Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Q6bkyyQLjY5spQCrn9goEf71pPU.roa
File: Q6bkyyQLjY5spQCrn9goEf71pPU.roa (raw, json)
Hash identifier: 9lviglTOByJ8RQWmZ8UPa2cM7z/LltLd8urB8JmBNnE=
Subject key identifier: 43:A6:E4:CB:24:0B:8D:8E:6C:A5:00:AB:9F:D8:28:11:FE:F5:A4:F5
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 019423D748BBADD5ECAEB75B59A29E351283
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Q6bkyyQLjY5spQCrn9goEf71pPU.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56479
IP address blocks: 194.170.32.0/19 maxlen: 19
195.229.175.0/24 maxlen: 24
195.229.176.0/24 maxlen: 24
195.229.177.0/24 maxlen: 24
195.229.178.0/24 maxlen: 24
195.229.179.0/24 maxlen: 24
195.229.180.0/24 maxlen: 24
195.229.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:48:bb:ad:d5:ec:ae:b7:5b:59:a2:9e:35:12:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43a6e4cb240b8d8e6ca500ab9fd82811fef5a4f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:da:4c:f0:81:8c:cf:97:45:a0:c3:c4:1a:
ab:85:7c:be:8a:6a:f7:34:c8:db:d5:f0:e4:7d:03:
fd:63:6a:81:33:6f:1b:69:3b:0e:84:7c:c0:9b:71:
3b:a6:91:31:12:21:7d:ba:e5:de:af:39:69:4a:ad:
26:88:50:f6:2c:a4:64:91:47:f1:96:fe:97:a7:c2:
03:79:25:6d:90:66:fb:3c:93:16:38:e7:d8:06:69:
bc:45:17:c0:e7:d5:ee:94:1d:2c:91:e9:38:1d:af:
ae:4f:50:48:3f:77:64:30:69:92:ab:45:69:d7:a7:
f3:df:a7:1c:44:b6:4d:3d:0d:09:69:b9:46:d7:93:
e2:fe:6f:63:35:19:25:94:e3:1f:1a:e2:6b:d4:a7:
38:a0:34:7a:b6:d4:cc:5b:6d:36:5a:b0:e0:7f:52:
38:7f:1f:ae:f5:b2:6e:8f:50:6c:9c:dd:71:53:af:
93:40:3d:e5:5a:7e:8a:f6:46:e2:ec:36:15:22:55:
e1:46:87:bc:ba:a9:32:20:e7:11:4a:e0:2f:b5:e5:
84:2f:f2:f7:d8:81:3d:a1:63:2c:96:2f:47:eb:2b:
dd:aa:f2:9b:b8:f8:27:9e:7f:4c:49:89:73:61:fa:
c7:1c:b7:1a:db:f1:ba:77:3c:2d:53:74:56:37:a0:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A6:E4:CB:24:0B:8D:8E:6C:A5:00:AB:9F:D8:28:11:FE:F5:A4:F5
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Q6bkyyQLjY5spQCrn9goEf71pPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.32.0/19
195.229.175.0-195.229.181.255
Signature Algorithm: sha256WithRSAEncryption
72:f3:56:62:eb:8f:9c:e0:f6:d7:62:4f:70:45:5a:3f:c3:d0:
df:6c:d1:bd:3e:ef:5d:ba:2b:c5:61:88:a7:8b:95:99:fa:ff:
b9:a5:b1:e5:c2:cc:d5:d2:a0:d8:d9:c3:d1:d3:91:75:75:fb:
87:30:bc:ab:d8:00:4b:85:20:60:c7:92:98:1d:22:46:ae:e9:
1f:ac:51:4e:07:cb:68:f2:1f:b2:8a:70:c1:94:ce:60:9c:28:
b6:29:1b:72:b0:a0:46:96:9b:93:07:41:a3:5a:15:2e:44:19:
57:70:1d:8d:d0:07:db:aa:0e:77:2b:d5:d4:12:e9:a4:b4:d4:
da:61:b5:bd:01:dd:77:a4:49:3a:42:47:71:00:f4:23:45:a5:
9c:29:0e:0a:a3:3c:6a:6e:20:77:30:dc:29:fa:f6:5b:d1:da:
5f:b3:ec:1b:7b:d2:05:ae:cf:81:38:f2:00:55:9e:60:ab:49:
6c:36:6d:36:f0:0a:33:93:f3:57:31:0a:38:41:a1:64:e1:e0:
b2:59:8b:a7:2e:2c:96:de:c5:fb:93:db:00:21:a9:0f:74:ef:
7e:84:58:bb:25:95:ec:36:79:a9:ee:bc:97:37:b7:78:8b:12:
09:55:eb:92:1d:25:0b:6b:10:fd:20:15:30:97:d1:5a:cb:69:
8a:d8:9d:02
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQj10i7rdXsrrdbWaKeNRKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E2ZTRjYjI0MGI4ZDhlNmNhNTAwYWI5ZmQ4MjgxMWZlZjVhNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd7aTPCBjM+XRaDDxBqrhXy+imr3
NMjb1fDkfQP9Y2qBM28baTsOhHzAm3E7ppExEiF9uuXerzlpSq0miFD2LKRkkUfx
lv6Xp8IDeSVtkGb7PJMWOOfYBmm8RRfA59XulB0skek4Ha+uT1BIP3dkMGmSq0Vp
16fz36ccRLZNPQ0JablG15Pi/m9jNRkllOMfGuJr1Kc4oDR6ttTMW202WrDgf1I4
fx+u9bJuj1BsnN1xU6+TQD3lWn6K9kbi7DYVIlXhRoe8uqkyIOcRSuAvteWEL/L3
2IE9oWMsli9H6yvdqvKbuPgnnn9MSYlzYfrHHLca2/G6dzwtU3RWN6Ac1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEOm5MskC42ObKUAq5/YKBH+9aT1MB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvUTZia3l5UUxqWTVzcFFDcm45Z29FZjcxcFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQFwqogMAwD
BADD5a8DBAHD5bQwDQYJKoZIhvcNAQELBQADggEBAHLzVmLrj5zg9tdiT3BFWj/D
0N9s0b0+7126K8VhiKeLlZn6/7mlseXCzNXSoNjZw9HTkXV1+4cwvKvYAEuFIGDH
kpgdIkau6R+sUU4Hy2jyH7KKcMGUzmCcKLYpG3KwoEaWm5MHQaNaFS5EGVdwHY3Q
B9uqDncr1dQS6aS01Nphtb0B3XekSTpCR3EA9CNFpZwpDgqjPGpuIHcw3Cn69lvR
2l+z7Bt70gWuz4E48gBVnmCrSWw2bTbwCjOT81cxCjhBoWTh4LJZi6cuLJbexfuT
2wAhqQ90736EWLsllew2eanuvJc3t3iLEglV65IdJQtrEP0gFTCX0VrLaYrYnQI=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:43:43 2025 by rpki-client