Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmWdDJ_EcpUnghWqputNkGme6LQ.roa
File: qmWdDJ_EcpUnghWqputNkGme6LQ.roa (raw, json)
Hash identifier: SOiiE+tNt46ZZSkzpyZoV7SBOUfYOjwZ6733YhTqbzo=
Subject key identifier: AA:65:9D:0C:9F:C4:72:95:27:82:15:AA:A6:EB:4D:90:69:9E:E8:B4
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B398AC989E4B28E5BA38E70BCB4A05
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmWdDJ_EcpUnghWqputNkGme6LQ.roa
Signing time: Thu 02 Jan 2025 15:47:48 +0000
ROA not before: Thu 02 Jan 2025 15:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39351
IP address blocks: 45.92.231.0/24 maxlen: 24
45.130.118.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
194.34.172.0/24 maxlen: 24
2a07:e340::/32 maxlen: 32
2a07:e341::/32 maxlen: 32
2a07:e344::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:98:ac:98:9e:4b:28:e5:ba:38:e7:0b:cb:4a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa659d0c9fc47295278215aaa6eb4d90699ee8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:36:c7:24:99:3d:52:50:28:06:3b:8e:df:82:
4b:36:fe:ed:1e:52:35:7c:46:8c:5d:d5:1e:f7:fa:
a5:70:37:8d:f2:41:fb:51:2d:bc:90:f8:71:f4:55:
6d:1c:6c:f4:b3:f3:7a:00:3e:54:2f:1b:70:a3:65:
f5:20:c1:ef:0e:1f:6a:cb:1f:1d:60:52:72:c0:10:
7e:10:f7:df:60:fe:43:3f:ab:fb:9b:94:72:eb:15:
58:2f:f7:44:18:86:4a:21:24:dc:00:ad:ac:f5:d6:
c5:16:1e:82:22:ad:5d:b6:5e:79:1e:7d:8f:3b:fb:
7a:7c:b2:64:3d:2b:1c:8c:44:dc:70:9f:ce:46:54:
d7:2d:cc:0a:0d:90:84:be:fc:71:c8:21:21:93:5d:
34:06:33:c4:e3:37:95:b6:54:e3:de:ac:2b:b9:7b:
97:1c:10:75:f6:d7:59:a2:bd:cc:d0:cd:99:4b:a1:
c9:c6:52:b0:3b:1a:70:44:6f:b8:19:a1:9e:c5:a3:
8b:b5:a6:85:fe:ac:a3:d8:ea:ee:65:e6:0b:97:7b:
f3:9b:aa:e7:52:8d:24:77:c9:da:1a:3b:a4:59:04:
07:f6:c9:0d:53:02:3a:7e:92:17:66:31:a2:74:e9:
0e:d8:21:80:22:38:11:9a:7f:e8:58:0f:70:6d:1d:
23:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:65:9D:0C:9F:C4:72:95:27:82:15:AA:A6:EB:4D:90:69:9E:E8:B4
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qmWdDJ_EcpUnghWqputNkGme6LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.231.0/24
45.130.118.0/24
45.132.193.0/24
45.149.104.0/24
194.34.172.0/24
IPv6:
2a07:e340::/31
2a07:e344::/32
Signature Algorithm: sha256WithRSAEncryption
63:a3:dc:9d:8e:23:fe:68:12:86:9c:37:70:d4:0e:8d:ac:ef:
c5:63:01:f2:57:c4:32:5e:8a:5e:b4:fa:f7:8a:83:2b:7e:69:
e6:60:29:15:39:df:67:8c:24:53:ac:2a:4b:99:93:1f:85:3a:
f1:52:b0:d4:ae:80:30:93:16:d6:fe:59:8f:5c:c8:6c:6b:55:
84:ab:25:0f:15:95:13:44:cf:c4:f3:f9:fb:7d:30:74:d5:1b:
67:a3:c3:b3:ff:0f:80:ee:58:ee:71:9d:5b:83:0a:dc:aa:03:
c0:55:69:7a:7b:c2:24:35:7d:c5:c1:dc:86:ed:24:c7:f0:97:
ed:d8:ac:49:5f:9d:80:6a:d7:8d:c2:78:60:d1:3f:de:b6:36:
18:28:55:3a:dd:86:aa:af:5d:81:5e:82:80:1d:5f:74:17:76:
a4:37:6c:47:ef:ff:d8:db:f4:3d:a9:9d:e1:a6:ce:f9:70:22:
20:b4:8a:b6:4a:b2:31:70:85:85:e3:10:e2:2c:e7:89:f3:25:
62:a1:74:be:13:7e:b4:28:ea:bf:60:a4:b2:1b:c8:07:6a:ad:
b4:2e:87:4e:37:56:22:01:ba:2a:10:10:88:41:06:31:66:1e:
0f:e9:62:b1:4c:d2:10:8c:6a:66:a6:9c:0a:cf:5f:e8:2d:7c:
8e:29:aa:99
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQns5ismJ5LKOW6OOcLy0oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY1OWQwYzlmYzQ3Mjk1Mjc4MjE1YWFhNmViNGQ5MDY5OWVlOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zbHJJk9UlAoBjuO34JLNv7tHlI1
fEaMXdUe9/qlcDeN8kH7US28kPhx9FVtHGz0s/N6AD5ULxtwo2X1IMHvDh9qyx8d
YFJywBB+EPffYP5DP6v7m5Ry6xVYL/dEGIZKISTcAK2s9dbFFh6CIq1dtl55Hn2P
O/t6fLJkPSscjETccJ/ORlTXLcwKDZCEvvxxyCEhk100BjPE4zeVtlTj3qwruXuX
HBB19tdZor3M0M2ZS6HJxlKwOxpwRG+4GaGexaOLtaaF/qyj2OruZeYLl3vzm6rn
Uo0kd8naGjukWQQH9skNUwI6fpIXZjGidOkO2CGAIjgRmn/oWA9wbR0jPQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKplnQyfxHKVJ4IVqqbrTZBpnui0MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcW1XZERKX0VjcFVuZ2hXcXB1dE5rR21lNkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQALVznAwQA
LYJ2AwQALYTBAwQALZVoAwQAwiKsMBQEAgACMA4DBQEqB+NAAwUAKgfjRDANBgkq
hkiG9w0BAQsFAAOCAQEAY6PcnY4j/mgShpw3cNQOjazvxWMB8lfEMl6KXrT694qD
K35p5mApFTnfZ4wkU6wqS5mTH4U68VKw1K6AMJMW1v5Zj1zIbGtVhKslDxWVE0TP
xPP5+30wdNUbZ6PDs/8PgO5Y7nGdW4MK3KoDwFVpenvCJDV9xcHchu0kx/CX7dis
SV+dgGrXjcJ4YNE/3rY2GChVOt2Gqq9dgV6CgB1fdBd2pDdsR+//2Nv0Pamd4abO
+XAiILSKtkqyMXCFheMQ4iznifMlYqF0vhN+tCjqv2CkshvIB2qttC6HTjdWIgG6
KhAQiEEGMWYeD+lisUzSEIxqZqacCs9f6C18jimqmQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:34 2025 by rpki-client