Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/cWqhhGQ2nwF4u5SVS7GOVj8_H8Q.roa
File: cWqhhGQ2nwF4u5SVS7GOVj8_H8Q.roa (raw, json)
Hash identifier: tE3zP2hfr/4EiGnnKAeQTDpDnqcSls7BckOuw6iyYdQ=
Subject key identifier: 71:6A:A1:84:64:36:9F:01:78:BB:94:95:4B:B1:8E:56:3F:3F:1F:C4
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 01963EDA85620957CA959DBDF23ED1D93FD4
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/cWqhhGQ2nwF4u5SVS7GOVj8_H8Q.roa
Signing time: Wed 16 Apr 2025 13:47:10 +0000
ROA not before: Wed 16 Apr 2025 13:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216363
IP address blocks: 212.59.104.0/22 maxlen: 22
212.59.106.0/24 maxlen: 24
212.59.107.0/24 maxlen: 24
212.59.108.0/24 maxlen: 24
212.59.110.0/23 maxlen: 23
212.59.110.0/24 maxlen: 24
212.59.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:da:85:62:09:57:ca:95:9d:bd:f2:3e:d1:d9:3f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Apr 16 13:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=716aa18464369f0178bb94954bb18e563f3f1fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:30:2f:89:39:ab:67:fb:2b:82:04:d0:df:
75:d2:fa:0f:94:a1:92:09:9a:8b:84:03:39:0e:6a:
07:49:7e:7c:c1:b3:e7:11:47:ce:62:0b:41:3d:96:
f1:92:ee:7e:5b:74:4b:66:6c:65:36:52:97:c7:8c:
cd:f3:66:09:a4:85:70:93:ea:89:57:09:b4:13:b4:
51:ab:a8:0d:7f:d2:5d:e8:37:07:8c:d1:33:17:73:
60:7c:32:b3:fc:63:5f:80:0c:ca:38:0d:a4:64:6d:
d4:ea:ff:8a:69:5c:96:6a:fa:82:50:bf:12:ad:fe:
57:3f:cc:85:12:7f:37:46:86:4d:27:ad:d9:c3:6c:
51:46:13:e1:98:52:d2:e4:5e:f4:e3:75:03:98:62:
e1:f1:8f:4d:d1:2f:22:56:ed:6f:cf:d7:e5:ef:47:
85:6a:9a:c2:77:3e:db:d7:bc:32:2e:c8:49:11:45:
58:d3:59:89:4f:45:a3:42:cc:01:f7:a7:ee:af:71:
f4:d0:59:65:82:c9:73:39:4a:96:84:c5:43:b2:3e:
38:ac:b0:83:9d:8c:31:bd:d0:c0:a3:83:d0:bd:c5:
8c:77:88:46:f0:a6:0e:cb:60:6f:04:36:d7:d9:c6:
d4:66:5d:67:c1:58:8c:75:88:8c:be:1e:33:08:01:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6A:A1:84:64:36:9F:01:78:BB:94:95:4B:B1:8E:56:3F:3F:1F:C4
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/cWqhhGQ2nwF4u5SVS7GOVj8_H8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.59.104.0-212.59.108.255
212.59.110.0/23
Signature Algorithm: sha256WithRSAEncryption
18:c7:0b:31:3c:69:d3:37:63:40:9b:b7:da:3d:41:94:3e:42:
7c:44:60:98:64:c7:59:56:3c:07:c2:22:4b:79:9f:93:a3:52:
9d:43:0a:d9:30:08:7c:46:12:d2:11:db:37:e2:90:41:dd:31:
ca:b4:cc:a6:dd:6e:cc:81:f2:c5:0d:01:a5:c2:ac:79:08:2e:
5f:a3:c0:17:e6:d3:56:3b:f9:70:cd:e0:ac:52:6c:60:82:54:
71:b3:bc:e5:e0:5e:ca:04:82:0b:35:af:62:53:41:c2:ac:2b:
3a:4b:fc:eb:62:d4:69:21:76:c1:b3:8f:37:7e:80:b3:ed:0b:
f5:98:85:e3:77:96:bc:ab:05:3a:90:08:92:d6:7c:f3:54:dd:
f4:88:3a:ed:d6:e5:64:a1:8b:ee:06:21:1c:ad:1b:ab:ce:89:
34:77:d3:4b:fe:04:0f:12:b9:29:f3:9d:fe:17:d7:aa:8c:35:
1a:b8:68:9d:3a:44:fc:b3:80:8c:94:06:c5:b8:92:66:78:80:
1a:d1:e2:c9:63:f3:59:c2:84:d0:72:cb:d7:69:ca:b2:90:a9:
a9:20:a2:cb:06:7a:2e:87:c5:c5:d9:78:f5:56:3e:0e:3a:99:
09:ff:d3:bd:a9:07:05:5c:6f:d0:16:b0:c1:59:b3:22:69:43:
56:70:9c:27
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZY+2oViCVfKlZ298j7R2T/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjUwNDE2MTM0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZhYTE4NDY0MzY5ZjAxNzhiYjk0OTU0YmIxOGU1NjNmM2YxZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3MwL4k5q2f7K4IE0N910voPlKGS
CZqLhAM5DmoHSX58wbPnEUfOYgtBPZbxku5+W3RLZmxlNlKXx4zN82YJpIVwk+qJ
Vwm0E7RRq6gNf9Jd6DcHjNEzF3NgfDKz/GNfgAzKOA2kZG3U6v+KaVyWavqCUL8S
rf5XP8yFEn83RoZNJ63Zw2xRRhPhmFLS5F7043UDmGLh8Y9N0S8iVu1vz9fl70eF
aprCdz7b17wyLshJEUVY01mJT0WjQswB96fur3H00FllgslzOUqWhMVDsj44rLCD
nYwxvdDAo4PQvcWMd4hG8KYOy2BvBDbX2cbUZl1nwViMdYiMvh4zCAHLdwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHFqoYRkNp8BeLuUlUuxjlY/Px/EMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvY1dxaGhHUTJud0Y0dTVTVlM3R09WajhfSDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPUO2gD
BADUO2wDBAHUO24wDQYJKoZIhvcNAQELBQADggEBABjHCzE8adM3Y0Cbt9o9QZQ+
QnxEYJhkx1lWPAfCIkt5n5OjUp1DCtkwCHxGEtIR2zfikEHdMcq0zKbdbsyB8sUN
AaXCrHkILl+jwBfm01Y7+XDN4KxSbGCCVHGzvOXgXsoEggs1r2JTQcKsKzpL/Oti
1GkhdsGzjzd+gLPtC/WYheN3lryrBTqQCJLWfPNU3fSIOu3W5WShi+4GIRytG6vO
iTR300v+BA8SuSnznf4X16qMNRq4aJ06RPyzgIyUBsW4kmZ4gBrR4slj81nChNBy
y9dpyrKQqakgossGei6HxcXZePVWPg46mQn/072pBwVcb9AWsMFZsyJpQ1ZwnCc=
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:51:38 2025 by rpki-client