Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/cqMsKKEpjqP4gOzkP6YxkMm3WxE.roa
File: cqMsKKEpjqP4gOzkP6YxkMm3WxE.roa (raw, json)
Hash identifier: cpcpc/9CzEy+wkt4CwIjle5PkQNTLuHjrssCk9RjDo4=
Subject key identifier: 72:A3:2C:28:A1:29:8E:A3:F8:80:EC:E4:3F:A6:31:90:C9:B7:5B:11
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 01973B090B8DD0710E8F4767CA5AFF3C3029
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/cqMsKKEpjqP4gOzkP6YxkMm3WxE.roa
Signing time: Wed 04 Jun 2025 13:02:17 +0000
ROA not before: Wed 04 Jun 2025 13:02:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58325
IP address blocks: 212.68.172.0/22 maxlen: 22
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/22 maxlen: 22
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.184.0/22 maxlen: 22
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 07:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:09:0b:8d:d0:71:0e:8f:47:67:ca:5a:ff:3c:30:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jun 4 13:02:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a32c28a1298ea3f880ece43fa63190c9b75b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1d:1e:48:3f:08:aa:50:6a:02:94:ff:e9:ae:
74:8b:65:85:5c:f8:aa:a9:d1:bb:f8:2f:d8:b4:fb:
07:6f:8a:03:27:7d:ab:b8:d7:b1:be:7b:e1:0d:68:
12:66:da:c4:64:74:15:d5:78:87:ca:bc:72:bb:13:
72:63:62:7f:5b:21:99:16:8c:67:ae:51:46:87:80:
cb:ed:ce:2c:d8:78:ce:e8:a4:cd:f5:d6:a1:fc:15:
23:f7:7e:a6:e3:0f:9f:77:3c:aa:4b:d0:6e:de:02:
ef:d9:3a:f4:f6:76:1c:60:bb:57:92:b3:73:d7:82:
b8:04:d9:cd:28:81:59:a9:0f:e1:fd:b6:bd:62:93:
46:06:ef:8f:ff:1a:4b:19:79:a7:1b:9e:61:6c:70:
fc:c8:36:3c:29:bf:4d:54:30:6a:ae:88:6d:76:46:
e2:c4:d5:8f:48:c9:bc:a7:ef:7e:b5:16:c7:3c:f9:
5b:e4:57:5e:68:fd:2a:60:67:8c:b8:40:d2:29:b1:
5f:6e:a2:db:5d:70:02:50:30:0a:0d:55:b1:ec:97:
75:7e:6a:a3:dc:9c:51:32:02:78:31:31:4e:0f:f8:
e5:9b:58:33:91:78:cb:3e:9a:66:85:df:20:6e:6d:
fd:da:50:08:01:1a:d3:56:e5:34:ae:d5:f3:c0:8d:
73:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:2C:28:A1:29:8E:A3:F8:80:EC:E4:3F:A6:31:90:C9:B7:5B:11
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/cqMsKKEpjqP4gOzkP6YxkMm3WxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.172.0-212.68.179.255
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:c5:23:24:4f:d7:1c:68:81:1d:d2:b3:19:20:37:b1:10:50:
6c:05:cd:da:3b:04:c1:a1:26:80:09:0b:6e:90:ed:95:d1:a2:
a4:04:d2:9a:ad:8a:5c:b0:03:ac:84:46:3a:d3:bb:39:47:cf:
eb:e4:27:b7:4c:e1:34:8b:3b:4e:86:79:78:27:a5:b6:92:76:
04:d1:8f:24:76:bc:7d:1f:90:8e:48:be:1f:da:2c:19:d3:fc:
86:73:d7:e6:e3:00:24:ca:a3:0a:3f:7e:53:5f:7b:b3:1f:ab:
d3:fc:41:d0:bb:9a:d8:b8:0b:e8:ee:2b:1a:83:40:a8:2c:16:
6a:80:a4:42:be:61:9f:27:11:c9:80:b0:b4:c6:0c:3f:05:4a:
df:ad:5a:a1:63:eb:9e:c0:12:72:15:fd:e5:b6:02:64:2f:57:
6f:85:5b:6e:25:fd:99:30:38:2a:bb:15:73:16:b3:ce:de:ce:
c7:1e:18:09:b4:79:03:b4:85:76:a4:8b:dd:96:6f:32:aa:80:
ee:92:80:9c:7f:76:c4:2c:d6:42:5d:07:33:f8:3d:7f:92:6c:
34:5a:3e:1f:9a:62:61:0c:d7:72:24:43:d7:4b:aa:4c:f2:a3:
91:a7:a2:a3:24:96:ec:f7:fd:c0:59:86:a8:ac:75:7d:87:84:
fc:52:5c:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZc7CQuN0HEOj0dnylr/PDApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwNjA0MTMwMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEzMmMyOGExMjk4ZWEzZjg4MGVjZTQzZmE2MzE5MGM5Yjc1YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R0eSD8IqlBqApT/6a50i2WFXPiq
qdG7+C/YtPsHb4oDJ32ruNexvnvhDWgSZtrEZHQV1XiHyrxyuxNyY2J/WyGZFoxn
rlFGh4DL7c4s2HjO6KTN9dah/BUj936m4w+fdzyqS9Bu3gLv2Tr09nYcYLtXkrNz
14K4BNnNKIFZqQ/h/ba9YpNGBu+P/xpLGXmnG55hbHD8yDY8Kb9NVDBqrohtdkbi
xNWPSMm8p+9+tRbHPPlb5FdeaP0qYGeMuEDSKbFfbqLbXXACUDAKDVWx7Jd1fmqj
3JxRMgJ4MTFOD/jlm1gzkXjLPppmhd8gbm392lAIARrTVuU0rtXzwI1zAQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHKjLCihKY6j+IDs5D+mMZDJt1sRMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvY3FNc0tLRXBqcVA0Z096a1A2WXhrTW0zV3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALURKwD
BALURLADBALURLgwDQYJKoZIhvcNAQELBQADggEBACrFIyRP1xxogR3SsxkgN7EQ
UGwFzdo7BMGhJoAJC26Q7ZXRoqQE0pqtilywA6yERjrTuzlHz+vkJ7dM4TSLO06G
eXgnpbaSdgTRjyR2vH0fkI5Ivh/aLBnT/IZz1+bjACTKowo/flNfe7Mfq9P8QdC7
mti4C+juKxqDQKgsFmqApEK+YZ8nEcmAsLTGDD8FSt+tWqFj657AEnIV/eW2AmQv
V2+FW24l/ZkwOCq7FXMWs87ezsceGAm0eQO0hXaki92WbzKqgO6SgJx/dsQs1kJd
BzP4PX+SbDRaPh+aYmEM13IkQ9dLqkzyo5GnoqMkluz3/cBZhqisdX2HhPxSXEg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:38:05 2025 by rpki-client