Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/Q-JTW2pMbNHJuQzQ3GB1MFwgWco.roa
File: Q-JTW2pMbNHJuQzQ3GB1MFwgWco.roa (raw, json)
Hash identifier: Lazq6w2zk0BI/gQTS7LpUxVn4e7nb0oKSy4DjZT1z9U=
Subject key identifier: 43:E2:53:5B:6A:4C:6C:D1:C9:B9:0C:D0:DC:60:75:30:5C:20:59:CA
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 01942067F3CE6B1D78D3BF50ED672B32E5CC
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/Q-JTW2pMbNHJuQzQ3GB1MFwgWco.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206991
IP address blocks: 85.95.237.0/24 maxlen: 24
85.95.238.0/24 maxlen: 24
85.95.239.0/24 maxlen: 24
85.95.240.0/24 maxlen: 24
85.95.241.0/24 maxlen: 24
85.95.242.0/24 maxlen: 24
85.95.243.0/24 maxlen: 24
85.95.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f3:ce:6b:1d:78:d3:bf:50:ed:67:2b:32:e5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43e2535b6a4c6cd1c9b90cd0dc6075305c2059ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:16:89:57:be:72:62:b9:29:5a:bc:b5:92:
86:b5:a9:99:64:10:f4:66:9d:48:4f:4f:a9:ae:10:
98:1c:71:19:e6:d1:f4:cd:a1:42:d1:46:62:6f:5e:
f2:55:12:f2:72:5e:e3:1d:19:a5:12:1b:38:a3:ab:
73:1f:71:66:f7:93:aa:7b:40:3f:66:12:d0:1c:c0:
d6:0a:f0:7e:fa:d7:1a:97:c9:c1:17:67:39:5f:68:
39:21:e9:40:6a:8b:f2:05:cb:a7:29:df:c3:fd:f4:
75:a9:bc:09:41:c0:76:17:07:01:f5:62:74:5a:14:
b7:53:dd:80:08:f8:ca:56:ea:58:57:ed:16:d7:57:
18:02:9f:5a:cd:00:72:1b:83:fa:1e:37:87:61:fe:
71:93:7f:5c:81:25:7e:54:b2:ba:66:33:9f:b7:ee:
02:46:0b:34:0c:4d:67:04:31:d4:2c:5f:97:0a:af:
51:1d:f3:15:1e:f0:ef:aa:79:e5:3d:01:27:a0:26:
77:e2:82:68:e6:5a:5d:bd:dc:24:4a:34:82:9e:02:
ca:49:cf:38:ab:1d:30:e0:f7:de:82:d8:9f:6b:62:
22:1b:aa:b0:a4:4e:1d:32:91:28:39:45:e3:4b:ec:
ca:f2:28:6b:4a:02:37:e5:89:59:38:f3:7a:ef:ee:
6b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E2:53:5B:6A:4C:6C:D1:C9:B9:0C:D0:DC:60:75:30:5C:20:59:CA
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/Q-JTW2pMbNHJuQzQ3GB1MFwgWco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.237.0-85.95.244.255
Signature Algorithm: sha256WithRSAEncryption
8e:51:f6:de:ed:63:08:e1:c7:28:c4:a2:2e:13:81:61:05:47:
8b:1b:38:64:f0:b5:6e:ab:d3:3a:9a:5f:44:2a:84:f4:0b:89:
31:58:31:4e:95:aa:0f:aa:2f:21:d6:b2:4e:5c:d1:45:1b:2e:
cb:0f:48:bb:7c:5b:30:0c:d2:2c:9a:00:fe:b9:86:79:a3:e8:
1c:33:36:5a:55:fe:04:c1:1a:ae:c1:98:5c:ab:c2:18:6b:dc:
1d:ad:ed:a9:3e:4b:9b:fd:53:97:a5:ce:6f:ab:17:3f:50:60:
ab:00:fa:8a:96:43:83:c8:c6:7f:f8:c5:3f:79:20:fa:c6:c4:
32:1e:8a:70:3a:71:4d:67:71:13:55:36:ff:a8:29:81:64:eb:
8c:75:d3:37:ad:f8:ab:53:71:d3:7a:90:3e:93:68:2c:bb:6e:
ac:4a:70:29:96:97:a0:e3:bf:8a:10:14:ae:33:41:93:7c:64:
66:a2:e2:81:f7:30:7b:7e:ab:b2:94:15:34:c5:d1:19:5f:31:
90:bf:43:94:f4:3f:f6:2f:e7:57:c7:44:b8:6e:7e:32:6c:57:
dc:d0:5f:85:f8:71:1a:53:ba:c8:c4:d7:78:e0:aa:8f:7b:24:
c1:c5:41:61:dd:a2:af:3f:76:d3:5e:0d:84:d4:c4:e8:e4:47:
ff:2c:25:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQgZ/POax14079Q7WcrMuXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjFhOWRkMTI2ZjM3MjM3Y2UyMDBmYjg2MTZmZjkzN2Jj
YTk2NmMwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UyNTM1YjZhNGM2Y2QxYzliOTBjZDBkYzYwNzUzMDVjMjA1OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptAWiVe+cmK5KVq8tZKGtamZZBD0
Zp1IT0+prhCYHHEZ5tH0zaFC0UZib17yVRLycl7jHRmlEhs4o6tzH3Fm95Oqe0A/
ZhLQHMDWCvB++tcal8nBF2c5X2g5IelAaovyBcunKd/D/fR1qbwJQcB2FwcB9WJ0
WhS3U92ACPjKVupYV+0W11cYAp9azQByG4P6HjeHYf5xk39cgSV+VLK6ZjOft+4C
Rgs0DE1nBDHULF+XCq9RHfMVHvDvqnnlPQEnoCZ34oJo5lpdvdwkSjSCngLKSc84
qx0w4Pfegtifa2IiG6qwpE4dMpEoOUXjS+zK8ihrSgI35YlZOPN67+5rFQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEPiU1tqTGzRybkM0NxgdTBcIFnKMB8GA1UdIwQY
MBaAFBnxqd0SbzcjfOIA+4YW/5N7ypZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgt
M2ZkMzA5ODhmNjc3LzEvUS1KVFcycE1iTkhKdVF6UTNHQjFNRndnV2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgtM2ZkMzA5ODhmNjc3
LzEvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVX+0D
BABVX/QwDQYJKoZIhvcNAQELBQADggEBAI5R9t7tYwjhxyjEoi4TgWEFR4sbOGTw
tW6r0zqaX0QqhPQLiTFYMU6Vqg+qLyHWsk5c0UUbLssPSLt8WzAM0iyaAP65hnmj
6BwzNlpV/gTBGq7BmFyrwhhr3B2t7ak+S5v9U5elzm+rFz9QYKsA+oqWQ4PIxn/4
xT95IPrGxDIeinA6cU1ncRNVNv+oKYFk64x10zet+KtTcdN6kD6TaCy7bqxKcCmW
l6Djv4oQFK4zQZN8ZGai4oH3MHt+q7KUFTTF0RlfMZC/Q5T0P/Yv51fHRLhufjJs
V9zQX4X4cRpTusjE13jgqo97JMHFQWHdoq8/dtNeDYTUxOjkR/8sJeQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:37:44 2025 by rpki-client