Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zQSqcApOIlR6_yHJBYuZ2ciPt3Q.roa
File: zQSqcApOIlR6_yHJBYuZ2ciPt3Q.roa (raw, json)
Hash identifier: 5DPAi2kks5u9Bus3Asxn5EjHBrdWHv0pv/j5caKoCFM=
Subject key identifier: CD:04:AA:70:0A:4E:22:54:7A:FF:21:C9:05:8B:99:D9:C8:8F:B7:74
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 0194258E5E3B742F259CB6CDBDBA6FB5A4A0
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zQSqcApOIlR6_yHJBYuZ2ciPt3Q.roa
Signing time: Thu 02 Jan 2025 05:47:54 +0000
ROA not before: Thu 02 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29141
IP address blocks: 37.247.112.0/24 maxlen: 24
37.247.113.0/24 maxlen: 24
37.247.114.0/24 maxlen: 24
37.247.115.0/24 maxlen: 24
37.247.118.0/24 maxlen: 24
2a03:402::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 11:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:5e:3b:74:2f:25:9c:b6:cd:bd:ba:6f:b5:a4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jan 2 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd04aa700a4e22547aff21c9058b99d9c88fb774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:70:72:77:04:95:9f:e9:e9:7f:6c:25:94:86:
02:d6:63:26:4c:5e:9b:c6:12:7c:c7:f3:9a:0e:81:
48:03:1e:26:75:c3:00:ad:43:8a:34:46:a8:af:5c:
ca:30:38:92:c8:ba:4d:da:cd:58:9d:04:82:2d:e5:
fb:26:a3:2a:56:ae:10:14:7a:d8:2a:4f:68:89:a4:
6b:b3:46:b0:e3:96:e5:05:f9:a8:d0:cd:5c:95:c7:
63:12:bc:f5:8a:3f:d3:c4:3c:c1:70:e6:59:65:72:
8a:bf:3c:43:be:f2:f8:3c:ec:68:91:73:f9:5c:53:
2a:4d:a8:7c:bf:e0:1f:d0:04:df:a2:03:8a:7f:30:
02:9b:b3:86:f2:00:85:af:35:1d:b8:d0:73:13:59:
aa:df:74:14:df:ef:b1:9e:41:6e:99:e2:10:7d:cc:
09:aa:1c:fe:94:fe:63:16:09:a2:71:40:ee:8a:b1:
7c:52:ba:08:22:c7:61:02:16:83:a4:03:0d:e4:4a:
6b:f5:c5:a2:fe:24:cb:6c:3b:13:ea:e2:64:8b:40:
ff:40:01:8a:67:db:47:67:35:55:5f:61:8a:c9:80:
00:b9:d6:ec:0f:97:ee:09:f1:00:4f:d0:92:8f:16:
06:59:f0:65:1e:33:2a:70:5e:17:e8:e2:df:8c:b9:
ea:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:04:AA:70:0A:4E:22:54:7A:FF:21:C9:05:8B:99:D9:C8:8F:B7:74
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zQSqcApOIlR6_yHJBYuZ2ciPt3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.112.0/22
37.247.118.0/24
IPv6:
2a03:402::/32
Signature Algorithm: sha256WithRSAEncryption
69:fd:92:c9:ce:45:fb:e2:88:fc:90:2b:22:d5:0d:59:1a:81:
ed:a2:8c:cc:f2:89:07:84:63:ee:60:f5:24:71:49:ac:95:d8:
e1:94:f5:c9:28:79:9d:12:92:93:5f:cf:82:bd:ac:91:8f:96:
65:e0:e9:56:a1:a4:c2:84:1f:9e:4d:96:a7:2f:97:a0:8b:43:
42:6f:a9:85:89:18:e9:ec:a6:5f:e7:47:f2:ba:29:ce:a9:1d:
73:10:28:d1:9e:fb:ff:c6:2d:1d:fc:e2:e2:56:94:a5:b4:72:
a4:41:21:92:ff:64:31:c9:bf:90:e5:65:1b:7a:56:9f:39:ad:
29:98:85:94:95:8f:ea:8e:24:4f:0d:26:81:bd:fe:66:ce:8d:
b0:a8:ef:8f:c7:3b:67:f8:ea:c7:1b:a1:80:7a:ff:b4:36:43:
e5:76:6e:78:dd:ed:38:ec:c3:f2:68:98:c6:8d:29:12:10:cf:
20:19:11:c8:a9:47:2c:f4:d6:d6:81:fd:cc:87:ba:d7:fd:00:
65:84:40:1e:33:ae:23:8a:54:a6:8d:c0:56:b9:13:47:bc:50:
60:70:c2:5d:59:6b:9b:cf:0a:ff:b7:a4:5c:d8:84:e2:fd:39:
1e:89:57:b1:96:9e:f5:d6:c3:9e:32:4b:5d:6e:0f:0e:c4:01:
53:76:51:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljl47dC8lnLbNvbpvtaSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjUwMTAyMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA0YWE3MDBhNGUyMjU0N2FmZjIxYzkwNThiOTlkOWM4OGZiNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HBydwSVn+npf2wllIYC1mMmTF6b
xhJ8x/OaDoFIAx4mdcMArUOKNEaor1zKMDiSyLpN2s1YnQSCLeX7JqMqVq4QFHrY
Kk9oiaRrs0aw45blBfmo0M1clcdjErz1ij/TxDzBcOZZZXKKvzxDvvL4POxokXP5
XFMqTah8v+Af0ATfogOKfzACm7OG8gCFrzUduNBzE1mq33QU3++xnkFumeIQfcwJ
qhz+lP5jFgmicUDuirF8UroIIsdhAhaDpAMN5Epr9cWi/iTLbDsT6uJki0D/QAGK
Z9tHZzVVX2GKyYAAudbsD5fuCfEAT9CSjxYGWfBlHjMqcF4X6OLfjLnqQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM0EqnAKTiJUev8hyQWLmdnIj7d0MB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvelFTcWNBcE9JbFI2X3lISkJZdVoyY2lQdDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJfdwAwQA
Jfd2MA0EAgACMAcDBQAqAwQCMA0GCSqGSIb3DQEBCwUAA4IBAQBp/ZLJzkX74oj8
kCsi1Q1ZGoHtoozM8okHhGPuYPUkcUmsldjhlPXJKHmdEpKTX8+CvayRj5Zl4OlW
oaTChB+eTZanL5egi0NCb6mFiRjp7KZf50fyuinOqR1zECjRnvv/xi0d/OLiVpSl
tHKkQSGS/2Qxyb+Q5WUbelafOa0pmIWUlY/qjiRPDSaBvf5mzo2wqO+Pxztn+OrH
G6GAev+0NkPldm543e047MPyaJjGjSkSEM8gGRHIqUcs9NbWgf3Mh7rX/QBlhEAe
M64jilSmjcBWuRNHvFBgcMJdWWubzwr/t6Rc2ITi/TkeiVexlp711sOeMktdbg8O
xAFTdlHI
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:48:20 2025 by rpki-client