Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/QcUww1gBut5P9LED1fX9vTB1tFI.roa
File: QcUww1gBut5P9LED1fX9vTB1tFI.roa (raw, json)
Hash identifier: L8MG8T6h4oWceQxYV3j9aYR1Fk9m/+E+nrLcLpw/ZNc=
Subject key identifier: 41:C5:30:C3:58:01:BA:DE:4F:F4:B1:03:D5:F5:FD:BD:30:75:B4:52
Certificate issuer: /CN=93d4c4ad731e45ed320a2f38ab70b7a7bff7ea79
Certificate serial: 019420D5BB1E2F3C671C0D8B34BADA7EB32E
Authority key identifier: 93:D4:C4:AD:73:1E:45:ED:32:0A:2F:38:AB:70:B7:A7:BF:F7:EA:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9TErXMeRe0yCi84q3C3p7_36nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/QcUww1gBut5P9LED1fX9vTB1tFI.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42852
IP address blocks: 91.151.224.0/22 maxlen: 22
91.151.228.0/22 maxlen: 22
91.151.232.0/22 maxlen: 22
91.151.236.0/22 maxlen: 22
149.3.152.0/22 maxlen: 22
149.3.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/k9TErXMeRe0yCi84q3C3p7_36nk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/k9TErXMeRe0yCi84q3C3p7_36nk.mft
rsync://rpki.ripe.net/repository/DEFAULT/k9TErXMeRe0yCi84q3C3p7_36nk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bb:1e:2f:3c:67:1c:0d:8b:34:ba:da:7e:b3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93d4c4ad731e45ed320a2f38ab70b7a7bff7ea79
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41c530c35801bade4ff4b103d5f5fdbd3075b452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a1:40:b4:ce:f9:1c:73:f4:c1:71:8d:c3:50:
29:79:3d:19:f7:cb:c0:d1:6f:51:4b:4f:d1:be:4b:
1f:3f:d5:2e:67:22:d6:ad:73:63:11:d6:f6:b4:3c:
a4:33:3f:da:71:b2:a0:19:c6:d5:eb:56:37:fd:97:
96:9d:8a:99:86:05:36:b1:43:03:fa:fd:ac:9e:28:
34:d7:78:60:0e:91:d9:9e:f2:df:97:2d:e8:31:58:
c9:88:c6:03:7a:a0:6a:4a:5a:ed:d9:9d:4e:03:f6:
0a:cd:77:cf:c0:fb:03:18:29:68:2a:d3:16:d7:04:
22:9e:e2:5b:5b:c7:53:82:e3:68:d0:4c:fe:1d:12:
45:18:e7:c9:84:28:06:f4:7a:6c:39:a4:67:e0:05:
5b:29:92:9e:9e:d8:dd:ca:55:70:0a:b5:26:9b:9d:
4a:4d:80:db:02:12:b7:f5:66:09:1e:d0:7a:8c:77:
42:a0:e0:49:a7:4b:c0:ad:dc:9d:a3:b0:33:68:26:
d4:73:74:24:ee:26:70:cc:f6:be:cc:e3:26:ff:7c:
37:a9:da:bd:8f:d0:a4:46:71:ff:66:42:72:72:58:
44:f4:e0:71:33:b6:2d:73:43:fa:80:ee:8d:17:81:
8e:e3:c5:29:66:ff:dc:a8:aa:49:b3:c7:7d:e4:6b:
56:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C5:30:C3:58:01:BA:DE:4F:F4:B1:03:D5:F5:FD:BD:30:75:B4:52
X509v3 Authority Key Identifier:
keyid:93:D4:C4:AD:73:1E:45:ED:32:0A:2F:38:AB:70:B7:A7:BF:F7:EA:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9TErXMeRe0yCi84q3C3p7_36nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/QcUww1gBut5P9LED1fX9vTB1tFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/ee0538-39c9-4450-9647-aba55e2424d2/1/k9TErXMeRe0yCi84q3C3p7_36nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.151.224.0/20
149.3.152.0/21
Signature Algorithm: sha256WithRSAEncryption
67:0a:0f:be:c3:39:e5:2b:4c:23:97:51:8f:ef:c2:e8:8c:a7:
bd:7c:46:16:5c:fe:f7:6a:3e:20:5d:b2:08:8a:bf:08:ad:42:
fd:ec:bd:4e:9d:16:58:64:d2:4b:1e:db:f4:4f:83:b9:c2:46:
4a:03:63:a1:cc:8d:d5:f8:68:06:83:7e:41:5c:49:90:62:2c:
b4:48:6f:41:8b:84:31:7f:7a:0f:9b:00:16:ca:54:21:4d:c3:
2c:64:3d:0b:f8:83:77:ed:47:a7:23:d0:17:56:8a:fc:54:44:
d2:00:f3:9b:6d:9e:f2:92:ac:2e:56:59:10:6e:2a:4a:7d:a2:
ee:97:62:06:18:81:21:45:ea:d7:4a:07:b9:63:3a:95:8a:50:
b8:81:ec:51:8c:f5:1c:cc:c7:91:cb:8d:45:25:ac:6e:e5:1b:
3c:a5:d5:1f:23:3f:50:80:c6:90:6c:ad:a8:42:57:57:87:bd:
07:3a:d0:e0:ef:20:44:d8:01:b5:da:f1:fb:8a:e6:b6:0b:b1:
25:44:24:93:59:dc:97:4b:5d:74:43:15:5e:4a:d3:cd:6d:7f:
0e:25:47:1f:50:81:19:88:a1:79:45:69:19:e4:19:5d:24:ce:
16:39:ec:c7:01:91:cc:00:fc:e9:11:83:98:77:b8:06:2c:53:
59:71:31:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1bseLzxnHA2LNLrafrMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZDRjNGFkNzMxZTQ1ZWQzMjBhMmYzOGFiNzBiN2E3YmZm
N2VhNzkwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM1MzBjMzU4MDFiYWRlNGZmNGIxMDNkNWY1ZmRiZDMwNzViNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KFAtM75HHP0wXGNw1ApeT0Z98vA
0W9RS0/RvksfP9UuZyLWrXNjEdb2tDykMz/acbKgGcbV61Y3/ZeWnYqZhgU2sUMD
+v2snig013hgDpHZnvLfly3oMVjJiMYDeqBqSlrt2Z1OA/YKzXfPwPsDGCloKtMW
1wQinuJbW8dTguNo0Ez+HRJFGOfJhCgG9HpsOaRn4AVbKZKentjdylVwCrUmm51K
TYDbAhK39WYJHtB6jHdCoOBJp0vArdydo7AzaCbUc3Qk7iZwzPa+zOMm/3w3qdq9
j9CkRnH/ZkJyclhE9OBxM7Ytc0P6gO6NF4GO48UpZv/cqKpJs8d95GtW/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHFMMNYAbreT/SxA9X1/b0wdbRSMB8GA1UdIwQY
MBaAFJPUxK1zHkXtMgovOKtwt6e/9+p5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazlURXJYTWVSZTB5Q2k4NHEzQzNwN18zNm5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lZTA1MzgtMzljOS00NDUwLTk2NDct
YWJhNTVlMjQyNGQyLzEvUWNVd3cxZ0J1dDVQOUxFRDFmWDl2VEIxdEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lZTA1MzgtMzljOS00NDUwLTk2NDctYWJhNTVlMjQyNGQy
LzEvazlURXJYTWVSZTB5Q2k4NHEzQzNwN18zNm5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEW5fgAwQD
lQOYMA0GCSqGSIb3DQEBCwUAA4IBAQBnCg++wznlK0wjl1GP78LojKe9fEYWXP73
aj4gXbIIir8IrUL97L1OnRZYZNJLHtv0T4O5wkZKA2OhzI3V+GgGg35BXEmQYiy0
SG9Bi4Qxf3oPmwAWylQhTcMsZD0L+IN37UenI9AXVor8VETSAPObbZ7ykqwuVlkQ
bipKfaLul2IGGIEhRerXSge5YzqVilC4gexRjPUczMeRy41FJaxu5Rs8pdUfIz9Q
gMaQbK2oQldXh70HOtDg7yBE2AG12vH7iua2C7ElRCSTWdyXS110QxVeStPNbX8O
JUcfUIEZiKF5RWkZ5BldJM4WOezHAZHMAPzpEYOYd7gGLFNZcTGW
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:08 2025 by rpki-client