Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/quctJA6JvCwqA-qZHXeVYB1FfY8.roa
File: quctJA6JvCwqA-qZHXeVYB1FfY8.roa (raw, json)
Hash identifier: ktXd2zEikg+b61S+QwkN+l6BxFbDccaraJMDVmopSSI=
Subject key identifier: AA:E7:2D:24:0E:89:BC:2C:2A:03:EA:99:1D:77:95:60:1D:45:7D:8F
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 01942444A767B017C258158A619D00FC76D9
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/quctJA6JvCwqA-qZHXeVYB1FfY8.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209453
IP address blocks: 213.167.229.0/24 maxlen: 24
213.167.230.0/24 maxlen: 24
217.70.179.0/24 maxlen: 24
217.70.187.0/24 maxlen: 24
2001:4b98:aaaa::/48 maxlen: 48
2001:4b98:aaab::/48 maxlen: 48
2001:4b98:abcb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a7:67:b0:17:c2:58:15:8a:61:9d:00:fc:76:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aae72d240e89bc2c2a03ea991d7795601d457d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3e:73:ca:36:0e:93:d2:6e:f4:f3:3e:ad:0e:
73:fc:bc:dd:bd:42:fd:3a:42:7f:c8:b6:ab:13:5a:
bc:4c:58:69:17:3a:85:ad:2b:d5:aa:86:4f:3d:db:
88:bc:2e:28:2f:56:34:48:0b:72:b2:6e:f1:21:4e:
81:f7:ee:54:e1:50:e0:51:6f:bb:c3:f6:1f:68:0e:
9d:a8:4a:0b:72:82:6a:31:26:d9:db:95:58:91:80:
0b:eb:2b:9b:a6:63:a3:04:e7:4a:99:8f:7e:ea:1b:
13:1e:63:b0:bb:49:32:6d:ac:4c:91:e1:92:4b:94:
c0:ae:93:c1:51:d9:84:fb:ea:c6:78:c0:1e:6c:63:
b6:45:20:ef:86:63:e4:bc:fb:74:32:53:2f:f4:a8:
e3:e7:9f:1a:b8:f2:5a:92:b5:e1:0f:ff:0b:00:8b:
3a:0b:a2:06:8f:48:07:26:de:8d:c5:4e:ec:1d:14:
77:b1:fc:bc:bf:03:3b:7a:a0:49:cb:69:ed:3f:52:
60:c1:55:4a:d8:b1:13:f3:ac:44:bd:6b:25:5f:61:
13:ab:a7:82:87:2b:59:b1:7d:2a:a1:3e:f4:42:4b:
ee:83:1b:ac:c9:54:ca:35:b0:ba:d4:f1:94:cf:de:
9f:16:27:73:bf:8b:aa:c8:98:ac:8a:3d:17:0c:99:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E7:2D:24:0E:89:BC:2C:2A:03:EA:99:1D:77:95:60:1D:45:7D:8F
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/quctJA6JvCwqA-qZHXeVYB1FfY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.229.0-213.167.230.255
217.70.179.0/24
217.70.187.0/24
IPv6:
2001:4b98:aaaa::/47
2001:4b98:abcb::/48
Signature Algorithm: sha256WithRSAEncryption
4d:5d:30:a5:c9:e8:f4:2f:48:8f:3d:22:7c:80:aa:a0:7c:4c:
57:7f:42:31:4a:9e:82:74:70:15:dd:ff:2d:56:79:2d:32:dc:
91:21:b2:7b:52:f4:cc:b6:9e:07:a2:45:d7:94:66:80:8f:71:
6b:ac:1e:ee:57:fd:56:22:22:5c:35:96:b0:61:5a:cb:36:f3:
f2:ca:4b:30:36:16:72:e5:e6:8e:d9:db:51:7d:c9:5e:f2:05:
0c:d2:24:e1:50:52:29:87:99:a7:be:99:ca:73:a2:0b:d8:be:
38:42:e6:d0:5e:c7:2a:d5:36:77:e0:fe:ec:2d:ec:ab:e8:03:
1d:5b:54:a7:6f:3c:f2:2f:bc:f8:db:76:55:c8:2b:f9:af:33:
c3:a5:1c:c6:a0:6d:ba:34:9e:e3:ea:e1:6b:33:da:ec:ab:bd:
82:e8:6d:c0:fc:0a:b0:7d:6d:b3:08:15:19:37:d8:ce:54:89:
e1:a1:a5:0d:ae:f3:be:0f:dd:05:59:7d:b6:c0:82:a6:40:86:
58:e0:30:9a:26:21:5b:53:62:43:a0:1b:ec:87:d8:34:2d:86:
36:a7:76:8e:49:d9:f8:6d:4f:3c:47:a6:16:c0:99:51:09:a3:
fd:78:d2:ef:34:7e:fb:4b:e2:ca:4e:8b:71:40:54:d6:e1:54:
48:26:53:6c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQkRKdnsBfCWBWKYZ0A/HbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYTBlYzU5NTY0MzI0MjM3NDIwZDUwNmI5YjQ5OGQ3NTJl
ZTIxNjgwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU3MmQyNDBlODliYzJjMmEwM2VhOTkxZDc3OTU2MDFkNDU3ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz5zyjYOk9Ju9PM+rQ5z/LzdvUL9
OkJ/yLarE1q8TFhpFzqFrSvVqoZPPduIvC4oL1Y0SAtysm7xIU6B9+5U4VDgUW+7
w/YfaA6dqEoLcoJqMSbZ25VYkYAL6yubpmOjBOdKmY9+6hsTHmOwu0kybaxMkeGS
S5TArpPBUdmE++rGeMAebGO2RSDvhmPkvPt0MlMv9Kjj558auPJakrXhD/8LAIs6
C6IGj0gHJt6NxU7sHRR3sfy8vwM7eqBJy2ntP1JgwVVK2LET86xEvWslX2ETq6eC
hytZsX0qoT70QkvugxusyVTKNbC61PGUz96fFidzv4uqyJisij0XDJkCkQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKrnLSQOibwsKgPqmR13lWAdRX2PMB8GA1UdIwQY
MBaAFLyg7FlWQyQjdCDVBrm0mNdS7iFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMt
N2M1NDlmMWVkMTZjLzEvcXVjdEpBNkp2Q3dxQS1xWkhYZVZZQjFGZlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNDNiNTMtNGI5NC00MjQ0LWE4ZWMtN2M1NDlmMWVkMTZj
LzEvdktEc1dWWkRKQ04wSU5VR3ViU1kxMUx1SVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaMAwDBADVp+UD
BADVp+YDBADZRrMDBADZRrswGAQCAAIwEgMHASABS5iqqgMHACABS5iryzANBgkq
hkiG9w0BAQsFAAOCAQEATV0wpcno9C9Ijz0ifICqoHxMV39CMUqegnRwFd3/LVZ5
LTLckSGye1L0zLaeB6JF15RmgI9xa6we7lf9ViIiXDWWsGFayzbz8spLMDYWcuXm
jtnbUX3JXvIFDNIk4VBSKYeZp76ZynOiC9i+OELm0F7HKtU2d+D+7C3sq+gDHVtU
p2888i+8+Nt2Vcgr+a8zw6UcxqBtujSe4+rhazPa7Ku9guhtwPwKsH1tswgVGTfY
zlSJ4aGlDa7zvg/dBVl9tsCCpkCGWOAwmiYhW1NiQ6Ab7IfYNC2GNqd2jknZ+G1P
PEemFsCZUQmj/XjS7zR++0viyk6LcUBU1uFUSCZTbA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:11:08 2025 by rpki-client