Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qz62HDG2_EqUuVzVG1nZrlV0SqM.roa
File: qz62HDG2_EqUuVzVG1nZrlV0SqM.roa (raw, json)
Hash identifier: noB/OB5yuHhMRO/BBPS1E1dVejoE0qiveznXRbCzLXs=
Subject key identifier: AB:3E:B6:1C:31:B6:FC:4A:94:B9:5C:D5:1B:59:D9:AE:55:74:4A:A3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0194274814584D843A182061A0651AE2E682
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qz62HDG2_EqUuVzVG1nZrlV0SqM.roa
Signing time: Thu 02 Jan 2025 13:50:22 +0000
ROA not before: Thu 02 Jan 2025 13:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2a07:7880::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0e:f500::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:14:58:4d:84:3a:18:20:61:a0:65:1a:e2:e6:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab3eb61c31b6fc4a94b95cd51b59d9ae55744aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:d2:14:fe:ae:72:f3:5b:c4:6d:cd:71:ef:
94:30:34:d9:e4:29:d3:bf:b1:d0:aa:46:14:b0:65:
df:ac:2b:af:87:b0:fb:f3:a2:2a:9b:ff:6c:5c:93:
07:55:23:d4:05:81:a5:63:c9:22:cf:9e:d2:bd:59:
87:74:48:e7:c4:80:c9:0d:d9:77:16:02:3d:e9:9d:
72:42:ed:4c:22:7a:4f:11:02:0c:2e:76:87:c8:ed:
bf:fa:bb:4e:7b:a1:8e:40:ea:2e:60:ce:8a:c3:25:
e4:d9:58:91:9f:2c:5d:96:01:c3:ec:48:13:98:07:
67:78:35:16:27:8a:6e:06:59:dd:f4:14:5b:a5:7c:
97:33:b1:4d:ff:f1:2d:26:a3:28:b9:eb:a3:54:83:
f1:c0:08:40:47:5b:54:93:97:77:d5:20:19:d9:bf:
8e:1d:b0:11:b6:7b:1d:b6:56:4f:a1:96:c8:05:1d:
4b:8b:ed:16:8f:25:03:ce:61:89:98:9e:ab:4f:ba:
e7:a2:17:76:e1:f2:71:86:80:98:2b:e0:65:52:fe:
d7:9c:4c:e4:14:d9:a1:28:e4:8c:f6:9d:1a:7c:d5:
f2:d4:c3:80:34:3c:48:33:76:05:ad:50:84:6a:d4:
76:a3:9e:3c:88:a0:e0:13:47:5c:f4:72:48:0e:3b:
91:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3E:B6:1C:31:B6:FC:4A:94:B9:5C:D5:1B:59:D9:AE:55:74:4A:A3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qz62HDG2_EqUuVzVG1nZrlV0SqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7880::/29
2a0d:8f80::/29
2a0e:f500::/29
2a10:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
64:c8:a0:51:4e:a1:91:0e:5f:c9:b6:79:37:22:e2:aa:48:69:
b1:1a:15:2e:0c:94:f0:c6:73:4a:04:e3:52:91:b2:ec:03:62:
7d:5d:08:6f:fc:df:bd:8d:24:b5:3c:b8:d5:77:f6:71:e8:d1:
63:5b:d8:dc:ff:19:6a:a2:9d:4e:dd:5a:83:ca:6a:24:52:cd:
ca:a9:86:a8:77:96:d3:96:aa:4f:a2:6e:89:f4:37:32:fe:9f:
24:e3:d0:15:26:7f:e0:d2:c9:08:27:82:4f:6b:ee:b1:93:b8:
89:29:a4:2d:6e:e9:67:65:37:c9:7e:30:cb:cb:a8:ce:64:6f:
92:ce:c0:72:26:bd:5f:31:89:51:0a:ca:f1:d2:28:dd:cc:49:
b3:ab:87:60:8e:f5:74:08:aa:db:b8:21:35:16:37:d5:50:95:
89:a4:54:d4:8b:7c:d9:6f:04:9f:1e:dd:40:d4:f7:29:ab:66:
b1:c5:9f:f0:fe:7f:2a:87:85:11:96:df:7d:69:f1:59:a7:af:
43:06:4d:0d:a9:e8:36:91:11:54:ab:c3:31:5c:eb:48:30:ab:
73:d6:b1:78:95:eb:f3:e6:17:94:2e:84:32:d4:13:76:72:cf:
b4:d2:5e:0c:1b:bf:e2:ff:9c:6f:b5:11:13:b5:00:52:d8:d3:
40:7d:b2:1c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQnSBRYTYQ6GCBhoGUa4uaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNlYjYxYzMxYjZmYzRhOTRiOTVjZDUxYjU5ZDlhZTU1NzQ0YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHzSFP6ucvNbxG3Nce+UMDTZ5CnT
v7HQqkYUsGXfrCuvh7D786Iqm/9sXJMHVSPUBYGlY8kiz57SvVmHdEjnxIDJDdl3
FgI96Z1yQu1MInpPEQIMLnaHyO2/+rtOe6GOQOouYM6KwyXk2ViRnyxdlgHD7EgT
mAdneDUWJ4puBlnd9BRbpXyXM7FN//EtJqMoueujVIPxwAhAR1tUk5d31SAZ2b+O
HbARtnsdtlZPoZbIBR1Li+0WjyUDzmGJmJ6rT7rnohd24fJxhoCYK+BlUv7XnEzk
FNmhKOSM9p0afNXy1MOANDxIM3YFrVCEatR2o548iKDgE0dc9HJIDjuRVQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKs+thwxtvxKlLlc1RtZ2a5VdEqjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcXo2MkhERzJfRXFVdVZ6VkcxblpybFYwU3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgd4gAMF
AyoNj4ADBQMqDvUAAwUDKhA3wDANBgkqhkiG9w0BAQsFAAOCAQEAZMigUU6hkQ5f
ybZ5NyLiqkhpsRoVLgyU8MZzSgTjUpGy7ANifV0Ib/zfvY0ktTy41Xf2cejRY1vY
3P8ZaqKdTt1ag8pqJFLNyqmGqHeW05aqT6JuifQ3Mv6fJOPQFSZ/4NLJCCeCT2vu
sZO4iSmkLW7pZ2U3yX4wy8uozmRvks7Acia9XzGJUQrK8dIo3cxJs6uHYI71dAiq
27ghNRY31VCViaRU1It82W8Enx7dQNT3KatmscWf8P5/KoeFEZbffWnxWaevQwZN
DanoNpERVKvDMVzrSDCrc9axeJXr8+YXlC6EMtQTdnLPtNJeDBu/4v+cb7URE7UA
UtjTQH2yHA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:41:23 2025 by rpki-client