Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/qflKZTF3zhSp7clCgQY6deaVcuQ.roa
File: qflKZTF3zhSp7clCgQY6deaVcuQ.roa (raw, json)
Hash identifier: YrrT0H2VFpPiuVpFBvUMkkYVOwRQGbWJWicWDvr4Ns0=
Subject key identifier: A9:F9:4A:65:31:77:CE:14:A9:ED:C9:42:81:06:3A:75:E6:95:72:E4
Certificate issuer: /CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa
Certificate serial: 0194266AE9B1376DCDB0B04C34A2AA63B0B3
Authority key identifier: D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/qflKZTF3zhSp7clCgQY6deaVcuQ.roa
Signing time: Thu 02 Jan 2025 09:48:48 +0000
ROA not before: Thu 02 Jan 2025 09:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25070
IP address blocks: 91.236.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:e9:b1:37:6d:cd:b0:b0:4c:34:a2:aa:63:b0:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa
Validity
Not Before: Jan 2 09:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9f94a653177ce14a9edc94281063a75e69572e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:29:4a:01:5e:3e:d4:a3:7b:4e:52:40:8e:
2f:a2:2b:cc:ff:24:50:f7:98:df:11:35:8e:83:d6:
a8:3b:f7:f8:ce:64:ed:cd:b9:26:dc:3b:d9:23:83:
60:bf:94:9c:5d:b8:29:39:88:e9:e1:d9:37:ed:d6:
b8:cc:4e:11:b8:18:46:7a:25:bb:13:94:2f:70:75:
83:cf:95:cc:cc:d5:aa:6e:fa:f7:3e:19:da:86:94:
f2:60:83:12:2c:a0:f8:51:2b:fe:8e:12:56:fa:85:
fc:0f:f6:14:87:33:dc:c9:47:66:2e:3a:1d:05:1c:
88:4c:83:bf:84:38:20:0f:59:e9:91:ef:7b:f4:d1:
a3:29:c2:3d:6a:ec:a9:91:b1:48:1b:85:16:98:be:
1a:ca:42:7f:69:e0:f7:64:79:a7:9c:d9:c4:a9:90:
9f:8d:54:76:df:76:51:dd:06:df:42:4e:27:86:54:
fb:9a:34:b0:df:0c:60:60:a3:18:a1:ec:77:45:6d:
85:0e:fe:84:fb:04:22:a7:fa:1c:0d:d7:97:2b:bc:
ca:87:bb:53:14:ad:b3:53:a4:df:2c:fa:98:63:a5:
f1:5b:87:3d:fd:93:a7:29:da:0e:08:e1:da:dd:81:
3c:01:74:36:e1:72:1e:88:3c:b6:93:e5:22:df:99:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F9:4A:65:31:77:CE:14:A9:ED:C9:42:81:06:3A:75:E6:95:72:E4
X509v3 Authority Key Identifier:
keyid:D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/qflKZTF3zhSp7clCgQY6deaVcuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.193.0/24
Signature Algorithm: sha256WithRSAEncryption
15:df:c3:80:6a:8e:18:64:74:91:85:de:5f:95:fa:c5:8e:80:
9e:76:26:26:c4:f3:95:c1:20:4d:fb:05:fd:6c:70:4e:7e:62:
04:48:ba:55:14:a5:28:a3:58:e9:26:c8:13:10:ac:5a:7a:d8:
d0:b5:0f:6b:ba:12:e8:39:8a:d2:86:8a:e6:eb:42:fc:7f:77:
d7:7b:17:3a:ec:49:db:ca:78:12:44:6f:dd:e3:3e:42:71:99:
5b:2d:b2:74:21:55:68:e6:dc:d2:7a:e4:3c:f2:1e:e0:f6:8b:
35:fc:9d:2d:1d:63:48:d9:52:c5:86:50:e0:5e:8f:06:a2:76:
11:6a:33:42:16:73:4b:ee:65:c0:ff:79:e3:26:d8:f5:a2:bf:
e8:f1:d7:4b:c5:30:43:89:18:1b:8d:b9:e1:71:3f:b0:c5:e1:
ae:9a:2e:dd:9b:5e:29:2e:f0:53:fc:b7:73:5a:10:8e:65:5c:
6a:0e:f2:dd:1a:c1:68:38:d3:92:47:aa:2f:09:0c:28:eb:30:
57:d7:b9:59:59:5e:f6:a1:66:a2:33:07:47:c0:76:01:de:a5:
31:b6:0f:30:54:2a:17:28:df:ae:7d:2b:e2:de:77:48:36:f1:
54:22:05:ff:e6:7f:d2:3d:55:94:70:d0:74:bb:03:e6:31:32:
2a:54:3a:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaumxN23NsLBMNKKqY7CzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MzY3ZmMyNGQwMDRmNzFkZDJhZWYwM2Y5Y2I0ZjJlM2Y5
MDg2YWEwHhcNMjUwMTAyMDk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY5NGE2NTMxNzdjZTE0YTllZGM5NDI4MTA2M2E3NWU2OTU3MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnopSgFePtSje05SQI4voivM/yRQ
95jfETWOg9aoO/f4zmTtzbkm3DvZI4Ngv5ScXbgpOYjp4dk37da4zE4RuBhGeiW7
E5QvcHWDz5XMzNWqbvr3PhnahpTyYIMSLKD4USv+jhJW+oX8D/YUhzPcyUdmLjod
BRyITIO/hDggD1npke979NGjKcI9auypkbFIG4UWmL4aykJ/aeD3ZHmnnNnEqZCf
jVR233ZR3QbfQk4nhlT7mjSw3wxgYKMYoex3RW2FDv6E+wQip/ocDdeXK7zKh7tT
FK2zU6TfLPqYY6XxW4c9/ZOnKdoOCOHa3YE8AXQ24XIeiDy2k+Ui35nXAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKn5SmUxd84Uqe3JQoEGOnXmlXLkMB8GA1UdIwQY
MBaAFNc2f8JNAE9x3SrvA/nLTy4/kIaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQt
YjljNzk0ZTAzY2JhLzEvcWZsS1pURjN6aFNwN2NsQ2dRWTZkZWFWY3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQtYjljNzk0ZTAzY2Jh
LzEvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+zBMA0G
CSqGSIb3DQEBCwUAA4IBAQAV38OAao4YZHSRhd5flfrFjoCediYmxPOVwSBN+wX9
bHBOfmIESLpVFKUoo1jpJsgTEKxaetjQtQ9ruhLoOYrShorm60L8f3fXexc67Enb
yngSRG/d4z5CcZlbLbJ0IVVo5tzSeuQ88h7g9os1/J0tHWNI2VLFhlDgXo8GonYR
ajNCFnNL7mXA/3njJtj1or/o8ddLxTBDiRgbjbnhcT+wxeGumi7dm14pLvBT/Ldz
WhCOZVxqDvLdGsFoONOSR6ovCQwo6zBX17lZWV72oWaiMwdHwHYB3qUxtg8wVCoX
KN+ufSvi3ndINvFUIgX/5n/SPVWUcNB0uwPmMTIqVDob
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:38:48 2025 by rpki-client