Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/QnxdXEgnP3db3KU5C8UjQwz09IM.roa
File: QnxdXEgnP3db3KU5C8UjQwz09IM.roa (raw, json)
Hash identifier: BFA5L6QmrNex0T0qBr/OULAvOyRK2KvYJBrWIhmPEfI=
Subject key identifier: 42:7C:5D:5C:48:27:3F:77:5B:DC:A5:39:0B:C5:23:43:0C:F4:F4:83
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 019614B10D550D5CDD64169C7A80D848277A
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/QnxdXEgnP3db3KU5C8UjQwz09IM.roa
Signing time: Tue 08 Apr 2025 09:17:49 +0000
ROA not before: Tue 08 Apr 2025 09:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8412
IP address blocks: 62.178.0.0/16 maxlen: 17
80.108.0.0/15 maxlen: 16
80.110.0.0/16 maxlen: 17
80.110.64.0/23 maxlen: 23
80.241.16.0/20 maxlen: 21
84.112.0.0/14 maxlen: 15
84.115.208.0/20 maxlen: 20
84.115.224.0/20 maxlen: 20
185.35.152.0/22 maxlen: 23
195.34.128.0/23 maxlen: 24
195.34.131.0/24 maxlen: 24
195.34.136.0/21 maxlen: 22
195.34.144.0/20 maxlen: 21
212.17.64.0/18 maxlen: 19
212.186.0.0/16 maxlen: 17
213.47.0.0/17 maxlen: 18
213.47.128.0/18 maxlen: 19
213.47.192.0/20 maxlen: 21
213.47.208.0/21 maxlen: 22
213.47.216.0/22 maxlen: 23
213.47.224.0/19 maxlen: 20
217.25.112.0/20 maxlen: 22
217.25.122.0/23 maxlen: 23
2a00:e360::/32 maxlen: 33
2a02:8380::/28 maxlen: 29
2a02:8380::/30 maxlen: 33
2a02:8384::/31 maxlen: 32
2a02:8384:8000::/36 maxlen: 40
2a02:8388::/29 maxlen: 30
2a02:8388::/31 maxlen: 36
2a02:8389:c000::/36 maxlen: 36
2a02:838a::/41 maxlen: 44
2a02:838a:2000::/36 maxlen: 40
2a02:838c::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:b1:0d:55:0d:5c:dd:64:16:9c:7a:80:d8:48:27:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Apr 8 09:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=427c5d5c48273f775bdca5390bc523430cf4f483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f5:ac:66:2f:3a:c1:5d:49:64:0e:bf:cc:fd:
fe:68:f5:fd:9f:bd:54:a5:a3:60:f7:da:dd:5a:90:
01:77:14:18:76:29:d4:96:74:72:65:ed:da:ac:5e:
d3:66:26:a4:82:ff:9f:39:f2:5b:13:c5:68:53:56:
e7:12:6c:11:58:08:dd:29:38:d5:65:74:32:5c:af:
92:95:94:87:4d:2a:da:60:8b:a8:bc:6f:5d:aa:0e:
d7:61:fc:fa:8f:3c:52:c3:ba:a9:bf:52:e2:ae:e2:
0f:46:48:ab:c5:7a:db:32:57:2f:c0:56:92:1b:55:
93:ab:aa:a1:25:68:19:0d:5b:45:b4:e1:c7:8b:ad:
b8:18:16:e9:83:65:c7:6a:cc:ae:68:6d:66:98:d5:
f4:d8:07:8c:3d:d2:11:a3:b5:78:b3:76:fb:c7:69:
80:4b:ac:7c:dd:f6:2d:54:b1:66:9a:27:63:f3:80:
29:a7:a2:bb:0d:ba:87:7f:4f:51:2b:f2:28:5e:2c:
c8:c9:96:c9:eb:cf:66:75:8e:5d:2e:8d:e6:c7:e5:
6b:f3:99:7f:17:2b:c2:6c:1b:61:65:58:89:b5:5a:
50:22:e5:59:d6:8d:ca:fb:d1:6d:4b:91:26:6a:f9:
6e:6c:8d:06:89:5f:34:93:d8:ed:49:50:e7:de:51:
c1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7C:5D:5C:48:27:3F:77:5B:DC:A5:39:0B:C5:23:43:0C:F4:F4:83
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/QnxdXEgnP3db3KU5C8UjQwz09IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.178.0.0/16
80.108.0.0-80.110.255.255
80.241.16.0/20
84.112.0.0/14
185.35.152.0/22
195.34.128.0/23
195.34.131.0/24
195.34.136.0-195.34.159.255
212.17.64.0/18
212.186.0.0/16
213.47.0.0-213.47.219.255
213.47.224.0/19
217.25.112.0/20
IPv6:
2a00:e360::/32
2a02:8380::/28
Signature Algorithm: sha256WithRSAEncryption
3e:b7:31:cd:9d:85:88:2b:7d:11:ba:a7:8b:f1:15:bb:5b:f9:
fc:c3:92:0e:76:d1:66:d4:37:0a:4a:d5:d0:00:38:c5:65:58:
6c:f5:04:73:da:63:47:63:d0:ab:4a:36:85:63:55:32:9e:30:
2c:9e:61:9c:92:ae:09:36:69:b0:9f:22:78:94:59:90:2b:04:
68:05:1d:f2:61:73:45:b8:cd:9c:a8:cb:56:56:40:c7:ee:8d:
a7:4f:bc:43:81:50:4c:45:ef:7e:2b:d7:c9:0e:46:f5:59:a3:
ba:9c:f0:9e:53:d2:d5:82:0c:e0:5e:49:b0:e9:4e:a2:01:81:
8a:d9:79:76:47:4d:ec:86:33:60:06:7b:d8:bf:54:7c:96:7c:
a5:ee:98:b0:da:34:29:44:dd:a3:7b:67:e7:25:6d:11:08:9c:
1f:72:60:18:dc:1e:eb:94:c6:b3:e7:c2:2c:98:1a:99:e8:6e:
9c:8f:c5:26:df:3f:4c:bc:c7:51:f1:a0:2e:dd:3a:bf:1a:42:
25:e0:ae:22:1f:eb:dc:48:b7:f6:23:25:7b:bb:7b:e7:42:30:
55:b8:80:bd:3a:35:0b:3b:64:2a:1b:d0:c5:36:07:64:f5:c4:
00:7e:08:d8:7e:f6:d1:a6:58:38:7e:b5:af:68:c3:ef:a4:7c:
f4:bf:5c:8c
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZYUsQ1VDVzdZBaceoDYSCd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjUwNDA4MDkxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjdjNWQ1YzQ4MjczZjc3NWJkY2E1MzkwYmM1MjM0MzBjZjRmNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/WsZi86wV1JZA6/zP3+aPX9n71U
paNg99rdWpABdxQYdinUlnRyZe3arF7TZiakgv+fOfJbE8VoU1bnEmwRWAjdKTjV
ZXQyXK+SlZSHTSraYIuovG9dqg7XYfz6jzxSw7qpv1LiruIPRkirxXrbMlcvwFaS
G1WTq6qhJWgZDVtFtOHHi624GBbpg2XHasyuaG1mmNX02AeMPdIRo7V4s3b7x2mA
S6x83fYtVLFmmidj84App6K7DbqHf09RK/IoXizIyZbJ689mdY5dLo3mx+Vr85l/
FyvCbBthZViJtVpQIuVZ1o3K+9FtS5EmavlubI0GiV80k9jtSVDn3lHB0wIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFEJ8XVxIJz93W9ylOQvFI0MM9PSDMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvUW54ZFhFZ25QM2RiM0tVNUM4VWpRd3owOUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADAwA+sjAK
AwMCUGwDAwBQbgMEBFDxEAMDAlRwAwQCuSOYAwQBwyKAAwQAwyKDMAwDBAPDIogD
BAXDIoADBAbUEUADAwDUujALAwMA1S8DBALVL9gDBAXVL+ADBATZGXAwFAQCAAIw
DgMFACoA42ADBQQqAoOAMA0GCSqGSIb3DQEBCwUAA4IBAQA+tzHNnYWIK30RuqeL
8RW7W/n8w5IOdtFm1DcKStXQADjFZVhs9QRz2mNHY9CrSjaFY1UynjAsnmGckq4J
NmmwnyJ4lFmQKwRoBR3yYXNFuM2cqMtWVkDH7o2nT7xDgVBMRe9+K9fJDkb1WaO6
nPCeU9LVggzgXkmw6U6iAYGK2Xl2R03shjNgBnvYv1R8lnyl7piw2jQpRN2je2fn
JW0RCJwfcmAY3B7rlMaz58IsmBqZ6G6cj8Um3z9MvMdR8aAu3Tq/GkIl4K4iH+vc
SLf2IyV7u3vnQjBVuIC9OjULO2QqG9DFNgdk9cQAfgjYfvbRplg4frWvaMPvpHz0
v1yM
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:44:32 2025 by rpki-client