Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nqdZW8VS3cJABsENIPnwko2Hihc.roa
File: nqdZW8VS3cJABsENIPnwko2Hihc.roa (raw, json)
Hash identifier: IhzETIut1wHzF58gkob1Irj0rHur1kgwouWb5+riuAI=
Subject key identifier: 9E:A7:59:5B:C5:52:DD:C2:40:06:C1:0D:20:F9:F0:92:8D:87:8A:17
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01942067E9C1F9D60AA73B05B5A141BDF17F
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nqdZW8VS3cJABsENIPnwko2Hihc.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
94.73.192.0/18 maxlen: 24
109.226.192.0/19 maxlen: 24
109.226.224.0/20 maxlen: 24
109.226.240.0/22 maxlen: 24
109.226.244.0/22 maxlen: 24
109.226.249.0/24 maxlen: 24
109.226.250.0/23 maxlen: 24
109.226.252.0/22 maxlen: 24
171.33.248.0/21 maxlen: 24
2a05:7400::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e9:c1:f9:d6:0a:a7:3b:05:b5:a1:41:bd:f1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ea7595bc552ddc24006c10d20f9f0928d878a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8a:36:f9:d8:61:8e:65:5c:70:a5:89:bb:a2:
2b:df:2b:7b:3c:cc:54:2d:fe:27:f1:2d:65:97:48:
c4:46:cd:77:61:98:97:34:f9:51:6c:7d:50:8b:b5:
f0:d5:9b:3d:0d:7c:76:9c:ae:63:c2:91:62:7d:06:
cd:22:8c:59:34:3c:20:1a:1f:18:d2:60:83:eb:c2:
e8:f2:c6:d2:09:a1:7a:49:8f:92:06:7f:28:ba:5f:
d3:72:fe:87:ae:aa:19:c4:e1:4f:67:51:66:54:b3:
07:04:5d:fc:92:54:f0:d7:e8:45:6e:f1:a2:12:89:
f2:00:4c:52:28:88:25:65:32:b1:71:36:f9:ec:ef:
ce:c5:80:f9:a1:f0:55:b8:c6:1b:65:07:a8:62:58:
8d:05:69:1e:53:7a:8d:f5:ff:2c:64:f6:90:93:69:
67:40:18:6b:4e:c8:e3:1f:16:9f:76:31:ec:d2:2b:
15:9e:ec:8b:12:97:cc:fc:88:d9:5e:ed:17:70:28:
ed:45:8d:e8:10:bb:17:d2:4d:e5:c5:59:fa:f3:ee:
2f:e8:0e:a3:b5:97:5d:6a:ac:37:d5:84:68:8f:87:
10:d9:51:92:07:37:38:01:2a:78:7c:b0:de:e0:3b:
0e:7c:2e:a8:69:e3:cf:e9:9a:d0:ea:f1:f5:15:2c:
9c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A7:59:5B:C5:52:DD:C2:40:06:C1:0D:20:F9:F0:92:8D:87:8A:17
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nqdZW8VS3cJABsENIPnwko2Hihc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0-109.226.247.255
109.226.249.0-109.226.255.255
171.33.248.0/21
IPv6:
2a05:7400::/34
Signature Algorithm: sha256WithRSAEncryption
a8:05:90:79:d9:1c:ff:0d:b7:92:73:0f:30:85:c4:66:3b:dd:
8b:29:3d:28:e3:54:d5:44:69:52:1e:f2:ea:cf:9a:18:36:d9:
8b:05:b1:d0:40:b5:66:b8:42:17:b5:36:04:c7:17:16:27:50:
b1:eb:27:78:88:fc:6c:fd:63:77:ce:7a:1a:5e:be:17:59:0c:
68:d9:48:f0:39:b9:24:f0:b2:2a:b0:5b:e9:10:ae:7f:58:ba:
ac:79:8d:fe:53:4f:a6:85:18:44:5d:d4:fd:f5:87:48:49:68:
39:2f:b2:8d:db:d4:aa:04:8a:a6:ff:ea:53:f2:b9:40:9a:95:
00:b7:79:d5:14:bc:91:55:98:ad:c7:0f:1d:66:4d:50:b8:ff:
0a:a7:8c:e7:95:41:87:8d:28:89:53:6a:83:ed:17:a5:06:bf:
81:a9:9f:f2:31:1e:61:a6:e3:c4:dd:bb:c2:6d:64:30:88:4b:
86:f2:ee:98:c8:b9:f8:49:30:0b:38:ef:ea:6b:9f:73:1b:4a:
31:d3:0b:ab:11:7c:ae:bc:a0:3f:63:d6:21:25:3f:43:ed:b1:
5c:e2:71:97:8f:86:a7:eb:ad:b3:8c:42:a4:fe:bc:69:6b:cf:
30:7a:4d:0e:2a:1d:ce:00:17:c5:27:d7:ec:67:a2:7f:eb:de:
83:73:6b:43
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQgZ+nB+dYKpzsFtaFBvfF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE3NTk1YmM1NTJkZGMyNDAwNmMxMGQyMGY5ZjA5MjhkODc4YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIo2+dhhjmVccKWJu6Ir3yt7PMxU
Lf4n8S1ll0jERs13YZiXNPlRbH1Qi7Xw1Zs9DXx2nK5jwpFifQbNIoxZNDwgGh8Y
0mCD68Lo8sbSCaF6SY+SBn8oul/Tcv6HrqoZxOFPZ1FmVLMHBF38klTw1+hFbvGi
EonyAExSKIglZTKxcTb57O/OxYD5ofBVuMYbZQeoYliNBWkeU3qN9f8sZPaQk2ln
QBhrTsjjHxafdjHs0isVnuyLEpfM/IjZXu0XcCjtRY3oELsX0k3lxVn68+4v6A6j
tZddaqw31YRoj4cQ2VGSBzc4ASp4fLDe4DsOfC6oaePP6ZrQ6vH1FSyczwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJ6nWVvFUt3CQAbBDSD58JKNh4oXMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvbnFkWlc4VlMzY0pBQnNFTklQbndrbzJIaWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAzBAIAATAtAwQEUEEQAwQG
XknAMAwDBAZt4sADBANt4vAwCwMEAG3i+QMDAG3iAwQDqyH4MA4EAgACMAgDBgYq
BXQAADANBgkqhkiG9w0BAQsFAAOCAQEAqAWQedkc/w23knMPMIXEZjvdiyk9KONU
1URpUh7y6s+aGDbZiwWx0EC1ZrhCF7U2BMcXFidQsesneIj8bP1jd856Gl6+F1kM
aNlI8Dm5JPCyKrBb6RCuf1i6rHmN/lNPpoUYRF3U/fWHSEloOS+yjdvUqgSKpv/q
U/K5QJqVALd51RS8kVWYrccPHWZNULj/CqeM55VBh40oiVNqg+0XpQa/gamf8jEe
YabjxN27wm1kMIhLhvLumMi5+EkwCzjv6mufcxtKMdMLqxF8rrygP2PWISU/Q+2x
XOJxl4+Gp+uts4xCpP68aWvPMHpNDiodzgAXxSfX7Geif+veg3NrQw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:21 2025 by rpki-client