Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/tQHm6gRKkUvPz21vjU2IF_-eGGI.roa
File: tQHm6gRKkUvPz21vjU2IF_-eGGI.roa (raw, json)
Hash identifier: 8D5Tob/91gW7C82s8iNYRkfg6Lt+4WCiU7kh/WhsZZM=
Subject key identifier: B5:01:E6:EA:04:4A:91:4B:CF:CF:6D:6F:8D:4D:88:17:FF:9E:18:62
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 019421B181465055A306C3F67261FE2909B0
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/tQHm6gRKkUvPz21vjU2IF_-eGGI.roa
Signing time: Wed 01 Jan 2025 11:47:48 +0000
ROA not before: Wed 01 Jan 2025 11:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47492
IP address blocks: 81.161.224.0/24 maxlen: 24
81.161.225.0/24 maxlen: 24
81.161.227.0/24 maxlen: 24
185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.232.0/24 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
2a03:e841::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:81:46:50:55:a3:06:c3:f6:72:61:fe:29:09:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 11:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b501e6ea044a914bcfcf6d6f8d4d8817ff9e1862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:ae:fd:9b:79:80:ac:ef:15:56:66:5a:6c:
52:51:62:4b:c2:3e:17:17:44:cc:94:6a:45:b3:0e:
62:a3:06:2b:2e:a8:fa:cb:cd:02:66:3a:ed:bf:47:
63:79:86:5d:3b:7b:dd:af:d7:f5:fb:c7:97:08:25:
46:56:1e:25:33:fb:d8:d4:c0:1a:71:b3:34:a8:fc:
cb:bd:37:17:38:94:a9:55:dc:d1:a3:2a:85:54:3c:
00:77:9b:36:eb:3c:4b:97:03:7a:61:73:87:fd:1c:
7d:7d:f9:49:f4:6f:5f:11:59:47:20:09:ee:9f:16:
52:3a:6c:3c:1b:68:c5:34:f6:b6:b7:a6:82:51:89:
c7:b0:8b:da:3f:cc:1c:5c:c2:fd:06:56:e6:d5:50:
38:67:e5:d3:e3:0a:fd:df:2a:ee:1a:59:20:bb:0b:
ec:e4:f8:b2:f4:ea:d4:85:1d:4b:63:9d:ff:34:a3:
38:b8:f4:cc:04:9c:ea:f5:38:96:80:8f:bd:ea:ee:
1d:a5:26:f4:c6:3c:b3:2c:cc:80:ab:a7:61:e8:ac:
3d:22:05:44:5f:5a:47:9f:2b:e4:f2:26:c4:67:11:
d4:ba:a9:4e:26:60:a0:25:d9:21:57:c2:00:23:ea:
e2:56:5f:21:a9:b8:42:c3:ad:99:07:ca:cc:80:d6:
f5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:01:E6:EA:04:4A:91:4B:CF:CF:6D:6F:8D:4D:88:17:FF:9E:18:62
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/tQHm6gRKkUvPz21vjU2IF_-eGGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.224.0/23
81.161.227.0/24
185.94.232.0/22
IPv6:
2a03:e841::/32
Signature Algorithm: sha256WithRSAEncryption
91:87:51:16:8a:d2:f7:d1:ce:cb:b3:83:56:42:31:4c:b6:8e:
ff:fc:b6:eb:b5:e9:76:fd:b5:d4:4b:6e:00:1a:4e:df:ea:a3:
15:4c:dd:2d:1e:84:58:c7:18:62:c7:3f:7a:af:2c:6b:1c:83:
76:ea:e5:5b:32:90:cb:b2:33:72:fb:45:df:25:fe:df:53:e3:
7b:bf:67:7f:1f:72:80:32:01:75:32:06:8e:2f:6d:e4:75:65:
bc:f3:bf:9c:2f:80:b7:4e:d2:1a:ad:be:72:e6:c4:13:2c:b0:
2a:b6:1a:5d:44:b5:f8:09:bb:5f:d8:5c:e2:7c:49:cf:f3:ed:
56:11:e0:da:0e:4e:24:12:a0:c8:16:a7:20:8d:0e:00:58:60:
69:d7:5d:db:10:90:4f:2c:24:ae:c3:d5:08:4a:53:23:09:7d:
f6:13:f3:a1:5b:70:99:09:92:42:4a:5b:cb:53:fa:20:76:80:
d8:6c:01:2c:ff:b4:0b:62:b1:19:c7:b4:18:1b:3e:b0:aa:6f:
47:83:6e:21:3c:3b:3d:13:f8:40:94:a2:51:2d:9b:de:2c:b8:
4c:fb:47:ab:11:cc:f3:ec:81:26:10:6c:86:73:f2:83:b4:93:
ac:b1:97:7b:6e:2e:03:c9:bf:05:55:38:ac:2e:78:7f:d8:54:
b5:90:1c:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhsYFGUFWjBsP2cmH+KQmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjUwMTAxMTE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAxZTZlYTA0NGE5MTRiY2ZjZjZkNmY4ZDRkODgxN2ZmOWUxODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQOu/Zt5gKzvFVZmWmxSUWJLwj4X
F0TMlGpFsw5iowYrLqj6y80CZjrtv0djeYZdO3vdr9f1+8eXCCVGVh4lM/vY1MAa
cbM0qPzLvTcXOJSpVdzRoyqFVDwAd5s26zxLlwN6YXOH/Rx9fflJ9G9fEVlHIAnu
nxZSOmw8G2jFNPa2t6aCUYnHsIvaP8wcXML9Blbm1VA4Z+XT4wr93yruGlkguwvs
5Piy9OrUhR1LY53/NKM4uPTMBJzq9TiWgI+96u4dpSb0xjyzLMyAq6dh6Kw9IgVE
X1pHnyvk8ibEZxHUuqlOJmCgJdkhV8IAI+riVl8hqbhCw62ZB8rMgNb1NQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLUB5uoESpFLz89tb41NiBf/nhhiMB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvdFFIbTZnUktrVXZQejIxdmpVMklGXy1lR0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUaHgAwQA
UaHjAwQCuV7oMA0EAgACMAcDBQAqA+hBMA0GCSqGSIb3DQEBCwUAA4IBAQCRh1EW
itL30c7Ls4NWQjFMto7//Lbrtel2/bXUS24AGk7f6qMVTN0tHoRYxxhixz96ryxr
HIN26uVbMpDLsjNy+0XfJf7fU+N7v2d/H3KAMgF1MgaOL23kdWW887+cL4C3TtIa
rb5y5sQTLLAqthpdRLX4Cbtf2FzifEnP8+1WEeDaDk4kEqDIFqcgjQ4AWGBp113b
EJBPLCSuw9UISlMjCX32E/OhW3CZCZJCSlvLU/ogdoDYbAEs/7QLYrEZx7QYGz6w
qm9Hg24hPDs9E/hAlKJRLZveLLhM+0erEczz7IEmEGyGc/KDtJOssZd7bi4Dyb8F
VTisLnh/2FS1kByv
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:25:16 2025 by rpki-client