Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/tQhpXUNnvGff6XvuqvOKpCTzYwY.roa
File: tQhpXUNnvGff6XvuqvOKpCTzYwY.roa (raw, json)
Hash identifier: Hc4QZ0VrOY7vtGnelWFhq1jyckc5D//hAbmROwzCFcg=
Subject key identifier: B5:08:69:5D:43:67:BC:67:DF:E9:7B:EE:AA:F3:8A:A4:24:F3:63:06
Certificate issuer: /CN=6810aa89239242dacc9d03e3af22d4e87a783414
Certificate serial: 01941FFA965EAEBF60A181138059A4FB05DC
Authority key identifier: 68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/tQhpXUNnvGff6XvuqvOKpCTzYwY.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49722
IP address blocks: 212.48.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:96:5e:ae:bf:60:a1:81:13:80:59:a4:fb:05:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6810aa89239242dacc9d03e3af22d4e87a783414
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b508695d4367bc67dfe97beeaaf38aa424f36306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:fd:87:97:5a:a2:81:bc:c7:63:e1:44:34:
3b:f3:10:35:d7:2e:99:13:20:f3:e6:5f:dc:0f:88:
d2:a5:d8:a9:7f:e6:ec:82:3d:60:09:75:64:e8:74:
4a:ae:25:70:b1:79:3b:86:1e:d8:98:c4:ee:b5:66:
f0:26:43:ad:31:8a:81:3e:f1:10:c0:97:e9:2d:74:
4b:3b:a0:b6:a9:fc:06:8c:80:e4:82:0e:26:d2:f1:
3c:fb:c6:e8:8d:ef:c6:5a:61:eb:1b:a6:32:57:24:
c7:e5:38:ec:6a:cc:2f:99:02:a6:dc:03:7c:5c:49:
33:23:e5:98:30:fa:de:bd:20:d4:76:14:c6:1b:3c:
b9:2b:41:6f:0b:25:80:56:53:81:5e:48:4c:31:2c:
f2:e1:b3:ad:81:b4:2b:9c:aa:e7:8d:d6:88:15:7c:
72:fe:ec:7a:4f:2d:42:13:28:bf:43:47:e5:ad:54:
b3:1a:0d:d4:6f:46:16:3c:fd:19:b2:40:1e:cc:24:
12:86:2c:9b:8d:7a:50:ca:f8:26:81:2c:1c:7c:39:
dd:8b:01:58:c4:2a:b5:37:b9:bd:ca:2e:b9:6f:96:
d1:35:d6:fa:80:d4:93:69:1f:e0:24:e3:c9:4a:15:
a7:57:36:be:c6:86:1d:50:18:5e:68:d4:f7:b9:3c:
83:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:08:69:5D:43:67:BC:67:DF:E9:7B:EE:AA:F3:8A:A4:24:F3:63:06
X509v3 Authority Key Identifier:
keyid:68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/tQhpXUNnvGff6XvuqvOKpCTzYwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.48.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:49:67:22:8d:a2:65:98:cf:c2:fd:47:44:58:18:70:0d:a4:
50:f0:3f:f6:6f:ee:6c:95:7e:5a:b9:0f:4f:31:0d:f5:57:0e:
f2:28:ee:45:96:89:21:a9:3a:38:52:c5:3c:21:2b:ae:c0:c2:
4e:24:5a:a4:df:75:3c:fd:d5:30:14:55:8a:da:3b:74:74:8d:
83:c5:ba:97:fa:58:e0:fa:e5:b0:3e:7e:84:4a:2f:39:1d:76:
9a:68:fa:68:f0:52:68:c5:b8:0a:af:22:ff:e7:0f:b3:dd:e7:
56:05:b1:ef:98:7b:1f:7b:c7:8e:92:db:65:a8:5d:d9:84:48:
7b:f5:f6:70:a8:30:f0:a7:c6:19:da:8c:34:21:7d:86:11:2c:
9b:f9:dd:73:9e:90:a8:25:3e:38:70:73:be:41:00:ec:23:17:
cb:5e:ef:9b:bf:1d:51:62:d6:3a:82:db:ea:f5:9c:fc:07:9e:
43:7b:6c:78:72:12:b6:37:fe:55:27:06:e2:40:c9:af:0a:4d:
7c:ea:b0:0f:6e:dc:bb:ff:b1:3e:df:a7:74:b1:d6:c2:10:51:
86:f1:ea:8c:3a:61:88:b4:1f:d2:19:0f:3d:59:ad:7b:a6:9a:
cb:17:a6:b5:ab:03:4d:07:23:d7:df:6a:40:e1:11:42:d6:e9:
9a:65:7c:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pZerr9goYETgFmk+wXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTBhYTg5MjM5MjQyZGFjYzlkMDNlM2FmMjJkNGU4N2E3
ODM0MTQwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA4Njk1ZDQzNjdiYzY3ZGZlOTdiZWVhYWYzOGFhNDI0ZjM2MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZT9h5daooG8x2PhRDQ78xA11y6Z
EyDz5l/cD4jSpdipf+bsgj1gCXVk6HRKriVwsXk7hh7YmMTutWbwJkOtMYqBPvEQ
wJfpLXRLO6C2qfwGjIDkgg4m0vE8+8boje/GWmHrG6YyVyTH5TjsaswvmQKm3AN8
XEkzI+WYMPrevSDUdhTGGzy5K0FvCyWAVlOBXkhMMSzy4bOtgbQrnKrnjdaIFXxy
/ux6Ty1CEyi/Q0flrVSzGg3Ub0YWPP0ZskAezCQShiybjXpQyvgmgSwcfDndiwFY
xCq1N7m9yi65b5bRNdb6gNSTaR/gJOPJShWnVza+xoYdUBheaNT3uTyDmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUIaV1DZ7xn3+l77qrziqQk82MGMB8GA1UdIwQY
MBaAFGgQqokjkkLazJ0D468i1Oh6eDQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEt
MWY2ODk5MzViOTBmLzEvdFFocFhVTm52R2ZmNlh2dXF2T0twQ1R6WXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEtMWY2ODk5MzViOTBm
LzEvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DDmMA0G
CSqGSIb3DQEBCwUAA4IBAQBvSWcijaJlmM/C/UdEWBhwDaRQ8D/2b+5slX5auQ9P
MQ31Vw7yKO5FlokhqTo4UsU8ISuuwMJOJFqk33U8/dUwFFWK2jt0dI2DxbqX+ljg
+uWwPn6ESi85HXaaaPpo8FJoxbgKryL/5w+z3edWBbHvmHsfe8eOkttlqF3ZhEh7
9fZwqDDwp8YZ2ow0IX2GESyb+d1znpCoJT44cHO+QQDsIxfLXu+bvx1RYtY6gtvq
9Zz8B55De2x4chK2N/5VJwbiQMmvCk186rAPbty7/7E+36d0sdbCEFGG8eqMOmGI
tB/SGQ89Wa17pprLF6a1qwNNByPX32pA4RFC1umaZXz7
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:32:42 2025 by rpki-client