Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/qtN5JDorwotYpcUYWZc-ptH61p4.roa
File: qtN5JDorwotYpcUYWZc-ptH61p4.roa (raw, json)
Hash identifier: fKxhmPTYMHuqQdNEmPm2wnJirNcSsOemwlg1fw0Aem0=
Subject key identifier: AA:D3:79:24:3A:2B:C2:8B:58:A5:C5:18:59:97:3E:A6:D1:FA:D6:9E
Certificate issuer: /CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Certificate serial: 019423D6A497260E3D260DCF07D8948662FD
Authority key identifier: 9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/qtN5JDorwotYpcUYWZc-ptH61p4.roa
Signing time: Wed 01 Jan 2025 21:47:36 +0000
ROA not before: Wed 01 Jan 2025 21:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44842
IP address blocks: 185.86.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a4:97:26:0e:3d:26:0d:cf:07:d8:94:86:62:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Validity
Not Before: Jan 1 21:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aad379243a2bc28b58a5c51859973ea6d1fad69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:5b:2e:24:a7:6a:74:53:54:c6:58:82:58:
4f:bf:c6:48:35:93:12:e7:34:d3:f0:09:24:3b:86:
a3:71:e3:9d:f5:a5:cd:ad:6e:e4:30:7b:94:a1:87:
85:e7:a4:87:07:2d:d6:03:34:a2:81:19:35:fd:9b:
2f:c7:23:c3:8d:42:11:3d:12:44:d8:bc:f2:e3:e5:
8d:4d:ec:45:2d:5c:5a:92:e7:d4:f6:a5:02:81:0a:
87:ee:cd:bc:53:29:65:4d:77:47:0c:2e:70:ba:26:
a5:01:e2:55:16:c0:68:f5:76:f3:38:78:34:1b:ec:
d6:9b:d4:d9:45:9e:6a:bd:e1:a9:59:08:5b:ed:51:
2b:f4:24:de:6d:34:a0:85:7f:6b:6a:b5:5a:40:41:
35:c1:55:15:ed:ea:b5:1f:24:f6:cb:bf:8b:36:84:
2c:25:0d:ae:9d:7a:1c:3c:84:15:30:bb:3c:ec:9c:
f8:49:c4:d9:59:c7:3e:30:90:3f:9e:5e:aa:7f:0e:
4c:85:00:00:0f:5d:79:97:95:06:33:77:0f:20:ee:
49:e2:6f:47:6e:81:88:64:a8:33:bd:9a:14:d2:28:
8d:4d:c1:d3:00:02:be:91:06:c0:ee:f7:75:52:86:
0d:9b:e1:ce:40:c5:77:9c:85:a8:e5:ec:82:15:a0:
3c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D3:79:24:3A:2B:C2:8B:58:A5:C5:18:59:97:3E:A6:D1:FA:D6:9E
X509v3 Authority Key Identifier:
keyid:9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/qtN5JDorwotYpcUYWZc-ptH61p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:3a:3f:47:18:64:40:6f:b4:ea:cc:57:bc:7c:28:7a:07:79:
c3:c9:d2:48:fb:d0:70:a1:57:ac:6a:c3:7b:e8:6d:86:b8:b9:
d4:a3:eb:1e:c1:2d:37:50:cb:68:b2:c0:0e:18:61:be:59:96:
ac:39:95:ae:ec:c9:36:a0:ff:14:71:f1:0e:b8:9c:9e:af:ec:
a7:3c:9d:07:16:97:41:58:b2:e5:e4:7e:ff:e4:2c:87:65:31:
96:6e:94:58:f0:d5:62:93:7c:84:b6:95:16:a6:a2:91:e2:dd:
ff:35:d9:34:c7:e4:ff:e4:6a:0a:11:45:0e:c2:22:33:e6:66:
73:b1:e8:36:66:c5:a5:d7:9f:da:fb:08:1f:d3:a0:d6:fe:c4:
7c:a4:66:7d:b6:94:7c:b0:69:3a:71:c0:99:47:79:55:f6:59:
3a:f9:a3:46:8b:27:f2:22:ca:5b:b6:14:be:81:bf:8c:72:53:
32:77:8f:a7:f9:23:bc:29:6c:49:13:70:3c:59:b0:b9:1b:c5:
87:76:e0:fd:11:88:14:67:de:8c:14:cd:a4:58:a8:e0:c9:84:
e6:ba:42:cc:c5:62:90:7f:d5:af:e3:d0:e1:72:4c:6c:64:c6:
0b:fb:4e:7b:0b:c3:2f:d2:ae:26:f5:ce:8b:27:ba:df:fe:2f:
78:9f:fe:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1qSXJg49Jg3PB9iUhmL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkN2JiMDA0MjAxZmQwNWI0OWQxMjIxZmNlNDc1OWVhNzBi
ZWM2ODQwHhcNMjUwMTAxMjE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQzNzkyNDNhMmJjMjhiNThhNWM1MTg1OTk3M2VhNmQxZmFkNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmpbLiSnanRTVMZYglhPv8ZINZMS
5zTT8AkkO4ajceOd9aXNrW7kMHuUoYeF56SHBy3WAzSigRk1/ZsvxyPDjUIRPRJE
2Lzy4+WNTexFLVxakufU9qUCgQqH7s28UyllTXdHDC5wuialAeJVFsBo9XbzOHg0
G+zWm9TZRZ5qveGpWQhb7VEr9CTebTSghX9rarVaQEE1wVUV7eq1HyT2y7+LNoQs
JQ2unXocPIQVMLs87Jz4ScTZWcc+MJA/nl6qfw5MhQAAD115l5UGM3cPIO5J4m9H
boGIZKgzvZoU0iiNTcHTAAK+kQbA7vd1UoYNm+HOQMV3nIWo5eyCFaA8/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrTeSQ6K8KLWKXFGFmXPqbR+taeMB8GA1UdIwQY
MBaAFJ17sAQgH9BbSdEiH85HWepwvsaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmIt
ZTliZWRlMDBjNmFmLzEvcXRONUpEb3J3b3RZcGNVWVdaYy1wdEg2MXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmItZTliZWRlMDBjNmFm
LzEvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVYwMA0G
CSqGSIb3DQEBCwUAA4IBAQBaOj9HGGRAb7TqzFe8fCh6B3nDydJI+9BwoVesasN7
6G2GuLnUo+sewS03UMtossAOGGG+WZasOZWu7Mk2oP8UcfEOuJyer+ynPJ0HFpdB
WLLl5H7/5CyHZTGWbpRY8NVik3yEtpUWpqKR4t3/Ndk0x+T/5GoKEUUOwiIz5mZz
seg2ZsWl15/a+wgf06DW/sR8pGZ9tpR8sGk6ccCZR3lV9lk6+aNGiyfyIspbthS+
gb+MclMyd4+n+SO8KWxJE3A8WbC5G8WHduD9EYgUZ96MFM2kWKjgyYTmukLMxWKQ
f9Wv49DhckxsZMYL+057C8Mv0q4m9c6LJ7rf/i94n/5v
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:35:34 2025 by rpki-client