Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qvaa4NsARlFLxLQgzL6eqgRJJvU.roa
File: Qvaa4NsARlFLxLQgzL6eqgRJJvU.roa (raw, json)
Hash identifier: i6pIiBTk8XGj2l71HexeaGoU/j5uIKNhGumr7De0pE4=
Subject key identifier: 42:F6:9A:E0:DB:00:46:51:4B:C4:B4:20:CC:BE:9E:AA:04:49:26:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01942220179131A03D1CE768C9C8581E81F2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qvaa4NsARlFLxLQgzL6eqgRJJvU.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.8.68.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.67.99.0/24 maxlen: 24
45.91.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:17:91:31:a0:3d:1c:e7:68:c9:c8:58:1e:81:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42f69ae0db0046514bc4b420ccbe9eaa044926f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:01:ad:8f:02:5a:6f:d4:4b:f8:64:27:99:
3b:eb:34:3b:b8:f7:40:ff:5d:e8:80:5a:80:87:71:
9c:7a:8c:e6:3d:68:db:e1:e6:de:a8:8f:0f:bb:aa:
69:8a:bf:ae:34:12:77:31:ff:7b:86:64:f3:b9:e5:
59:2a:e9:63:ee:9e:03:53:77:8a:41:f8:39:94:db:
c6:75:2f:62:ce:f9:a3:21:ff:8a:3f:b4:7a:03:b7:
91:9f:ea:02:08:ac:63:4e:01:c0:ec:14:bb:1c:66:
fc:c9:cc:11:de:e7:82:b4:e1:f1:ff:00:b3:6b:94:
93:5e:c2:6f:ab:02:cb:d0:0a:e6:b3:2e:8b:94:50:
bf:f8:d5:dd:3f:06:61:09:e1:3d:ba:ad:f3:50:6b:
e3:06:ba:18:c7:ae:50:9f:cf:92:0e:86:d3:6b:4a:
88:38:8f:b9:3c:c4:b9:85:3e:02:56:c4:67:fd:b7:
c9:f4:06:0c:1b:39:54:ee:c4:c8:05:7b:1b:4a:90:
08:68:ac:84:f7:a5:f1:75:46:32:a5:b5:e3:07:1f:
84:7d:e4:11:87:91:bb:8c:24:0e:16:d5:3b:53:bd:
0b:0e:90:8a:f8:ba:7d:6e:8c:f6:bf:2e:00:14:82:
f5:e1:7a:f5:f2:fa:fd:17:06:de:43:05:a0:46:38:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F6:9A:E0:DB:00:46:51:4B:C4:B4:20:CC:BE:9E:AA:04:49:26:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Qvaa4NsARlFLxLQgzL6eqgRJJvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.97.0/24
45.67.99.0/24
45.91.50.0/24
Signature Algorithm: sha256WithRSAEncryption
23:25:b3:8f:ee:f8:86:da:e9:e0:72:23:78:77:9b:a7:68:f4:
b2:45:8f:e2:05:f2:17:26:f2:49:18:da:79:78:1a:ab:31:47:
d6:35:d5:32:81:a0:9e:4f:cf:ff:d3:24:ed:f9:0d:cc:ef:f9:
40:3d:0d:dc:c9:11:64:56:68:27:f9:21:6c:a6:24:bb:e3:a5:
38:59:30:bd:8e:7c:7d:f1:95:d3:33:75:b4:73:cc:54:2b:9c:
f9:9a:85:7a:1c:6d:0f:bf:24:08:65:42:52:f9:71:03:94:b1:
63:aa:f9:96:c5:6a:29:b6:f7:b3:3a:1d:25:4d:36:d2:00:6f:
da:e0:69:4d:99:63:6d:b9:d8:a6:32:1f:fb:45:94:c6:0c:7d:
8b:8c:a7:d9:3e:fb:de:90:27:cc:cd:3a:78:b3:77:69:81:39:
be:0a:a4:68:c4:51:3b:40:4c:30:7d:f2:9f:b4:6c:d6:7b:6e:
b2:2e:e8:a5:c7:ea:87:b3:d8:cd:39:44:40:3e:93:15:68:89:
d8:d2:cb:ee:39:df:aa:e7:b5:3a:2f:f2:a8:06:47:8e:e2:d1:
af:3d:a7:c2:39:53:a1:8f:61:03:58:7c:e5:40:42:5f:61:00:
60:0a:f6:f2:42:04:4f:40:38:63:fd:c3:39:6d:1d:a1:1d:5b:
2c:e2:73:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIBeRMaA9HOdoychYHoHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY2OWFlMGRiMDA0NjUxNGJjNGI0MjBjY2JlOWVhYTA0NDkyNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHQBrY8CWm/US/hkJ5k76zQ7uPdA
/13ogFqAh3GceozmPWjb4ebeqI8Pu6ppir+uNBJ3Mf97hmTzueVZKulj7p4DU3eK
Qfg5lNvGdS9izvmjIf+KP7R6A7eRn+oCCKxjTgHA7BS7HGb8ycwR3ueCtOHx/wCz
a5STXsJvqwLL0Armsy6LlFC/+NXdPwZhCeE9uq3zUGvjBroYx65Qn8+SDobTa0qI
OI+5PMS5hT4CVsRn/bfJ9AYMGzlU7sTIBXsbSpAIaKyE96XxdUYypbXjBx+EfeQR
h5G7jCQOFtU7U70LDpCK+Lp9boz2vy4AFIL14Xr18vr9FwbeQwWgRjib0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEL2muDbAEZRS8S0IMy+nqoESSb1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUXZhYTROc0FSbEZMeExRZ3pMNmVxZ1JKSnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQhEAwQA
LUNhAwQALUNjAwQALVsyMA0GCSqGSIb3DQEBCwUAA4IBAQAjJbOP7viG2ungciN4
d5unaPSyRY/iBfIXJvJJGNp5eBqrMUfWNdUygaCeT8//0yTt+Q3M7/lAPQ3cyRFk
Vmgn+SFspiS746U4WTC9jnx98ZXTM3W0c8xUK5z5moV6HG0PvyQIZUJS+XEDlLFj
qvmWxWoptvezOh0lTTbSAG/a4GlNmWNtudimMh/7RZTGDH2LjKfZPvvekCfMzTp4
s3dpgTm+CqRoxFE7QEwwffKftGzWe26yLuilx+qHs9jNOURAPpMVaInY0svuOd+q
57U6L/KoBkeO4tGvPafCOVOhj2EDWHzlQEJfYQBgCvbyQgRPQDhj/cM5bR2hHVss
4nPA
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:43 2025 by rpki-client