Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/qVO6LhE7z2bZkoKlkX0beS7hTAc.roa
File: qVO6LhE7z2bZkoKlkX0beS7hTAc.roa (raw, json)
Hash identifier: XTXUYf4gL001nX+kLZ++ZcjMPFy332S2u/yOlN4Emdo=
Subject key identifier: A9:53:BA:2E:11:3B:CF:66:D9:92:82:A5:91:7D:1B:79:2E:E1:4C:07
Certificate issuer: /CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Certificate serial: 0194221FFDFF383D1CD39F9D5B18055D2699
Authority key identifier: B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/qVO6LhE7z2bZkoKlkX0beS7hTAc.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.66.212.0/22 maxlen: 22
45.158.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fd:ff:38:3d:1c:d3:9f:9d:5b:18:05:5d:26:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209308540c4df9b9bb7d6327fa7b5d49008068c
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a953ba2e113bcf66d99282a5917d1b792ee14c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:96:67:25:de:b4:0a:05:c5:55:71:a5:fd:7e:
5a:a2:c2:18:f9:8f:db:9c:88:f0:f8:d5:0c:86:de:
8e:5a:d0:3f:26:ef:0f:1d:53:92:e7:70:db:93:de:
7f:57:17:b8:d1:d7:d0:f3:c9:be:c8:d0:c1:b5:70:
12:ba:75:0d:92:a3:40:02:08:08:c5:b0:63:f0:fe:
bf:28:18:29:15:b0:d1:8c:d4:a5:07:1b:6c:a2:96:
da:3d:30:fc:2a:c8:93:4e:f3:24:40:e0:e8:9f:3b:
9f:e1:09:db:92:62:26:91:ba:94:88:a9:1a:9b:0c:
4f:52:78:a2:20:18:c6:b7:74:13:76:3f:33:a8:33:
d0:0f:54:c7:5e:4d:64:27:47:c0:38:d8:5e:cc:94:
23:c3:0e:6e:ec:59:4a:74:14:c0:d3:5c:ec:01:4f:
6d:c8:98:19:45:ea:70:52:a6:7b:aa:7e:98:65:10:
fc:3c:4a:47:77:c5:ae:8f:37:d9:95:3f:42:b7:60:
b3:08:97:68:33:cf:b9:cc:8d:1c:30:1c:7c:bb:2d:
69:a4:5d:46:16:ed:d1:30:32:71:ec:a6:34:49:57:
8e:0c:c2:49:de:3f:0d:1d:fe:e5:3d:34:fd:02:f9:
79:f0:f2:c8:02:a9:90:59:be:4f:28:28:ac:38:27:
2a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:BA:2E:11:3B:CF:66:D9:92:82:A5:91:7D:1B:79:2E:E1:4C:07
X509v3 Authority Key Identifier:
keyid:B2:09:30:85:40:C4:DF:9B:9B:B7:D6:32:7F:A7:B5:D4:90:08:06:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgkwhUDE35ubt9Yyf6e11JAIBow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/qVO6LhE7z2bZkoKlkX0beS7hTAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/880eb2-fa65-47ca-8a00-6480c3d1f4e4/1/sgkwhUDE35ubt9Yyf6e11JAIBow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.212.0/22
45.158.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:25:bb:38:0b:b1:a7:2a:71:80:1a:20:53:fc:bd:5f:9b:d0:
47:d3:7e:93:39:14:af:bb:35:2b:52:47:d1:fe:2d:cc:fe:3b:
34:7f:79:ab:39:79:35:dd:46:e0:9d:8c:ce:b6:ed:37:3c:e7:
50:b6:26:3c:aa:57:c4:e7:47:b3:ef:b6:63:33:47:cd:f5:4b:
ee:a0:f6:6b:90:e9:4f:34:7a:29:ff:18:23:dc:72:af:6e:02:
1d:18:8d:62:d6:74:2c:18:50:29:b2:5b:ad:b2:06:4c:fb:26:
b1:2d:4a:ac:62:d4:4f:4d:f3:cc:b0:24:c3:75:88:f3:90:ec:
51:ab:35:75:d1:a1:12:56:de:70:7e:e1:29:ee:4e:bb:e7:dc:
e8:52:2a:6d:de:60:73:8f:bd:c5:b7:af:f2:4f:f7:41:33:71:
45:f8:a5:21:46:8c:0b:9f:bc:58:a4:ce:98:2e:88:3f:30:0c:
d8:cf:fe:07:cc:2a:59:a5:70:c6:d3:f4:24:1c:c8:69:30:37:
af:aa:da:22:fd:c5:37:b6:e3:12:7e:76:0a:98:f6:47:74:32:
12:fd:b5:a0:36:d4:0d:46:b9:e4:8e:61:ce:d0:32:cb:1e:d3:
4c:45:8b:5e:05:a7:2d:9a:fa:6e:38:35:a0:ea:a4:d4:56:94:
2e:17:34:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH/3/OD0c05+dWxgFXSaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDkzMDg1NDBjNGRmOWI5YmI3ZDYzMjdmYTdiNWQ0OTAw
ODA2OGMwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUzYmEyZTExM2JjZjY2ZDk5MjgyYTU5MTdkMWI3OTJlZTE0YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ZnJd60CgXFVXGl/X5aosIY+Y/b
nIjw+NUMht6OWtA/Ju8PHVOS53Dbk95/Vxe40dfQ88m+yNDBtXASunUNkqNAAggI
xbBj8P6/KBgpFbDRjNSlBxtsopbaPTD8KsiTTvMkQODonzuf4QnbkmImkbqUiKka
mwxPUniiIBjGt3QTdj8zqDPQD1THXk1kJ0fAONhezJQjww5u7FlKdBTA01zsAU9t
yJgZRepwUqZ7qn6YZRD8PEpHd8WujzfZlT9Ct2CzCJdoM8+5zI0cMBx8uy1ppF1G
Fu3RMDJx7KY0SVeODMJJ3j8NHf7lPTT9Avl58PLIAqmQWb5PKCisOCcqNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKlTui4RO89m2ZKCpZF9G3ku4UwHMB8GA1UdIwQY
MBaAFLIJMIVAxN+bm7fWMn+ntdSQCAaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAt
NjQ4MGMzZDFmNGU0LzEvcVZPNkxoRTd6MmJaa29LbGtYMGJlUzdoVEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84ODBlYjItZmE2NS00N2NhLThhMDAtNjQ4MGMzZDFmNGU0
LzEvc2drd2hVREUzNXVidDlZeWY2ZTExSkFJQm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLULUAwQC
LZ7YMA0GCSqGSIb3DQEBCwUAA4IBAQBdJbs4C7GnKnGAGiBT/L1fm9BH036TORSv
uzUrUkfR/i3M/js0f3mrOXk13UbgnYzOtu03POdQtiY8qlfE50ez77ZjM0fN9Uvu
oPZrkOlPNHop/xgj3HKvbgIdGI1i1nQsGFApslutsgZM+yaxLUqsYtRPTfPMsCTD
dYjzkOxRqzV10aESVt5wfuEp7k6759zoUipt3mBzj73Ft6/yT/dBM3FF+KUhRowL
n7xYpM6YLog/MAzYz/4HzCpZpXDG0/QkHMhpMDevqtoi/cU3tuMSfnYKmPZHdDIS
/bWgNtQNRrnkjmHO0DLLHtNMRYteBactmvpuODWg6qTUVpQuFzS6
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:30 2025 by rpki-client