3f:84:91:b9:9c:7e:
2b:29:20:0b:e2:db:0e:6f:e6:9e:39:48:5b:3a:b6:
fd:64:66:c7:e4:59:b1:44:e7:b5:4d:51:a8:cd:18:
5a:48:8c:3f:04:cb:3f:e5:32:84:d3:ed:b5:8b:43:
ad:e3:ff:46:1c:b9:84:ec:b8:fe:f7:11:d8:ce:b5:
da:ef:cb:11:f8:f8:d8:25:bd:57:5a:c1:97:5f:e3:
98:27:1a:83:3b:5c:09:59:37:10:86:90:46:52:24:
7d:a5:bd:ba:98:ab:62:d0:ac:62:f2:06:7b:9a:4d:
62:14:24:2f:fb:cc:9d:16:3f:ae:58:6b:50:21:9c:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FC:80:24:85:0E:37:81:B8:B5:7E:3A:76:27:97:57:A0:92:0C:FC
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/QPyAJIUON4G4tX46dieXV6CSDPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.140.0/22
45.133.228.0/22
45.138.80.0/22
45.147.24.0/22
45.158.228.0/22
Signature Algorithm: sha256WithRSAEncryption
31:81:31:de:c1:99:83:7a:07:22:94:35:54:3d:cb:1f:60:1a:
e8:cb:cf:ce:c0:af:dc:ab:c0:e5:1f:94:1d:80:b2:ca:d1:74:
33:87:5e:56:e8:9c:d3:f1:62:72:3e:cd:d8:fb:7e:7a:ab:76:
92:81:9c:bd:87:93:01:4c:bf:21:81:31:3a:eb:06:f1:ad:b7:
32:2b:31:85:d6:92:08:05:d9:0d:e7:d2:eb:f5:3f:92:67:8d:
fa:41:4e:22:8a:24:c9:fb:fd:bf:65:85:c2:30:76:6c:02:d4:
37:87:21:26:cf:5e:f2:ee:2a:b8:09:8d:2b:53:54:31:9f:e1:
93:a5:40:c8:01:f8:e9:d8:82:a4:93:0d:68:55:ed:ba:fb:ff:
9f:2a:b2:f8:49:01:d2:f4:ae:c6:59:ab:08:f6:b5:ae:78:27:
bb:80:00:85:d9:8f:66:01:01:c4:4b:91:9b:21:68:c7:41:8a:
e2:92:8e:19:57:c8:6a:55:50:e5:58:f1:ab:90:db:8e:28:aa:
f6:4b:48:8d:90:3a:70:7c:c7:ce:33:68:e7:a5:a5:d5:1d:3d:
86:0a:80:cd:8c:d7:5d:cd:e9:d4:ab:cd:fc:69:d6:2d:63:f9:
75:de:0d:98:c7:2e:ae:08:f5:fd:ed:a6:0c:5a:cd:83:1f:96:
8b:13:31:1a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZTkU0IU/fvTEm4i8GO3zvpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmZhMzdhMjQ4M2NmNTc5ZmE4NjI1MDExOWFjMDEzMzQ3
NWFhZDgwHhcNMjUwMjA4MDY1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZjODAyNDg1MGUzNzgxYjhiNTdlM2E3NjI3OTc1N2EwOTIwY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmovBzXiInRqAFP4hX/4EMEOsi9LE
ZXA4L9bKXKVH91M+FnoPhoaQ6XkqZIKPGqe7vKI6lYGsi7H5KtB7GSs1QkriUOAG
GmREGqLpWSVsnLGVg4woe972ekFI60gln9D10qlPhThSiFWF5Vb59uX0+5ne2t5u
rptD3dqWfFyv2Bs/hJG5nH4rKSAL4tsOb+aeOUhbOrb9ZGbH5FmxROe1TVGozRha
SIw/BMs/5TKE0+21i0Ot4/9GHLmE7Lj+9xHYzrXa78sR+PjYJb1XWsGXX+OYJxqD
O1wJWTcQhpBGUiR9pb26mKti0Kxi8gZ7mk1iFCQv+8ydFj+uWGtQIZyihwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFED8gCSFDjeBuLV+OnYnl1egkgz8MB8GA1UdIwQY
MBaAFL1vo3okg89Xn6hiUBGawBM0darYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYt
OGZmMTYxMWU4YmI0LzEvUVB5QUpJVU9ONEc0dFg0NmRpZVhWNkNTRFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYtOGZmMTYxMWU4YmI0
LzEvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVaMAwQC
LYXkAwQCLYpQAwQCLZMYAwQCLZ7kMA0GCSqGSIb3DQEBCwUAA4IBAQAxgTHewZmD
egcilDVUPcsfYBroy8/OwK/cq8DlH5QdgLLK0XQzh15W6JzT8WJyPs3Y+356q3aS
gZy9h5MBTL8hgTE66wbxrbcyKzGF1pIIBdkN59Lr9T+SZ436QU4iiiTJ+/2/ZYXC
MHZsAtQ3hyEmz17y7iq4CY0rU1Qxn+GTpUDIAfjp2IKkkw1oVe26+/+fKrL4SQHS
9K7GWasI9rWueCe7gACF2Y9mAQHES5GbIWjHQYriko4ZV8hqVVDlWPGrkNuOKKr2
S0iNkDpwfMfOM2jnpaXVHT2GCoDNjNddzenUq838adYtY/l13g2Yxy6uCPX97aYM
Ws2DH5aLEzEa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:16 2025 by rpki-client