Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/sqav3aLxOo9EBvGXAVp2M2JUjLk.roa
File: sqav3aLxOo9EBvGXAVp2M2JUjLk.roa (raw, json)
Hash identifier: VEx9zb2RSoqX9zcmLVzEThMXW7bJA3NuZWVb7RztklM=
Subject key identifier: B2:A6:AF:DD:A2:F1:3A:8F:44:06:F1:97:01:5A:76:33:62:54:8C:B9
Certificate issuer: /CN=58cbfe0834f8e66512f55bd78cc075b7ed56f409
Certificate serial: 0194228D14C945EE8BEFD482463B370DBCD4
Authority key identifier: 58:CB:FE:08:34:F8:E6:65:12:F5:5B:D7:8C:C0:75:B7:ED:56:F4:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WMv-CDT45mUS9VvXjMB1t-1W9Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/sqav3aLxOo9EBvGXAVp2M2JUjLk.roa
Signing time: Wed 01 Jan 2025 15:47:38 +0000
ROA not before: Wed 01 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4913
IP address blocks: 79.140.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/WMv-CDT45mUS9VvXjMB1t-1W9Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/WMv-CDT45mUS9VvXjMB1t-1W9Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/WMv-CDT45mUS9VvXjMB1t-1W9Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:14:c9:45:ee:8b:ef:d4:82:46:3b:37:0d:bc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58cbfe0834f8e66512f55bd78cc075b7ed56f409
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2a6afdda2f13a8f4406f197015a763362548cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:c0:4c:63:e3:44:a3:dd:29:96:dd:29:33:
a3:75:be:c1:5a:32:dd:56:d8:15:f2:e9:52:03:b5:
0d:d5:c9:44:b0:3e:2b:7f:91:ef:49:ff:8a:04:1b:
c4:be:9e:e6:b8:ab:03:c8:ca:35:e3:02:a0:5a:e3:
80:f1:a0:34:57:1b:63:cb:55:f4:83:a1:f9:a7:66:
86:f5:b6:91:d3:2a:19:b7:cb:05:6f:5e:3a:40:03:
11:97:d1:71:65:bb:b7:f2:9f:33:8e:26:7b:49:ab:
e0:ed:3a:b2:4f:5a:af:1e:75:0b:b9:a3:9e:86:ad:
a5:af:f1:c6:53:26:10:d0:77:49:3d:77:9b:3b:0c:
00:b0:28:90:bc:6d:2e:75:f2:de:69:8c:d4:e6:1f:
56:de:79:3f:6a:76:45:57:be:5e:b5:39:26:bc:c2:
56:45:04:79:33:73:f1:fc:21:32:f2:79:9f:d3:22:
68:57:32:92:56:4d:cb:00:48:b0:64:36:b6:76:3c:
e4:54:eb:a3:e2:b9:0e:83:75:53:5e:cd:ca:e1:81:
94:7a:95:26:fd:84:fb:0b:af:28:cf:0c:ac:d1:a5:
e7:87:31:f6:ea:1c:09:c4:30:74:fa:8f:3e:0d:b0:
07:b6:c6:fc:ea:41:0c:91:3f:34:3c:a6:ae:1f:f9:
19:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A6:AF:DD:A2:F1:3A:8F:44:06:F1:97:01:5A:76:33:62:54:8C:B9
X509v3 Authority Key Identifier:
keyid:58:CB:FE:08:34:F8:E6:65:12:F5:5B:D7:8C:C0:75:B7:ED:56:F4:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WMv-CDT45mUS9VvXjMB1t-1W9Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/sqav3aLxOo9EBvGXAVp2M2JUjLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/be863f-b33b-4334-bbd2-4094106786a9/1/WMv-CDT45mUS9VvXjMB1t-1W9Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.192.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:c4:0e:48:c4:44:0d:dd:7c:b0:42:08:9e:9f:20:60:9c:94:
7f:48:2b:33:53:27:8e:12:fc:e9:3c:77:db:cb:55:14:fd:01:
db:22:a6:b4:c1:34:4b:fa:9b:34:10:de:2d:67:98:bb:a8:a3:
32:1f:ab:03:a4:a2:e2:51:91:ee:1f:4f:5d:8c:26:ff:20:24:
cb:cd:9f:70:91:d8:e1:42:cc:42:5f:8d:2f:b5:c7:64:7f:ec:
5b:56:8d:cc:be:a4:22:66:25:78:1a:aa:56:14:35:05:0d:80:
61:f0:aa:5d:ed:c4:aa:bd:f0:90:40:e2:79:3c:87:07:ac:89:
2f:66:2b:ac:6a:51:d0:0b:ee:58:4e:4b:ba:87:5e:21:b9:38:
1a:4b:77:b6:65:10:10:dd:ca:c8:29:9e:fb:54:88:74:63:fb:
38:d7:3e:18:ae:75:22:74:ee:63:b9:1f:4f:94:2c:3d:ce:49:
fb:99:51:16:ec:6c:6c:23:e4:fc:1b:67:ab:a0:4e:8b:5c:80:
0c:a4:fc:85:70:ca:34:7d:45:99:2c:57:89:55:51:d5:43:a2:
91:d2:6d:ef:40:14:04:6b:db:c1:7b:fe:0c:82:96:70:a1:1a:
fb:87:02:47:d5:ae:f5:f8:d0:da:40:98:a8:29:67:20:be:64:
42:8f:e6:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijRTJRe6L79SCRjs3DbzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Y2JmZTA4MzRmOGU2NjUxMmY1NWJkNzhjYzA3NWI3ZWQ1
NmY0MDkwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE2YWZkZGEyZjEzYThmNDQwNmYxOTcwMTVhNzYzMzYyNTQ4Y2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMHATGPjRKPdKZbdKTOjdb7BWjLd
VtgV8ulSA7UN1clEsD4rf5HvSf+KBBvEvp7muKsDyMo14wKgWuOA8aA0Vxtjy1X0
g6H5p2aG9baR0yoZt8sFb146QAMRl9FxZbu38p8zjiZ7Savg7TqyT1qvHnULuaOe
hq2lr/HGUyYQ0HdJPXebOwwAsCiQvG0udfLeaYzU5h9W3nk/anZFV75etTkmvMJW
RQR5M3Px/CEy8nmf0yJoVzKSVk3LAEiwZDa2djzkVOuj4rkOg3VTXs3K4YGUepUm
/YT7C68ozwys0aXnhzH26hwJxDB0+o8+DbAHtsb86kEMkT80PKauH/kZ7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKmr92i8TqPRAbxlwFadjNiVIy5MB8GA1UdIwQY
MBaAFFjL/gg0+OZlEvVb14zAdbftVvQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV012LUNEVDQ1bVVTOVZ2WGpNQjF0LTFXOUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iZTg2M2YtYjMzYi00MzM0LWJiZDIt
NDA5NDEwNjc4NmE5LzEvc3FhdjNhTHhPbzlFQnZHWEFWcDJNMkpVakxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iZTg2M2YtYjMzYi00MzM0LWJiZDItNDA5NDEwNjc4NmE5
LzEvV012LUNEVDQ1bVVTOVZ2WGpNQjF0LTFXOUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQET4zAMA0G
CSqGSIb3DQEBCwUAA4IBAQBdxA5IxEQN3XywQgienyBgnJR/SCszUyeOEvzpPHfb
y1UU/QHbIqa0wTRL+ps0EN4tZ5i7qKMyH6sDpKLiUZHuH09djCb/ICTLzZ9wkdjh
QsxCX40vtcdkf+xbVo3MvqQiZiV4GqpWFDUFDYBh8Kpd7cSqvfCQQOJ5PIcHrIkv
ZiusalHQC+5YTku6h14huTgaS3e2ZRAQ3crIKZ77VIh0Y/s41z4YrnUidO5juR9P
lCw9zkn7mVEW7GxsI+T8G2eroE6LXIAMpPyFcMo0fUWZLFeJVVHVQ6KR0m3vQBQE
a9vBe/4MgpZwoRr7hwJH1a71+NDaQJioKWcgvmRCj+bh
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:43 2025 by rpki-client