Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qnbwoJ-6X06QtLEn_AVpxXck0rE.roa
File: qnbwoJ-6X06QtLEn_AVpxXck0rE.roa (raw, json)
Hash identifier: ioGgfxJyO3a/htzDlnfLWREZ8V6bdcayLjpAwOpgzA8=
Subject key identifier: AA:76:F0:A0:9F:BA:5F:4E:90:B4:B1:27:FC:05:69:C5:77:24:D2:B1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0194222038E53F41FC1BBDCD654D440A9FF9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qnbwoJ-6X06QtLEn_AVpxXck0rE.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210558
IP address blocks: 45.80.158.0/24 maxlen: 24
45.92.1.0/24 maxlen: 24
185.241.208.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:38:e5:3f:41:fc:1b:bd:cd:65:4d:44:0a:9f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa76f0a09fba5f4e90b4b127fc0569c57724d2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:73:f3:f6:42:6c:87:17:9f:44:91:8d:89:dd:
91:54:26:66:e5:36:91:53:d2:5a:95:b3:00:1a:a5:
30:88:b4:7e:a5:b6:28:5b:a0:a0:e4:47:ea:69:77:
45:35:de:40:38:29:e6:2d:50:06:32:05:d7:45:a7:
21:5f:56:55:09:2c:5d:54:97:88:b4:b1:65:ce:1a:
2d:6a:66:94:b4:e2:5f:20:41:67:a4:81:82:06:95:
3a:cd:3c:8c:c8:58:78:2b:48:c6:db:a9:79:2e:0d:
ca:40:af:a9:ec:17:61:1b:41:d3:15:0a:bc:b0:c1:
68:d8:03:24:01:e6:8b:bd:e4:34:7e:19:3d:7a:c4:
58:c0:dd:3c:f5:16:f2:19:0b:f7:c0:1d:27:14:27:
0e:6b:87:23:65:96:3b:7b:2e:3a:fc:38:8f:0c:f2:
b0:0d:a0:1a:9a:d8:4a:2f:6a:ee:7e:8c:23:1f:60:
cc:ad:4c:91:2e:7e:94:32:ba:c9:54:49:b9:4e:ba:
db:6c:49:58:ac:26:a1:93:0d:bc:74:66:d5:a9:2d:
3c:6c:83:dd:17:64:00:34:79:05:7e:f7:67:d0:b5:
9b:03:67:65:f6:05:40:b8:b4:b7:46:08:21:43:e6:
f0:04:7c:ba:71:cc:53:29:c8:a3:db:85:24:22:2d:
5c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:76:F0:A0:9F:BA:5F:4E:90:B4:B1:27:FC:05:69:C5:77:24:D2:B1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qnbwoJ-6X06QtLEn_AVpxXck0rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.158.0/24
45.92.1.0/24
185.241.208.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
29:36:30:27:ec:a5:e2:e5:15:3c:63:84:d1:96:11:45:97:73:
c9:da:36:21:27:41:71:73:dc:50:1e:ac:88:69:ef:25:6d:41:
25:13:d6:c3:18:af:88:82:cd:e6:d6:f5:25:83:ac:63:f5:c4:
1a:b4:5b:9c:c9:8e:3e:f5:e7:df:16:26:b1:66:40:75:0e:a2:
b3:d0:f0:29:a1:0c:cf:32:11:fb:ea:65:73:91:47:a9:37:73:
16:34:ff:e2:6f:1c:bb:1c:d4:a1:94:85:85:bc:d6:6d:1d:b5:
f7:55:0b:a4:48:73:5a:8c:8b:81:99:70:54:70:5e:e5:4a:87:
40:6b:f7:8b:e5:90:ec:c0:9e:5b:de:08:41:e0:c4:ef:2e:83:
2d:70:a3:74:7e:85:41:bd:ff:ab:74:16:38:6a:a3:8f:81:62:
0f:e0:07:ad:65:5f:da:26:ac:ba:97:b0:a4:fc:d6:0f:58:96:
63:e7:37:a4:a0:c6:13:d4:79:c6:ee:7a:39:6e:1f:73:0d:b8:
20:2d:0f:0f:f3:15:68:57:79:0a:bf:52:c2:0f:42:e7:2b:1f:
5e:59:21:8c:90:85:35:2c:a1:1c:e5:ab:83:b3:74:95:67:e2:
38:24:91:3a:39:6c:38:6d:57:94:03:a5:8e:b9:56:a2:47:eb:
58:02:bc:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIDjlP0H8G73NZU1ECp/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc2ZjBhMDlmYmE1ZjRlOTBiNGIxMjdmYzA1NjljNTc3MjRkMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXPz9kJshxefRJGNid2RVCZm5TaR
U9JalbMAGqUwiLR+pbYoW6Cg5EfqaXdFNd5AOCnmLVAGMgXXRachX1ZVCSxdVJeI
tLFlzhotamaUtOJfIEFnpIGCBpU6zTyMyFh4K0jG26l5Lg3KQK+p7BdhG0HTFQq8
sMFo2AMkAeaLveQ0fhk9esRYwN089RbyGQv3wB0nFCcOa4cjZZY7ey46/DiPDPKw
DaAamthKL2rufowjH2DMrUyRLn6UMrrJVEm5TrrbbElYrCahkw28dGbVqS08bIPd
F2QANHkFfvdn0LWbA2dl9gVAuLS3RgghQ+bwBHy6ccxTKcij24UkIi1cjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKp28KCful9OkLSxJ/wFacV3JNKxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcW5id29KLTZYMDZRdExFbl9BVnB4WGNrMHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVCeAwQA
LVwBAwQAufHQAwQAy59aMA0GCSqGSIb3DQEBCwUAA4IBAQApNjAn7KXi5RU8Y4TR
lhFFl3PJ2jYhJ0Fxc9xQHqyIae8lbUElE9bDGK+Igs3m1vUlg6xj9cQatFucyY4+
9effFiaxZkB1DqKz0PApoQzPMhH76mVzkUepN3MWNP/ibxy7HNShlIWFvNZtHbX3
VQukSHNajIuBmXBUcF7lSodAa/eL5ZDswJ5b3ghB4MTvLoMtcKN0foVBvf+rdBY4
aqOPgWIP4AetZV/aJqy6l7Ck/NYPWJZj5zekoMYT1HnG7no5bh9zDbggLQ8P8xVo
V3kKv1LCD0LnKx9eWSGMkIU1LKEc5auDs3SVZ+I4JJE6OWw4bVeUA6WOuVaiR+tY
Arw6
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:46:04 2025 by rpki-client