Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/QZ0qtYVoe9eTyxZ80lBv-di1FfE.roa
File: QZ0qtYVoe9eTyxZ80lBv-di1FfE.roa (raw, json)
Hash identifier: 25XKDnhztQCemAlFiOHm1I7VVswm+flqcSO7FBEPKO4=
Subject key identifier: 41:9D:2A:B5:85:68:7B:D7:93:CB:16:7C:D2:50:6F:F9:D8:B5:15:F1
Certificate issuer: /CN=484855e70193968635ac4492ad702a8248e033e8
Certificate serial: 01942747B9E694D0ED4C9A80D418A53B61EF
Authority key identifier: 48:48:55:E7:01:93:96:86:35:AC:44:92:AD:70:2A:82:48:E0:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SEhV5wGTloY1rESSrXAqgkjgM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/QZ0qtYVoe9eTyxZ80lBv-di1FfE.roa
Signing time: Thu 02 Jan 2025 13:49:59 +0000
ROA not before: Thu 02 Jan 2025 13:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44527
IP address blocks: 93.92.104.0/21 maxlen: 21
93.92.104.0/22 maxlen: 22
93.92.104.0/24 maxlen: 24
93.92.105.0/24 maxlen: 24
93.92.106.0/24 maxlen: 24
93.92.107.0/24 maxlen: 24
93.92.108.0/24 maxlen: 24
93.92.109.0/24 maxlen: 24
93.92.110.0/24 maxlen: 24
93.92.111.0/24 maxlen: 24
185.62.220.0/22 maxlen: 22
185.62.220.0/24 maxlen: 24
185.62.221.0/24 maxlen: 24
185.62.222.0/24 maxlen: 24
185.62.223.0/24 maxlen: 24
2a04:8040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/SEhV5wGTloY1rESSrXAqgkjgM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/SEhV5wGTloY1rESSrXAqgkjgM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/SEhV5wGTloY1rESSrXAqgkjgM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b9:e6:94:d0:ed:4c:9a:80:d4:18:a5:3b:61:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=484855e70193968635ac4492ad702a8248e033e8
Validity
Not Before: Jan 2 13:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=419d2ab585687bd793cb167cd2506ff9d8b515f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a8:26:a7:09:57:2f:77:bb:50:48:09:cb:58:
2d:51:b9:5e:b4:bc:e3:17:14:f7:62:a0:e5:f8:2f:
78:7d:78:c6:02:d0:4f:f9:36:59:e5:75:cb:71:86:
b0:22:1f:ac:02:14:bb:c0:51:8f:30:aa:44:8f:17:
22:93:6a:f4:b4:72:1d:93:e3:40:67:af:81:86:4d:
ca:7a:ab:dc:c1:a1:62:23:25:39:ef:ae:52:0b:dc:
24:d5:21:50:c9:1f:9a:77:42:83:1f:fc:9b:71:42:
72:66:db:f1:bf:8d:7e:20:a3:f5:36:39:35:0d:c6:
a3:ce:ef:a1:f4:0e:2e:dc:a1:33:f2:3f:56:54:9b:
93:39:b8:8e:2f:56:6f:f4:88:93:2a:62:f5:4d:2a:
05:b0:f1:1e:cf:d2:f7:15:db:b1:b8:62:55:a2:5c:
00:8f:60:59:56:ec:fe:f9:d9:05:fe:64:bf:09:73:
60:19:d7:c5:79:4b:40:fe:a6:cc:66:78:6e:79:ea:
c9:b7:64:d4:15:a8:ba:90:f0:25:8e:75:96:41:71:
96:64:94:2d:7c:31:fa:0f:6f:19:30:2d:86:0d:0f:
71:08:aa:ef:d9:37:1e:9e:a2:9a:18:fb:de:85:7b:
40:18:f4:59:58:ae:6d:fc:33:9d:f4:de:b1:18:ed:
b6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9D:2A:B5:85:68:7B:D7:93:CB:16:7C:D2:50:6F:F9:D8:B5:15:F1
X509v3 Authority Key Identifier:
keyid:48:48:55:E7:01:93:96:86:35:AC:44:92:AD:70:2A:82:48:E0:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SEhV5wGTloY1rESSrXAqgkjgM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/QZ0qtYVoe9eTyxZ80lBv-di1FfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a76234-67d3-4831-a8c2-e2c3d32034c4/1/SEhV5wGTloY1rESSrXAqgkjgM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.92.104.0/21
185.62.220.0/22
IPv6:
2a04:8040::/29
Signature Algorithm: sha256WithRSAEncryption
23:15:8d:ad:41:1b:90:1b:e9:8e:8e:94:ac:5e:d7:ee:9c:dc:
96:1a:2a:94:3f:c0:91:16:f2:4a:07:ba:7e:3e:96:c4:d7:2b:
b7:b8:73:fe:43:b1:92:9b:ab:42:17:cf:c1:ad:58:8c:b7:31:
74:33:ab:3e:6d:54:23:98:81:65:05:b0:02:78:1c:68:23:9f:
0d:76:62:39:0d:8c:0b:5a:b8:96:90:dc:cf:44:22:4f:6d:b7:
36:b7:d8:d9:7e:dc:26:2e:b2:d7:99:95:db:69:5d:f3:36:d8:
39:3a:82:f4:0d:7f:b1:8b:28:2d:72:fe:e0:e8:5c:98:87:7e:
eb:37:42:47:c0:60:75:c5:51:1a:24:63:fa:e6:d1:72:3e:c1:
03:ee:07:60:a1:c3:1d:cc:28:50:f1:50:cb:e3:42:87:52:9a:
50:93:86:44:cf:7d:27:8b:6e:b1:0d:66:99:a4:d0:f3:c4:b9:
05:39:e6:f1:5d:6b:be:f7:85:61:1a:e5:fc:83:90:f6:bd:b4:
e3:7f:63:c8:7a:4e:b0:df:64:4f:a6:fc:40:50:ec:cd:73:78:
a2:a3:0c:cd:c8:f4:1f:b6:57:a5:10:ff:f3:42:6c:6f:65:8e:
fd:fd:e0:31:15:f3:e4:4d:c5:1f:7c:95:78:fd:b6:54:dc:54:
e6:7a:8d:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnR7nmlNDtTJqA1BilO2HvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NDg1NWU3MDE5Mzk2ODYzNWFjNDQ5MmFkNzAyYTgyNDhl
MDMzZTgwHhcNMjUwMTAyMTM0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlkMmFiNTg1Njg3YmQ3OTNjYjE2N2NkMjUwNmZmOWQ4YjUxNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4agmpwlXL3e7UEgJy1gtUbletLzj
FxT3YqDl+C94fXjGAtBP+TZZ5XXLcYawIh+sAhS7wFGPMKpEjxcik2r0tHIdk+NA
Z6+Bhk3KeqvcwaFiIyU5765SC9wk1SFQyR+ad0KDH/ybcUJyZtvxv41+IKP1Njk1
Dcajzu+h9A4u3KEz8j9WVJuTObiOL1Zv9IiTKmL1TSoFsPEez9L3FduxuGJVolwA
j2BZVuz++dkF/mS/CXNgGdfFeUtA/qbMZnhueerJt2TUFai6kPAljnWWQXGWZJQt
fDH6D28ZMC2GDQ9xCKrv2TcenqKaGPvehXtAGPRZWK5t/DOd9N6xGO22TwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEGdKrWFaHvXk8sWfNJQb/nYtRXxMB8GA1UdIwQY
MBaAFEhIVecBk5aGNaxEkq1wKoJI4DPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0VoVjV3R1Rsb1kxckVTU3JYQXFna2pnTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9hNzYyMzQtNjdkMy00ODMxLWE4YzIt
ZTJjM2QzMjAzNGM0LzEvUVowcXRZVm9lOWVUeXhaODBsQnYtZGkxRmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9hNzYyMzQtNjdkMy00ODMxLWE4YzItZTJjM2QzMjAzNGM0
LzEvU0VoVjV3R1Rsb1kxckVTU3JYQXFna2pnTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXVxoAwQC
uT7cMA0EAgACMAcDBQMqBIBAMA0GCSqGSIb3DQEBCwUAA4IBAQAjFY2tQRuQG+mO
jpSsXtfunNyWGiqUP8CRFvJKB7p+PpbE1yu3uHP+Q7GSm6tCF8/BrViMtzF0M6s+
bVQjmIFlBbACeBxoI58NdmI5DYwLWriWkNzPRCJPbbc2t9jZftwmLrLXmZXbaV3z
Ntg5OoL0DX+xiygtcv7g6FyYh37rN0JHwGB1xVEaJGP65tFyPsED7gdgocMdzChQ
8VDL40KHUppQk4ZEz30ni26xDWaZpNDzxLkFOebxXWu+94VhGuX8g5D2vbTjf2PI
ek6w32RPpvxAUOzNc3iiowzNyPQftlelEP/zQmxvZY79/eAxFfPkTcUffJV4/bZU
3FTmeo0C
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:20:16 2025 by rpki-client