Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/QYQzorGK1cakLmK4R7aZ_z5BtRk.roa
File: QYQzorGK1cakLmK4R7aZ_z5BtRk.roa (raw, json)
Hash identifier: K/JfnEYnWlRvZUne2cydti381OQHnxSabuUVM9ge064=
Subject key identifier: 41:84:33:A2:B1:8A:D5:C6:A4:2E:62:B8:47:B6:99:FF:3E:41:B5:19
Certificate issuer: /CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Certificate serial: 019425FCCBBFAE853B0A982B38BB8CDBC46C
Authority key identifier: DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/QYQzorGK1cakLmK4R7aZ_z5BtRk.roa
Signing time: Thu 02 Jan 2025 07:48:31 +0000
ROA not before: Thu 02 Jan 2025 07:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8787
IP address blocks: 195.88.10.0/23 maxlen: 23
2001:67c:2090::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/3VXsF19u56H8H4mt91S7KghiV4o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/3VXsF19u56H8H4mt91S7KghiV4o.mft
rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:cb:bf:ae:85:3b:0a:98:2b:38:bb:8c:db:c4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Validity
Not Before: Jan 2 07:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=418433a2b18ad5c6a42e62b847b699ff3e41b519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f6:d7:01:45:a7:87:5f:8c:3c:c2:85:a2:c4:
c9:f5:83:cb:38:b7:ef:5c:5d:5b:39:08:70:7c:7f:
d3:fa:ea:5e:2b:cc:6d:2a:6d:b2:d0:7c:11:4f:8f:
a3:36:ab:d8:f5:10:d6:16:f0:b9:6a:b2:1d:9f:a0:
3a:c5:98:7b:4e:4d:bf:02:a2:f2:70:04:ef:d9:ae:
43:61:3d:72:96:c2:25:23:6d:8b:14:77:9b:e5:c0:
58:f1:78:b8:29:a1:7a:89:32:44:14:44:41:60:eb:
7e:4d:31:f7:71:52:71:f6:a9:fd:7e:72:a5:37:a2:
ce:34:4b:5b:58:11:ce:c9:d1:d7:77:23:aa:f3:c2:
25:3c:0d:eb:cd:5b:b6:7f:85:3f:d7:87:74:69:33:
f2:8b:cb:8b:28:f2:6a:ab:a5:11:b4:fc:87:8e:35:
9d:c0:40:ca:02:55:52:3f:2e:a0:f9:0e:62:d3:75:
f8:d4:19:39:3d:c6:fb:ef:c2:a1:af:de:c7:b8:ea:
30:68:31:fd:1a:88:a3:48:33:16:82:cf:9e:48:17:
9e:87:d1:af:46:68:af:d5:df:ec:74:da:70:69:79:
07:03:c9:5b:93:10:63:bb:c6:fd:00:72:ef:b5:f7:
0a:37:30:61:69:e3:f5:ac:84:0d:4d:88:eb:85:48:
0a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:84:33:A2:B1:8A:D5:C6:A4:2E:62:B8:47:B6:99:FF:3E:41:B5:19
X509v3 Authority Key Identifier:
keyid:DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/QYQzorGK1cakLmK4R7aZ_z5BtRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/3VXsF19u56H8H4mt91S7KghiV4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.10.0/23
IPv6:
2001:67c:2090::/48
Signature Algorithm: sha256WithRSAEncryption
69:b9:2c:e6:47:b9:a6:53:c7:cc:d0:2b:bb:f2:eb:d5:48:a1:
84:d6:da:9d:a7:08:1d:9b:81:a6:a0:0f:0d:09:87:8a:d0:d8:
48:99:b5:74:9f:97:3c:17:99:22:47:57:00:ee:c2:d2:42:b4:
00:89:1f:00:90:c3:86:e3:c7:c2:01:98:f7:e1:48:35:16:3c:
ef:a0:07:9e:4c:3a:8b:74:ab:4d:2b:22:16:bb:d7:93:fd:91:
bd:66:7d:e5:f9:e5:be:33:9b:8b:be:5f:7e:b8:95:9e:df:2b:
a5:5a:02:fb:30:ef:44:20:75:0c:4f:d5:19:b7:19:f0:3f:6b:
1a:da:d3:aa:41:3c:35:51:64:c0:fd:d3:90:18:01:92:a0:00:
54:d7:80:35:c8:a0:7e:30:c4:f4:09:18:9f:b9:12:60:9c:d6:
3c:1e:b4:49:e9:a2:8e:3e:62:fe:bc:f4:4d:83:0a:bc:09:4a:
e9:e6:0b:76:dd:67:3c:ce:53:aa:ed:66:08:2e:fe:62:a2:86:
02:d8:0c:f3:d0:0d:f7:d4:2f:0c:ad:07:1f:77:4b:e2:af:6d:
a6:3b:18:0e:2b:ea:14:8f:aa:8d:a9:ea:8c:71:55:53:70:f8:
d1:d2:d5:1c:78:f4:e0:e5:7e:fd:4d:13:96:4b:ac:f2:fc:e5:
f9:9f:d8:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/Mu/roU7CpgrOLuM28RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTVlYzE3NWY2ZWU3YTFmYzFmODlhZGY3NTRiYjJhMDg2
MjU3OGEwHhcNMjUwMTAyMDc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg0MzNhMmIxOGFkNWM2YTQyZTYyYjg0N2I2OTlmZjNlNDFiNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPbXAUWnh1+MPMKFosTJ9YPLOLfv
XF1bOQhwfH/T+upeK8xtKm2y0HwRT4+jNqvY9RDWFvC5arIdn6A6xZh7Tk2/AqLy
cATv2a5DYT1ylsIlI22LFHeb5cBY8Xi4KaF6iTJEFERBYOt+TTH3cVJx9qn9fnKl
N6LONEtbWBHOydHXdyOq88IlPA3rzVu2f4U/14d0aTPyi8uLKPJqq6URtPyHjjWd
wEDKAlVSPy6g+Q5i03X41Bk5Pcb778Khr97HuOowaDH9GoijSDMWgs+eSBeeh9Gv
Rmiv1d/sdNpwaXkHA8lbkxBju8b9AHLvtfcKNzBhaeP1rIQNTYjrhUgK0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGEM6KxitXGpC5iuEe2mf8+QbUZMB8GA1UdIwQY
MBaAFN1V7Bdfbueh/B+JrfdUuyoIYleKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZYc0YxOXU1Nkg4SDRtdDkxUzdLZ2hpVjRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80MGQ0MDctMWVhYy00MzgxLThmYTYt
NDZjMmNjMjgwMmYxLzEvUVlRem9yR0sxY2FrTG1LNFI3YVpfejVCdFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80MGQ0MDctMWVhYy00MzgxLThmYTYtNDZjMmNjMjgwMmYx
LzEvM1ZYc0YxOXU1Nkg4SDRtdDkxUzdLZ2hpVjRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw1gKMA8E
AgACMAkDBwAgAQZ8IJAwDQYJKoZIhvcNAQELBQADggEBAGm5LOZHuaZTx8zQK7vy
69VIoYTW2p2nCB2bgaagDw0Jh4rQ2EiZtXSflzwXmSJHVwDuwtJCtACJHwCQw4bj
x8IBmPfhSDUWPO+gB55MOot0q00rIha715P9kb1mfeX55b4zm4u+X364lZ7fK6Va
Avsw70QgdQxP1Rm3GfA/axra06pBPDVRZMD905AYAZKgAFTXgDXIoH4wxPQJGJ+5
EmCc1jwetEnpoo4+Yv689E2DCrwJSunmC3bdZzzOU6rtZggu/mKihgLYDPPQDffU
LwytBx93S+KvbaY7GA4r6hSPqo2p6oxxVVNw+NHS1Rx49ODlfv1NE5ZLrPL85fmf
2Bg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:36 2025 by rpki-client