Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/qWiRXpCL0NKtXzFBLcgeaF0mM4A.roa
File: qWiRXpCL0NKtXzFBLcgeaF0mM4A.roa (raw, json)
Hash identifier: V0gkUhFHDtKhWrN/3cVBozf0t4RmZJghnQqebhSHl+k=
Subject key identifier: A9:68:91:5E:90:8B:D0:D2:AD:5F:31:41:2D:C8:1E:68:5D:26:33:80
Certificate issuer: /CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Certificate serial: 0194274884AEA7F0A39457E51845E0F2F5ED
Authority key identifier: 19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/qWiRXpCL0NKtXzFBLcgeaF0mM4A.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20847
IP address blocks: 31.7.0.0/22 maxlen: 24
31.7.4.0/22 maxlen: 24
185.144.224.0/23 maxlen: 24
2a03:9700::/33 maxlen: 33
2a03:9700:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:84:ae:a7:f0:a3:94:57:e5:18:45:e0:f2:f5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a968915e908bd0d2ad5f31412dc81e685d263380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:15:d3:c5:2d:ff:9d:88:fd:e2:fc:a0:15:
61:2c:b7:a8:06:18:eb:d9:bc:35:ac:68:70:4b:e2:
03:c9:5c:ed:1e:76:2e:a1:79:e6:23:6b:a1:36:08:
43:5e:19:55:d0:23:fc:86:ba:09:d2:78:38:a9:c9:
4b:ca:c7:dc:7e:82:2b:00:5f:13:2d:c1:fb:62:1e:
9c:86:20:41:cd:a2:f9:ed:c1:b8:17:d2:9e:0e:72:
1d:3b:e2:12:1b:dc:04:98:b2:bc:46:22:36:ae:a5:
99:8f:31:14:fd:9b:90:38:32:9e:4e:84:e2:b4:e8:
45:a2:45:b1:12:8a:78:a5:21:be:15:ea:2a:86:c3:
02:35:39:91:08:65:de:08:49:20:ba:18:21:dd:c9:
ce:86:4d:24:25:fc:6f:fa:d8:0c:cd:a6:37:d6:12:
12:f0:c5:be:c6:1f:fa:bb:70:b2:88:5f:13:c9:f4:
f0:77:9d:be:0b:6b:51:b9:d7:f6:50:7a:9d:17:9a:
4d:da:bf:f9:96:a6:dd:cf:93:43:7b:12:9c:25:f4:
b6:95:56:4a:e8:f1:bc:6e:44:e7:06:25:a6:88:d4:
4a:cc:32:b1:1c:10:6a:19:1f:d9:cd:49:5c:fa:6f:
45:6b:7c:16:ef:3e:d3:40:45:af:66:e8:ea:bd:d5:
f5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:68:91:5E:90:8B:D0:D2:AD:5F:31:41:2D:C8:1E:68:5D:26:33:80
X509v3 Authority Key Identifier:
keyid:19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/qWiRXpCL0NKtXzFBLcgeaF0mM4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.0.0/21
185.144.224.0/23
IPv6:
2a03:9700::/32
Signature Algorithm: sha256WithRSAEncryption
83:fb:91:7d:6b:ba:e9:8b:49:b8:8e:4e:6b:45:66:e8:4d:2c:
fe:94:68:54:97:23:6d:f4:bf:55:26:ef:91:54:cf:64:7d:66:
8d:a6:cd:10:be:81:ef:36:1c:13:d3:2c:2f:fe:8c:19:61:41:
30:eb:f8:96:b9:63:4e:2a:68:b4:80:27:46:11:53:45:f8:b5:
b6:57:fa:17:86:13:89:9d:84:1d:c2:08:7c:36:2e:44:dc:c7:
3a:8c:4e:91:1d:8f:a0:a7:5a:5b:30:d9:81:09:22:f8:5a:ec:
d8:29:f9:e8:45:62:41:b7:d9:3f:52:dc:78:3b:54:6e:2f:d0:
4a:63:54:f8:aa:69:30:46:b9:65:54:d1:09:4a:78:9a:55:15:
3b:dc:34:3a:38:75:af:8c:d4:d5:8c:1d:fb:04:b8:2f:78:47:
2c:66:f6:05:1f:6c:d5:b1:8b:11:f0:39:b1:7c:a7:03:89:68:
c3:6e:8d:6d:09:ec:9c:a1:1c:de:92:62:80:53:9d:a8:bc:c4:
f2:15:d9:a4:46:37:63:87:48:bf:07:f2:17:1f:a5:6b:a8:ab:
3b:48:e2:12:61:3c:22:c3:fd:51:a6:49:cf:6c:81:da:37:c9:
12:92:80:d7:37:2e:d4:2e:d9:0d:bf:2b:a0:42:63:33:ad:4a:
51:f3:f2:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSISup/CjlFflGEXg8vXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MGVjN2FhYjIwZmM0YzgwMWM2Nzk2M2U1OWU0ZjkzNjAw
ZTQwMWQwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTY4OTE1ZTkwOGJkMGQyYWQ1ZjMxNDEyZGM4MWU2ODVkMjYzMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX0V08Ut/52I/eL8oBVhLLeoBhjr
2bw1rGhwS+IDyVztHnYuoXnmI2uhNghDXhlV0CP8hroJ0ng4qclLysfcfoIrAF8T
LcH7Yh6chiBBzaL57cG4F9KeDnIdO+ISG9wEmLK8RiI2rqWZjzEU/ZuQODKeToTi
tOhFokWxEop4pSG+FeoqhsMCNTmRCGXeCEkguhgh3cnOhk0kJfxv+tgMzaY31hIS
8MW+xh/6u3CyiF8TyfTwd52+C2tRudf2UHqdF5pN2r/5lqbdz5NDexKcJfS2lVZK
6PG8bkTnBiWmiNRKzDKxHBBqGR/ZzUlc+m9Fa3wW7z7TQEWvZujqvdX1gwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKlokV6Qi9DSrV8xQS3IHmhdJjOAMB8GA1UdIwQY
MBaAFBkOx6qyD8TIAcZ5Y+WeT5NgDkAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgt
ZGFiOWI0ODNjMTIzLzEvcVdpUlhwQ0wwTkt0WHpGQkxjZ2VhRjBtTTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgtZGFiOWI0ODNjMTIz
LzEvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcAAwQB
uZDgMA0EAgACMAcDBQAqA5cAMA0GCSqGSIb3DQEBCwUAA4IBAQCD+5F9a7rpi0m4
jk5rRWboTSz+lGhUlyNt9L9VJu+RVM9kfWaNps0QvoHvNhwT0ywv/owZYUEw6/iW
uWNOKmi0gCdGEVNF+LW2V/oXhhOJnYQdwgh8Ni5E3Mc6jE6RHY+gp1pbMNmBCSL4
WuzYKfnoRWJBt9k/Utx4O1RuL9BKY1T4qmkwRrllVNEJSniaVRU73DQ6OHWvjNTV
jB37BLgveEcsZvYFH2zVsYsR8DmxfKcDiWjDbo1tCeycoRzekmKAU52ovMTyFdmk
Rjdjh0i/B/IXH6VrqKs7SOISYTwiw/1RpknPbIHaN8kSkoDXNy7ULtkNvyugQmMz
rUpR8/IU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:14 2025 by rpki-client