Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/QMiTm2-yiJDC2oOCB78-T7uhy68.roa
File: QMiTm2-yiJDC2oOCB78-T7uhy68.roa (raw, json)
Hash identifier: ulPDJeSyn/J0aOHbAtmPLp6M9W5etSSNT8E799B3xEE=
Subject key identifier: 40:C8:93:9B:6F:B2:88:90:C2:DA:83:82:07:BF:3E:4F:BB:A1:CB:AF
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F7EFB38A94A807291FCE492C4CEC2
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/QMiTm2-yiJDC2oOCB78-T7uhy68.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210348
IP address blocks: 2a01:e901:10c::/48 maxlen: 48
2a01:e901:11c::/48 maxlen: 48
2a01:e901:12c::/48 maxlen: 48
2a01:e901:13c::/48 maxlen: 48
2a01:e901:14c::/48 maxlen: 48
2a01:e901:15c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7e:fb:38:a9:4a:80:72:91:fc:e4:92:c4:ce:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40c8939b6fb28890c2da838207bf3e4fbba1cbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1d:bc:bc:44:a8:bd:15:4b:40:6a:35:30:1b:
13:8c:dd:95:74:a1:9d:1b:7b:b1:a1:3c:f1:f2:3d:
40:e5:c5:28:0e:6a:81:a5:f1:b4:e9:c3:94:d8:d5:
c2:fd:66:9d:c6:2c:13:6c:21:81:ac:36:fb:40:d5:
5d:d5:1c:fb:8e:2f:5b:fe:84:f3:53:e3:69:d7:25:
ac:4a:36:f6:3c:be:37:1d:59:55:6c:49:84:ce:73:
9d:fa:a4:13:c0:d1:ad:fc:af:38:42:38:4e:c7:32:
27:37:ff:0a:36:29:d5:11:9d:60:4b:5f:e9:00:05:
dc:ed:6d:62:ff:44:25:65:f4:d2:6e:1a:ec:10:7e:
7e:16:4a:55:25:d6:17:54:21:40:6a:ba:27:a6:13:
14:68:59:b8:0f:6b:49:e5:e5:63:5d:26:22:db:c0:
6e:12:c2:64:6d:e9:95:1d:d7:91:b1:49:f1:a9:3d:
53:8d:3f:6d:d1:be:5b:d0:99:07:76:c4:75:ac:f3:
78:35:f0:22:e0:c3:ed:4e:7a:6e:84:fc:e6:e1:db:
91:02:7a:9e:24:b5:2a:2b:e7:a9:0f:52:74:95:f4:
3d:6c:85:4f:ee:5f:8b:b4:31:e8:54:98:09:2d:af:
7f:09:01:a2:0c:4c:7a:1c:53:78:16:42:9a:9a:7c:
f3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C8:93:9B:6F:B2:88:90:C2:DA:83:82:07:BF:3E:4F:BB:A1:CB:AF
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/QMiTm2-yiJDC2oOCB78-T7uhy68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10c::/48
2a01:e901:11c::/48
2a01:e901:12c::/48
2a01:e901:13c::/48
2a01:e901:14c::/48
2a01:e901:15c::/48
Signature Algorithm: sha256WithRSAEncryption
3c:04:a2:57:f2:d2:79:da:a2:fd:92:e5:f4:f1:5a:87:ee:bf:
7a:01:c6:e8:89:bd:1f:42:26:ca:80:d1:79:43:51:6a:44:31:
30:69:fb:4f:f0:02:9a:5a:e3:bc:34:5c:1f:99:25:68:e5:b8:
b3:ca:fa:a1:cd:84:84:72:35:22:71:c7:19:63:25:ee:87:b3:
9e:29:0c:fa:f7:22:f6:b9:00:ce:93:9c:04:52:fd:4f:24:c1:
1f:4d:36:8c:c2:38:fb:ad:76:fb:45:32:f0:4e:28:5f:41:5d:
3b:83:55:09:b7:ee:16:7c:f1:05:9d:c0:97:a2:4d:8a:ef:b0:
c1:cb:40:67:6f:bd:18:78:12:b2:68:3f:1d:2e:77:97:81:47:
42:49:fd:78:e7:a8:8d:70:7c:21:d5:de:eb:43:3a:ee:b2:f2:
1d:f4:a5:70:85:5e:5c:3e:d8:a4:1e:42:d8:45:01:1e:52:39:
9c:dd:4a:24:9c:c5:99:0c:a9:c4:bd:03:4e:b0:58:9e:8b:2c:
14:b2:b9:4b:a7:b8:37:b5:bf:7c:cb:b3:ae:45:0d:2b:f2:10:
82:1c:54:40:b4:63:43:27:e7:77:e0:05:87:4a:e1:1a:b7:52:
73:7f:e2:6d:d2:0a:1e:de:24:36:15:2c:0c:13:de:df:ed:f0:
33:9f:5f:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiH377OKlKgHKR/OSSxM7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM4OTM5YjZmYjI4ODkwYzJkYTgzODIwN2JmM2U0ZmJiYTFjYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h28vESovRVLQGo1MBsTjN2VdKGd
G3uxoTzx8j1A5cUoDmqBpfG06cOU2NXC/WadxiwTbCGBrDb7QNVd1Rz7ji9b/oTz
U+Np1yWsSjb2PL43HVlVbEmEznOd+qQTwNGt/K84QjhOxzInN/8KNinVEZ1gS1/p
AAXc7W1i/0QlZfTSbhrsEH5+FkpVJdYXVCFAaronphMUaFm4D2tJ5eVjXSYi28Bu
EsJkbemVHdeRsUnxqT1TjT9t0b5b0JkHdsR1rPN4NfAi4MPtTnpuhPzm4duRAnqe
JLUqK+epD1J0lfQ9bIVP7l+LtDHoVJgJLa9/CQGiDEx6HFN4FkKamnzzqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEDIk5tvsoiQwtqDgge/Pk+7ocuvMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvUU1pVG0yLXlpSkRDMm9PQ0I3OC1UN3VoeTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEM
AwcAKgHpAQEcAwcAKgHpAQEsAwcAKgHpAQE8AwcAKgHpAQFMAwcAKgHpAQFcMA0G
CSqGSIb3DQEBCwUAA4IBAQA8BKJX8tJ52qL9kuX08VqH7r96Acboib0fQibKgNF5
Q1FqRDEwaftP8AKaWuO8NFwfmSVo5bizyvqhzYSEcjUicccZYyXuh7OeKQz69yL2
uQDOk5wEUv1PJMEfTTaMwjj7rXb7RTLwTihfQV07g1UJt+4WfPEFncCXok2K77DB
y0Bnb70YeBKyaD8dLneXgUdCSf1456iNcHwh1d7rQzrusvId9KVwhV5cPtikHkLY
RQEeUjmc3UoknMWZDKnEvQNOsFieiywUsrlLp7g3tb98y7OuRQ0r8hCCHFRAtGND
J+d34AWHSuEat1Jzf+Jt0goe3iQ2FSwME97f7fAzn18B
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:33:44 2025 by rpki-client