Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/cqMIZbZG_XjFMjyio64LoSb9JEM.roa
File: cqMIZbZG_XjFMjyio64LoSb9JEM.roa (raw, json)
Hash identifier: xBYH5ZrjKUuPI62l0z0GQBA4FW4u95fkTkxgETr+i9Q=
Subject key identifier: 72:A3:08:65:B6:46:FD:78:C5:32:3C:A2:A3:AE:0B:A1:26:FD:24:43
Certificate issuer: /CN=a0a154441df9623eeb5a196138d21bef5824b441
Certificate serial: 019421B19EB80B14B0362D79CA968D43FE09
Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/cqMIZbZG_XjFMjyio64LoSb9JEM.roa
Signing time: Wed 01 Jan 2025 11:47:56 +0000
ROA not before: Wed 01 Jan 2025 11:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24641
IP address blocks: 77.240.176.0/20 maxlen: 24
81.19.0.0/20 maxlen: 24
85.132.144.0/20 maxlen: 24
95.129.96.0/21 maxlen: 21
185.146.4.0/22 maxlen: 22
2a02:e98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9e:b8:0b:14:b0:36:2d:79:ca:96:8d:43:fe:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441
Validity
Not Before: Jan 1 11:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a30865b646fd78c5323ca2a3ae0ba126fd2443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bd:91:e6:ad:75:3a:1a:15:5e:86:58:b9:de:
2d:20:29:b4:30:52:29:c5:5e:f8:36:0e:dc:7f:75:
66:b6:5e:5c:b8:5d:fa:dc:48:f9:a2:78:43:50:c6:
c6:69:fb:c0:c3:75:6a:4b:c1:32:56:ae:bf:06:5d:
2a:05:81:59:0b:9e:0f:fb:af:ca:7e:ae:b2:29:15:
f4:39:e8:f0:33:47:23:b5:fe:2d:ca:bc:ce:65:50:
6f:42:8b:0c:49:bf:19:6f:a9:e2:f2:1d:32:b4:5f:
23:ce:13:10:d0:4e:16:74:c0:2e:39:15:cd:ed:90:
8d:e4:9c:6c:95:a9:17:12:c8:62:6f:2c:75:50:84:
26:d9:ee:14:0f:4c:c4:6a:bd:d5:5a:9f:d4:1f:63:
ff:eb:29:29:69:71:ff:e4:15:d2:b5:3c:ee:5a:92:
49:b0:92:bc:8c:77:ee:4c:7d:2b:9b:31:f9:27:82:
92:f3:47:b0:3c:e4:76:89:ef:3f:cd:95:1a:7a:05:
47:60:12:14:7e:64:87:7f:a5:31:94:97:64:1e:fa:
17:49:6b:b6:ee:0d:b2:f7:d2:f7:1c:92:4d:f8:4b:
86:d8:4a:68:bd:e4:48:d0:bd:f8:a5:97:44:0b:42:
e7:46:c3:0c:41:78:07:0b:17:d4:8c:08:b4:09:a0:
fd:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A3:08:65:B6:46:FD:78:C5:32:3C:A2:A3:AE:0B:A1:26:FD:24:43
X509v3 Authority Key Identifier:
keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/cqMIZbZG_XjFMjyio64LoSb9JEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.176.0/20
81.19.0.0/20
85.132.144.0/20
95.129.96.0/21
185.146.4.0/22
IPv6:
2a02:e98::/32
Signature Algorithm: sha256WithRSAEncryption
53:d1:bf:70:a9:e4:c0:f5:d8:b1:82:97:d0:09:c8:53:35:c6:
c3:6a:33:b0:0b:1a:ef:60:e8:02:ac:8e:fe:29:8b:d1:2b:6e:
d2:8f:85:3f:18:fa:a2:13:aa:b5:97:14:13:1b:8c:3f:c0:d8:
36:a7:91:4e:c3:93:b2:ac:ff:05:2f:ac:70:9d:01:41:01:b4:
92:f4:53:5b:5c:01:95:f8:06:71:ec:ae:1a:62:d2:00:1e:ea:
64:c5:09:99:3c:c0:32:08:68:54:0f:a6:c5:3f:cd:54:11:4c:
f8:0f:98:28:da:a7:90:ba:e2:d7:11:ac:03:63:af:44:f0:58:
53:74:50:d6:2a:b6:c9:74:5a:aa:53:9e:17:3b:65:09:7c:58:
e7:04:0f:35:a5:f6:97:67:42:af:1d:b9:4b:57:a9:73:2d:3a:
90:63:b4:b1:a2:d0:19:2e:46:be:08:b8:1e:57:59:75:f9:2b:
0b:9a:b1:de:f0:4b:98:02:35:2a:12:84:ab:cf:b9:aa:e3:de:
6e:89:2f:54:59:b7:fa:68:85:c2:01:3d:aa:85:46:21:39:84:
5d:1b:e6:ca:ca:d9:a8:92:4f:c0:d7:b8:ee:38:94:82:58:ce:
28:4c:4f:c7:f9:a8:56:c2:b6:d3:ec:ea:ae:63:c5:f9:44:07:
ff:e7:39:e9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQhsZ64CxSwNi15ypaNQ/4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy
NGI0NDEwHhcNMjUwMTAxMTE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmEzMDg2NWI2NDZmZDc4YzUzMjNjYTJhM2FlMGJhMTI2ZmQyNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib2R5q11OhoVXoZYud4tICm0MFIp
xV74Ng7cf3Vmtl5cuF363Ej5onhDUMbGafvAw3VqS8EyVq6/Bl0qBYFZC54P+6/K
fq6yKRX0OejwM0cjtf4tyrzOZVBvQosMSb8Zb6ni8h0ytF8jzhMQ0E4WdMAuORXN
7ZCN5JxslakXEshibyx1UIQm2e4UD0zEar3VWp/UH2P/6ykpaXH/5BXStTzuWpJJ
sJK8jHfuTH0rmzH5J4KS80ewPOR2ie8/zZUaegVHYBIUfmSHf6UxlJdkHvoXSWu2
7g2y99L3HJJN+EuG2EpoveRI0L34pZdEC0LnRsMMQXgHCxfUjAi0CaD91wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHKjCGW2Rv14xTI8oqOuC6Em/SRDMB8GA1UdIwQY
MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt
OWQ5NDM2NzFhOGEzLzEvY3FNSVpiWkdfWGpGTWp5aW82NExvU2I5SkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz
LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfCwAwQE
URMAAwQEVYSQAwQDX4FgAwQCuZIEMA0EAgACMAcDBQAqAg6YMA0GCSqGSIb3DQEB
CwUAA4IBAQBT0b9wqeTA9dixgpfQCchTNcbDajOwCxrvYOgCrI7+KYvRK27Sj4U/
GPqiE6q1lxQTG4w/wNg2p5FOw5OyrP8FL6xwnQFBAbSS9FNbXAGV+AZx7K4aYtIA
HupkxQmZPMAyCGhUD6bFP81UEUz4D5go2qeQuuLXEawDY69E8FhTdFDWKrbJdFqq
U54XO2UJfFjnBA81pfaXZ0KvHblLV6lzLTqQY7SxotAZLka+CLgeV1l1+SsLmrHe
8EuYAjUqEoSrz7mq495uiS9UWbf6aIXCAT2qhUYhOYRdG+bKytmokk/A17juOJSC
WM4oTE/H+ahWwrbT7OquY8X5RAf/5znp
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:08 2025 by rpki-client