Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/QZDKvK6iw_tPh27glx9LTGGHSYU.roa
File: QZDKvK6iw_tPh27glx9LTGGHSYU.roa (raw, json)
Hash identifier: XgdxnkBVQi+6Pi+BDAfBhOhlkd5fb/2ukIHoQx2+z08=
Subject key identifier: 41:90:CA:BC:AE:A2:C3:FB:4F:87:6E:E0:97:1F:4B:4C:61:87:49:85
Certificate issuer: /CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Certificate serial: 01942067E42B4765B5A7809BC1AF7827DB28
Authority key identifier: 5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/QZDKvK6iw_tPh27glx9LTGGHSYU.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57869
IP address blocks: 5.154.168.0/23 maxlen: 23
5.154.228.0/23 maxlen: 23
5.154.248.0/22 maxlen: 22
5.154.248.0/23 maxlen: 23
5.154.250.0/23 maxlen: 23
82.118.0.0/20 maxlen: 20
82.118.0.0/22 maxlen: 22
82.118.2.0/24 maxlen: 24
82.118.3.0/24 maxlen: 24
82.118.4.0/22 maxlen: 22
82.118.5.0/24 maxlen: 24
82.118.6.0/24 maxlen: 24
82.118.7.0/24 maxlen: 24
82.118.8.0/22 maxlen: 22
82.118.8.0/24 maxlen: 24
82.118.9.0/24 maxlen: 24
82.118.10.0/24 maxlen: 24
82.118.11.0/24 maxlen: 24
82.118.12.0/23 maxlen: 23
82.118.14.0/23 maxlen: 23
185.36.68.0/22 maxlen: 22
185.36.68.0/23 maxlen: 23
185.36.70.0/23 maxlen: 23
213.91.96.0/22 maxlen: 22
213.91.100.0/22 maxlen: 22
213.91.104.0/22 maxlen: 22
213.91.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e4:2b:47:65:b5:a7:80:9b:c1:af:78:27:db:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4190cabcaea2c3fb4f876ee0971f4b4c61874985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3e:90:24:7c:da:fa:da:cc:4c:f8:9c:51:ef:
37:a6:53:e0:de:df:38:fa:60:f3:1e:06:cd:48:18:
f2:eb:ff:90:18:9c:cc:40:5f:56:11:14:00:d3:6d:
13:b5:06:34:68:f3:ff:fc:10:d7:85:d9:f8:e0:2d:
3a:22:17:ad:38:02:a9:e5:ca:f4:13:06:5d:a9:a6:
2c:9e:fa:1a:6d:e2:ac:9e:43:d9:ad:82:79:b2:52:
28:01:1b:74:38:e1:3c:a7:5e:7a:79:a2:0b:f6:cb:
b8:74:64:34:45:11:e3:88:58:5c:82:e1:17:d4:a8:
fd:c2:f7:1d:d5:3a:d1:40:51:d7:14:fe:b7:ae:9f:
67:50:da:85:d9:4b:29:a7:e7:fe:74:46:c3:56:33:
ee:77:17:5d:1a:75:fb:f7:0d:25:8f:6b:71:83:58:
9e:82:12:58:71:9e:eb:23:cd:b4:6d:62:21:c8:fa:
5b:4c:ef:5f:3f:99:81:f8:81:76:64:ec:56:e9:90:
60:d0:be:d8:8a:89:dc:b3:31:73:8d:f6:d2:80:91:
ae:88:7f:da:7a:24:f2:ea:c4:05:fe:cc:c9:3d:b8:
c3:c5:90:6b:6c:36:ee:33:8b:05:34:ef:38:f8:e0:
02:9b:90:97:77:42:c5:89:3d:63:77:98:8f:dd:33:
16:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:CA:BC:AE:A2:C3:FB:4F:87:6E:E0:97:1F:4B:4C:61:87:49:85
X509v3 Authority Key Identifier:
keyid:5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/QZDKvK6iw_tPh27glx9LTGGHSYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.168.0/23
5.154.228.0/23
5.154.248.0/22
82.118.0.0/20
185.36.68.0/22
213.91.96.0/20
Signature Algorithm: sha256WithRSAEncryption
69:67:3a:5f:0c:a7:9c:16:60:a5:14:a0:c3:57:5e:8f:05:3d:
e8:ac:7a:17:ca:f3:27:36:e8:26:8e:f6:2a:36:da:c4:b5:84:
c4:4b:81:48:57:1f:01:1e:4c:f1:4e:94:ef:75:53:5f:50:ad:
7e:39:b8:50:4f:83:97:b0:78:50:45:02:c6:3e:35:b8:47:a8:
50:62:8c:f4:cb:44:98:1b:25:97:2b:2d:44:f4:99:dd:83:8e:
b2:9f:16:47:d5:bf:c8:e0:82:df:c6:ee:b1:3d:7e:7e:de:21:
7b:db:97:72:8b:4f:ef:1d:9a:d0:9d:7a:51:0b:1b:da:11:f2:
9d:14:c2:63:7d:28:93:1b:95:0e:7d:4b:0a:d7:c0:8c:44:23:
ce:97:e1:0d:9f:64:07:2d:bf:cb:02:4b:c9:e8:5f:e1:54:4f:
bd:bd:8c:5b:a6:23:a0:8d:f6:59:3e:b0:ba:35:b1:ea:a7:60:
2a:db:2a:b9:67:a8:59:20:3a:98:56:7a:29:0d:50:69:52:81:
ac:66:ca:c1:57:ee:03:7b:bb:ea:13:15:03:d0:b1:a1:b3:de:
91:50:b4:0d:1b:62:08:d1:b1:63:f4:34:4b:dc:f5:21:c9:56:
42:eb:40:21:75:eb:6a:af:8a:39:bd:c9:84:31:be:7d:f4:12:
a2:a2:67:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgZ+QrR2W1p4Cbwa94J9soMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjVmMDVmMTJiNTIwNzY4NjhlZWZjZDE0YWZjZWMxOTJm
ZTJjZjIwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTkwY2FiY2FlYTJjM2ZiNGY4NzZlZTA5NzFmNGI0YzYxODc0OTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT6QJHza+trMTPicUe83plPg3t84
+mDzHgbNSBjy6/+QGJzMQF9WERQA020TtQY0aPP//BDXhdn44C06IhetOAKp5cr0
EwZdqaYsnvoabeKsnkPZrYJ5slIoARt0OOE8p156eaIL9su4dGQ0RRHjiFhcguEX
1Kj9wvcd1TrRQFHXFP63rp9nUNqF2Uspp+f+dEbDVjPudxddGnX79w0lj2txg1ie
ghJYcZ7rI820bWIhyPpbTO9fP5mB+IF2ZOxW6ZBg0L7YioncszFzjfbSgJGuiH/a
eiTy6sQF/szJPbjDxZBrbDbuM4sFNO84+OACm5CXd0LFiT1jd5iP3TMWfQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEGQyryuosP7T4du4JcfS0xhh0mFMB8GA1UdIwQY
MBaAFFu18F8StSB2ho7vzRSvzsGS/izyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdYd1h4SzFJSGFHanVfTkZLX093WkwtTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85OGFkYzEtNmZmOC00OTU5LWEzNDQt
ZGI2Y2E2ZTRkNGEzLzEvUVpES3ZLNml3X3RQaDI3Z2x4OUxUR0dIU1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85OGFkYzEtNmZmOC00OTU5LWEzNDQtZGI2Y2E2ZTRkNGEz
LzEvVzdYd1h4SzFJSGFHanVfTkZLX093WkwtTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBZqoAwQB
BZrkAwQCBZr4AwQEUnYAAwQCuSREAwQE1VtgMA0GCSqGSIb3DQEBCwUAA4IBAQBp
ZzpfDKecFmClFKDDV16PBT3orHoXyvMnNugmjvYqNtrEtYTES4FIVx8BHkzxTpTv
dVNfUK1+ObhQT4OXsHhQRQLGPjW4R6hQYoz0y0SYGyWXKy1E9Jndg46ynxZH1b/I
4ILfxu6xPX5+3iF725dyi0/vHZrQnXpRCxvaEfKdFMJjfSiTG5UOfUsK18CMRCPO
l+ENn2QHLb/LAkvJ6F/hVE+9vYxbpiOgjfZZPrC6NbHqp2Aq2yq5Z6hZIDqYVnop
DVBpUoGsZsrBV+4De7vqExUD0LGhs96RULQNG2II0bFj9DRL3PUhyVZC60Ahdetq
r4o5vcmEMb599BKiomcx
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:03:10 2025 by rpki-client