Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qAXxUVMgSlwm9fZAarhCnAHwOh0.roa
File: qAXxUVMgSlwm9fZAarhCnAHwOh0.roa (raw, json)
Hash identifier: zNmzS+f41YWozTjWX7KeXbOzpDCDzPpI1bKFZ8m5CNc=
Subject key identifier: A8:05:F1:51:53:20:4A:5C:26:F5:F6:40:6A:B8:42:9C:01:F0:3A:1D
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA3C4D1021DDDA525BBFCDA8A8B2FD
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qAXxUVMgSlwm9fZAarhCnAHwOh0.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57746
IP address blocks: 176.223.96.0/22 maxlen: 22
176.223.96.0/23 maxlen: 23
176.223.98.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3c:4d:10:21:dd:da:52:5b:bf:cd:a8:a8:b2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a805f15153204a5c26f5f6406ab8429c01f03a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:3a:1b:5b:be:47:3f:0e:ba:ce:74:70:e9:
ef:42:5c:37:8e:68:cd:34:37:06:97:d8:07:b6:cc:
a6:aa:85:ef:de:5d:d7:d9:f8:3a:5e:90:cd:66:85:
19:cb:a2:cf:5d:81:4a:14:e5:4a:b4:c7:71:4d:d5:
30:16:67:52:f4:aa:50:c5:fb:26:7a:75:72:2b:b9:
26:38:32:c7:7f:ac:e9:31:d2:cc:d5:8a:2d:af:04:
a6:9b:2b:fb:7e:c4:1f:a2:66:ec:28:3e:63:16:3b:
87:81:87:a0:02:b6:cc:43:2b:39:98:69:91:0e:52:
04:f9:b8:aa:24:4b:42:cb:8c:8e:5e:98:6d:cd:80:
bd:13:c2:df:29:08:bb:3b:20:e7:96:69:78:c4:42:
a6:6a:5d:9e:85:03:cd:ef:e4:0b:75:f0:9c:3d:54:
13:6f:05:99:6b:57:22:2e:64:f4:c0:cd:32:91:89:
f3:46:e3:6c:ad:4c:68:19:ea:f7:60:13:0f:1d:36:
6d:7f:c3:bb:62:1c:dc:18:dc:02:90:7f:82:ef:b8:
21:ef:0d:96:5c:91:83:38:8f:30:b3:7d:dc:c1:d2:
8b:ad:a2:aa:06:b7:fa:81:20:7b:b9:ac:6e:af:f8:
9c:63:f5:9f:1d:78:79:86:a5:0c:b2:31:0d:65:ba:
93:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:05:F1:51:53:20:4A:5C:26:F5:F6:40:6A:B8:42:9C:01:F0:3A:1D
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/qAXxUVMgSlwm9fZAarhCnAHwOh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.96.0/22
Signature Algorithm: sha256WithRSAEncryption
36:a5:cc:51:a9:9c:88:2c:10:03:00:e3:dc:f1:1b:ce:17:a0:
e4:ae:f6:37:b4:b1:a5:2a:d7:b4:7b:aa:42:50:03:47:36:c2:
cf:cb:b0:18:71:13:94:e1:28:b8:78:00:fc:ac:d7:5d:dd:2c:
c3:87:82:5b:94:60:d8:0f:ad:d7:e5:6d:e2:6f:88:58:63:22:
4b:fe:e4:28:11:fc:8d:ab:7e:61:ec:32:c2:24:b1:99:a5:7c:
85:8a:10:48:ee:f8:b7:75:6d:43:10:45:ca:a0:92:0e:c6:82:
64:bf:04:1b:0d:dc:a9:e6:8a:34:c7:11:bb:7f:1b:c9:11:24:
0c:fc:4f:1b:e7:3e:9e:82:55:aa:eb:c4:1f:2e:b2:51:82:60:
c4:a0:74:97:74:eb:af:da:7a:ed:b8:b9:3d:83:3f:e0:8e:9f:
e3:de:7e:8b:41:72:49:ee:97:ae:e1:82:db:e8:5c:e1:6a:14:
0b:f2:62:95:26:cf:2e:e0:6b:cb:85:f2:8e:1f:48:c9:6e:48:
1f:70:22:8c:01:7c:ea:4c:5e:3d:f6:c0:c7:c1:6e:1d:70:47:
47:04:48:47:2e:e7:0b:6c:d4:5d:2f:fe:dd:4b:1c:32:6a:13:
fb:04:e3:2a:63:94:6f:36:a0:7c:01:9e:b5:cf:0c:8f:15:6a:
b0:ee:ad:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jxNECHd2lJbv82oqLL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA1ZjE1MTUzMjA0YTVjMjZmNWY2NDA2YWI4NDI5YzAxZjAzYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RU6G1u+Rz8Ous50cOnvQlw3jmjN
NDcGl9gHtsymqoXv3l3X2fg6XpDNZoUZy6LPXYFKFOVKtMdxTdUwFmdS9KpQxfsm
enVyK7kmODLHf6zpMdLM1YotrwSmmyv7fsQfombsKD5jFjuHgYegArbMQys5mGmR
DlIE+biqJEtCy4yOXphtzYC9E8LfKQi7OyDnlml4xEKmal2ehQPN7+QLdfCcPVQT
bwWZa1ciLmT0wM0ykYnzRuNsrUxoGer3YBMPHTZtf8O7YhzcGNwCkH+C77gh7w2W
XJGDOI8ws33cwdKLraKqBrf6gSB7uaxur/icY/WfHXh5hqUMsjENZbqTeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgF8VFTIEpcJvX2QGq4QpwB8DodMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvcUFYeFVWTWdTbHdtOWZaQWFyaENuQUh3T2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsN9gMA0G
CSqGSIb3DQEBCwUAA4IBAQA2pcxRqZyILBADAOPc8RvOF6DkrvY3tLGlKte0e6pC
UANHNsLPy7AYcROU4Si4eAD8rNdd3SzDh4JblGDYD63X5W3ib4hYYyJL/uQoEfyN
q35h7DLCJLGZpXyFihBI7vi3dW1DEEXKoJIOxoJkvwQbDdyp5oo0xxG7fxvJESQM
/E8b5z6eglWq68QfLrJRgmDEoHSXdOuv2nrtuLk9gz/gjp/j3n6LQXJJ7peu4YLb
6FzhahQL8mKVJs8u4GvLhfKOH0jJbkgfcCKMAXzqTF499sDHwW4dcEdHBEhHLucL
bNRdL/7dSxwyahP7BOMqY5RvNqB8AZ61zwyPFWqw7q33
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:57:31 2025 by rpki-client