Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/qGqGFDo3f1YxXSO8NSZP4OIb8Yk.roa
File: qGqGFDo3f1YxXSO8NSZP4OIb8Yk.roa (raw, json)
Hash identifier: e3ELr1b/OayM2a4sUXudO8Dt/N78b5+UPIuDWK6RcgY=
Subject key identifier: A8:6A:86:14:3A:37:7F:56:31:5D:23:BC:35:26:4F:E0:E2:1B:F1:89
Certificate issuer: /CN=b93a51da2053044f96262f637d0c9cc05d730041
Certificate serial: 019421B1C8D919EE6C97272515818088F8AA
Authority key identifier: B9:3A:51:DA:20:53:04:4F:96:26:2F:63:7D:0C:9C:C0:5D:73:00:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTpR2iBTBE-WJi9jfQycwF1zAEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/qGqGFDo3f1YxXSO8NSZP4OIb8Yk.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47377
IP address blocks: 85.94.224.0/19 maxlen: 24
85.94.226.0/23 maxlen: 23
85.94.228.0/23 maxlen: 23
85.94.230.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/uTpR2iBTBE-WJi9jfQycwF1zAEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/uTpR2iBTBE-WJi9jfQycwF1zAEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/uTpR2iBTBE-WJi9jfQycwF1zAEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 17:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c8:d9:19:ee:6c:97:27:25:15:81:80:88:f8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93a51da2053044f96262f637d0c9cc05d730041
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a86a86143a377f56315d23bc35264fe0e21bf189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d7:81:e2:cb:e2:b0:dd:4e:e0:a2:14:30:36:
b8:66:47:7b:2c:09:66:df:82:74:56:e7:81:d2:57:
a5:4c:7d:6a:43:39:91:cc:02:8b:77:6d:df:b4:31:
67:6b:d7:16:b6:0b:48:87:b9:a6:84:f7:46:91:d5:
3a:17:9a:1d:d2:eb:28:3f:6e:c9:37:7a:9e:2f:79:
6a:3b:8e:51:0e:cc:98:45:ff:01:09:f9:f2:d2:e2:
32:7f:b7:71:96:29:56:a7:1c:d4:6a:cc:36:64:52:
2d:5e:80:09:99:2a:7d:91:3d:c4:9a:fe:1f:05:4f:
6d:a1:e3:78:b1:2c:f7:75:1e:b2:3f:6c:cf:1b:5c:
b2:4a:8c:74:60:d6:20:d6:36:b9:01:fd:b0:78:5a:
5c:b8:d7:1a:12:a6:3e:83:d3:e9:a8:8f:50:52:72:
3b:c1:e2:11:55:00:bc:d5:54:4a:18:36:02:63:45:
56:ab:23:b5:e8:75:d2:df:22:57:3d:1b:91:71:32:
eb:46:d0:e4:e4:aa:56:75:e8:f5:de:40:48:d6:32:
1e:a7:39:fb:cf:c8:bb:f6:2c:ae:21:9f:3f:a4:58:
3d:07:af:cf:ec:95:b1:5b:68:c7:7c:ff:5c:a1:f9:
fe:74:02:d2:9c:bc:c9:8f:a8:37:d7:32:f3:96:d5:
20:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6A:86:14:3A:37:7F:56:31:5D:23:BC:35:26:4F:E0:E2:1B:F1:89
X509v3 Authority Key Identifier:
keyid:B9:3A:51:DA:20:53:04:4F:96:26:2F:63:7D:0C:9C:C0:5D:73:00:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTpR2iBTBE-WJi9jfQycwF1zAEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/qGqGFDo3f1YxXSO8NSZP4OIb8Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/uTpR2iBTBE-WJi9jfQycwF1zAEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.94.224.0/19
Signature Algorithm: sha256WithRSAEncryption
77:4a:7d:d1:42:35:4f:49:f0:e2:a8:d6:ef:b0:30:98:c3:4e:
00:7f:17:03:9f:80:4e:e1:ca:0d:c7:92:e1:da:49:dd:d6:ab:
08:69:58:ee:82:d7:17:bf:af:fa:9c:fb:c9:e4:e1:5c:46:b1:
7d:ab:8d:53:11:02:4b:d8:d7:ea:65:d4:3b:1c:a2:2e:42:98:
eb:34:1f:5e:03:8d:16:d9:cb:01:48:b9:34:25:ed:5e:bf:e1:
be:aa:c8:f4:d2:b7:5f:1e:9b:bc:a4:3b:db:b3:9e:4c:24:49:
f9:4d:b3:2f:39:93:a1:6b:7e:0f:dd:39:b9:36:89:7e:d3:6f:
dc:d4:27:76:d8:76:03:c4:e6:47:33:c1:ad:7c:d3:0a:72:a7:
bd:3b:66:c5:1d:c1:af:82:67:d6:7a:80:3a:34:5a:57:25:76:
51:1d:69:90:f3:ef:7f:57:6f:7d:a0:51:dd:6c:73:69:fd:b3:
26:51:73:2f:a9:f3:6a:fa:a4:5f:31:6d:46:1b:63:8d:a1:c1:
1e:ee:94:f8:ec:6e:1d:dc:1f:b2:26:da:23:3a:1a:c7:6e:2d:
7d:a4:49:eb:61:80:31:f1:72:6b:fb:dd:8d:c8:2a:eb:1c:47:
7f:bf:60:be:0d:01:c9:2a:c0:c9:81:7f:c9:e2:65:80:49:87:
08:46:ed:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhscjZGe5slyclFYGAiPiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2E1MWRhMjA1MzA0NGY5NjI2MmY2MzdkMGM5Y2MwNWQ3
MzAwNDEwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZhODYxNDNhMzc3ZjU2MzE1ZDIzYmMzNTI2NGZlMGUyMWJmMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NeB4svisN1O4KIUMDa4Zkd7LAlm
34J0VueB0lelTH1qQzmRzAKLd23ftDFna9cWtgtIh7mmhPdGkdU6F5od0usoP27J
N3qeL3lqO45RDsyYRf8BCfny0uIyf7dxlilWpxzUasw2ZFItXoAJmSp9kT3Emv4f
BU9toeN4sSz3dR6yP2zPG1yySox0YNYg1ja5Af2weFpcuNcaEqY+g9PpqI9QUnI7
weIRVQC81VRKGDYCY0VWqyO16HXS3yJXPRuRcTLrRtDk5KpWdej13kBI1jIepzn7
z8i79iyuIZ8/pFg9B6/P7JWxW2jHfP9cofn+dALSnLzJj6g31zLzltUgewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhqhhQ6N39WMV0jvDUmT+DiG/GJMB8GA1UdIwQY
MBaAFLk6UdogUwRPliYvY30MnMBdcwBBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRwUjJpQlRCRS1XSmk5amZReWN3RjF6QUVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wMjQxNDMtMDQyYy00MjIyLWJlMGIt
YTEyYjNjM2FlODhmLzEvcUdxR0ZEbzNmMVl4WFNPOE5TWlA0T0liOFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wMjQxNDMtMDQyYy00MjIyLWJlMGItYTEyYjNjM2FlODhm
LzEvdVRwUjJpQlRCRS1XSmk5amZReWN3RjF6QUVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVV7gMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Sn3RQjVPSfDiqNbvsDCYw04AfxcDn4BO4coNx5Lh
2knd1qsIaVjugtcXv6/6nPvJ5OFcRrF9q41TEQJL2NfqZdQ7HKIuQpjrNB9eA40W
2csBSLk0Je1ev+G+qsj00rdfHpu8pDvbs55MJEn5TbMvOZOha34P3Tm5Nol+02/c
1Cd22HYDxOZHM8GtfNMKcqe9O2bFHcGvgmfWeoA6NFpXJXZRHWmQ8+9/V299oFHd
bHNp/bMmUXMvqfNq+qRfMW1GG2ONocEe7pT47G4d3B+yJtojOhrHbi19pEnrYYAx
8XJr+92NyCrrHEd/v2C+DQHJKsDJgX/J4mWASYcIRu3M
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:44:53 2025 by rpki-client