Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/v_uqFNyNrjwxcamsF3cO6qzXKVI.roa
File: v_uqFNyNrjwxcamsF3cO6qzXKVI.roa (raw, json)
Hash identifier: 8Loff474F2iUwQ0Ne9OGFLSGYhgKQSa6EgjZzTy3738=
Subject key identifier: BF:FB:AA:14:DC:8D:AE:3C:31:71:A9:AC:17:77:0E:EA:AC:D7:29:52
Certificate issuer: /CN=96ab4697a6a48f6c6c693e3839bfd5b3fb0e3bf1
Certificate serial: 019420D5E6371470A86FEA2D917048DCE365
Authority key identifier: 96:AB:46:97:A6:A4:8F:6C:6C:69:3E:38:39:BF:D5:B3:FB:0E:3B:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lqtGl6akj2xsaT44Ob_Vs_sOO_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/v_uqFNyNrjwxcamsF3cO6qzXKVI.roa
Signing time: Wed 01 Jan 2025 07:47:56 +0000
ROA not before: Wed 01 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49088
IP address blocks: 45.86.108.0/22 maxlen: 22
45.90.92.0/22 maxlen: 22
45.135.68.0/22 maxlen: 22
62.146.244.0/22 maxlen: 22
91.212.72.0/23 maxlen: 23
91.212.160.0/23 maxlen: 23
185.144.72.0/22 maxlen: 22
185.214.200.0/22 maxlen: 22
185.216.184.0/22 maxlen: 22
195.39.250.0/23 maxlen: 23
195.39.252.0/23 maxlen: 23
2a07:3d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/lqtGl6akj2xsaT44Ob_Vs_sOO_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/lqtGl6akj2xsaT44Ob_Vs_sOO_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/lqtGl6akj2xsaT44Ob_Vs_sOO_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e6:37:14:70:a8:6f:ea:2d:91:70:48:dc:e3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ab4697a6a48f6c6c693e3839bfd5b3fb0e3bf1
Validity
Not Before: Jan 1 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bffbaa14dc8dae3c3171a9ac17770eeaacd72952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:b0:84:d0:a8:3f:38:64:fe:bf:fe:3d:93:
07:2d:17:96:10:44:03:d7:a0:96:c9:07:70:1c:b5:
4f:89:de:14:86:7a:55:77:86:5a:5f:f0:45:67:19:
25:25:50:30:b3:ee:db:4b:e6:dc:d2:fc:04:ba:c3:
59:01:49:fa:b9:9a:b4:dd:78:d3:5d:30:b8:63:78:
68:11:9b:0d:37:c2:19:b7:1b:57:db:7c:25:ba:ac:
be:45:42:bd:c0:cf:7a:b7:8e:8a:39:6a:cd:38:d9:
c7:23:11:61:7a:3c:de:90:2a:41:da:05:3f:26:ec:
e5:62:14:d0:fb:f0:78:34:a3:d5:2a:f5:3e:2e:a1:
eb:f5:e2:ec:51:0e:14:15:bb:01:d8:83:c2:f2:51:
59:20:63:56:36:d4:e0:89:dd:fe:d1:6b:32:e7:96:
fb:1e:37:be:10:5b:8b:87:ee:f2:cc:71:78:22:aa:
1b:57:ff:4f:c9:b1:ea:75:01:c6:6f:11:84:91:50:
6e:e3:8c:39:8e:f4:25:e9:21:cd:39:ef:ae:8e:19:
71:92:b7:78:29:14:e6:81:87:72:70:34:df:31:bc:
f7:cb:f4:11:37:3d:be:d8:5d:24:86:e2:03:a5:e9:
1c:93:77:0f:4c:ef:7e:72:b9:d4:e2:fc:da:1c:2c:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:FB:AA:14:DC:8D:AE:3C:31:71:A9:AC:17:77:0E:EA:AC:D7:29:52
X509v3 Authority Key Identifier:
keyid:96:AB:46:97:A6:A4:8F:6C:6C:69:3E:38:39:BF:D5:B3:FB:0E:3B:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lqtGl6akj2xsaT44Ob_Vs_sOO_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/v_uqFNyNrjwxcamsF3cO6qzXKVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/371ca9-56ad-4d12-96f4-3b1e722a9dc8/1/lqtGl6akj2xsaT44Ob_Vs_sOO_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.108.0/22
45.90.92.0/22
45.135.68.0/22
62.146.244.0/22
91.212.72.0/23
91.212.160.0/23
185.144.72.0/22
185.214.200.0/22
185.216.184.0/22
195.39.250.0-195.39.253.255
IPv6:
2a07:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
ab:f8:43:75:c1:7d:c7:53:d1:ee:6b:ea:ec:0c:5a:ff:13:95:
bc:24:3b:28:41:b1:d6:f7:7b:f8:80:17:e8:a7:1c:59:a9:c9:
3a:41:63:04:09:f2:31:9d:cc:2c:4c:ce:b5:7a:39:6e:fe:94:
d9:91:bb:00:b6:22:bb:c4:0f:b7:d3:17:2b:e2:ee:e2:a6:d3:
cf:cd:85:46:c2:1b:90:2f:ab:df:07:71:3c:79:cd:f6:f3:ee:
54:57:01:05:73:ee:d2:7e:ad:9b:b8:83:5a:3a:04:b3:34:93:
82:0c:7a:90:31:a8:1b:b8:ae:af:1a:b7:8a:a6:2c:60:86:6e:
32:6c:d9:29:53:41:9a:cc:36:42:b9:0c:4c:e7:58:3c:5e:c3:
11:1f:8f:52:f8:21:d6:78:a5:f6:ba:7b:b8:72:c7:0b:bb:0e:
d4:d2:a0:67:b1:7e:f2:91:e0:19:20:e7:7f:18:35:2e:70:ca:
66:74:74:93:59:81:7d:ab:da:38:25:fa:22:fb:fa:53:e5:cd:
78:04:f2:c6:b6:80:94:16:8c:42:dc:5d:57:fc:ce:d8:36:71:
a6:e8:cc:0f:1e:d6:db:e8:4d:bb:a1:4c:2f:70:16:09:80:31:
31:94:c4:f5:b4:9a:65:0c:a3:d3:a9:45:52:bf:85:ea:63:df:
3b:7c:cf:79
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQg1eY3FHCob+otkXBI3ONlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YWI0Njk3YTZhNDhmNmM2YzY5M2UzODM5YmZkNWIzZmIw
ZTNiZjEwHhcNMjUwMTAxMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmZiYWExNGRjOGRhZTNjMzE3MWE5YWMxNzc3MGVlYWFjZDcyOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXuwhNCoPzhk/r/+PZMHLReWEEQD
16CWyQdwHLVPid4UhnpVd4ZaX/BFZxklJVAws+7bS+bc0vwEusNZAUn6uZq03XjT
XTC4Y3hoEZsNN8IZtxtX23wluqy+RUK9wM96t46KOWrNONnHIxFhejzekCpB2gU/
JuzlYhTQ+/B4NKPVKvU+LqHr9eLsUQ4UFbsB2IPC8lFZIGNWNtTgid3+0Wsy55b7
Hje+EFuLh+7yzHF4IqobV/9PybHqdQHGbxGEkVBu44w5jvQl6SHNOe+ujhlxkrd4
KRTmgYdycDTfMbz3y/QRNz2+2F0khuIDpekck3cPTO9+crnU4vzaHCzLcQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFL/7qhTcja48MXGprBd3Duqs1ylSMB8GA1UdIwQY
MBaAFJarRpempI9sbGk+ODm/1bP7DjvxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHF0R2w2YWtqMnhzYVQ0NE9iX1ZzX3NPT19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zNzFjYTktNTZhZC00ZDEyLTk2ZjQt
M2IxZTcyMmE5ZGM4LzEvdl91cUZOeU5yand4Y2Ftc0YzY082cXpYS1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8zNzFjYTktNTZhZC00ZDEyLTk2ZjQtM2IxZTcyMmE5ZGM4
LzEvbHF0R2w2YWtqMnhzYVQ0NE9iX1ZzX3NPT19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCLVZsAwQC
LVpcAwQCLYdEAwQCPpL0AwQBW9RIAwQBW9SgAwQCuZBIAwQCudbIAwQCudi4MAwD
BAHDJ/oDBAHDJ/wwDQQCAAIwBwMFAyoHPQAwDQYJKoZIhvcNAQELBQADggEBAKv4
Q3XBfcdT0e5r6uwMWv8TlbwkOyhBsdb3e/iAF+inHFmpyTpBYwQJ8jGdzCxMzrV6
OW7+lNmRuwC2IrvED7fTFyvi7uKm08/NhUbCG5Avq98HcTx5zfbz7lRXAQVz7tJ+
rZu4g1o6BLM0k4IMepAxqBu4rq8at4qmLGCGbjJs2SlTQZrMNkK5DEznWDxewxEf
j1L4IdZ4pfa6e7hyxwu7DtTSoGexfvKR4Bkg538YNS5wymZ0dJNZgX2r2jgl+iL7
+lPlzXgE8sa2gJQWjELcXVf8ztg2cabozA8e1tvoTbuhTC9wFgmAMTGUxPW0mmUM
o9OpRVK/hepj3zt8z3k=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:17 2025 by rpki-client