Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/Ax6Vm0VTZQY0FLe1VYl0Sd0_sqo.roa
File: Ax6Vm0VTZQY0FLe1VYl0Sd0_sqo.roa (raw, json)
Hash identifier: X5Han0rbC/tYWBQcqeDkAJUru7qclM/G19tIpVV4C6g=
Subject key identifier: 03:1E:95:9B:45:53:65:06:34:14:B7:B5:55:89:74:49:DD:3F:B2:AA
Certificate issuer: /CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Certificate serial: 019422FC3BCEB9C86E96D3DB069AB94A8506
Authority key identifier: 80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/Ax6Vm0VTZQY0FLe1VYl0Sd0_sqo.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211391
IP address blocks: 109.236.168.0/21 maxlen: 21
193.3.57.0/24 maxlen: 24
194.105.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3b:ce:b9:c8:6e:96:d3:db:06:9a:b9:4a:85:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=031e959b455365063414b7b555897449dd3fb2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b1:8a:6f:45:84:68:ee:b2:81:fb:73:d6:94:
47:43:b5:ab:73:4a:10:40:83:5d:d9:c1:c8:52:eb:
c4:7f:a6:98:3b:ed:2b:02:c1:7e:f6:72:12:41:85:
90:20:f7:06:b6:73:00:dd:5f:1a:a3:4c:c3:e0:d8:
26:2d:78:83:3a:1b:26:dd:dc:b6:2a:02:fb:d6:ff:
ce:2f:04:9e:48:0a:3f:93:5e:39:4c:32:de:2f:bf:
33:3c:42:e8:81:b4:ea:32:f8:b7:d7:91:a5:46:09:
96:a8:bb:84:1f:31:d7:87:29:63:5c:56:82:b4:2c:
a2:cf:6c:a0:e4:17:a9:61:15:57:b5:ff:eb:4b:e4:
27:d9:c3:fc:56:af:ec:1b:05:9b:36:71:46:22:e7:
40:1e:77:2c:8c:2d:1b:07:12:00:21:1c:ff:34:99:
a5:a4:31:63:d2:aa:00:24:a8:ad:ee:cf:db:03:7c:
41:cf:a0:49:7a:e3:26:32:ff:f9:6c:b1:a9:93:3c:
d8:47:73:c4:be:07:92:33:92:a8:89:46:b9:f5:41:
e2:ea:c9:a0:09:9e:44:63:79:10:d6:e0:bf:af:54:
76:43:f7:66:bf:a6:9a:8f:b6:39:0c:04:df:43:07:
f1:61:c9:7a:9f:9b:ff:96:fc:b6:98:05:80:b5:5c:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1E:95:9B:45:53:65:06:34:14:B7:B5:55:89:74:49:DD:3F:B2:AA
X509v3 Authority Key Identifier:
keyid:80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/Ax6Vm0VTZQY0FLe1VYl0Sd0_sqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.168.0/21
193.3.57.0/24
194.105.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:7d:94:92:b5:f6:68:2e:a1:3f:fa:9b:4d:21:63:93:a0:7c:
cd:28:79:7c:39:24:77:38:38:2b:1b:99:df:09:d3:83:25:a4:
8a:55:50:27:8d:25:39:16:23:b0:be:e6:56:24:76:ec:9a:24:
db:32:49:1c:2c:24:2d:ab:b9:2f:4a:3b:2a:c8:ba:ad:bf:f8:
61:63:45:11:16:be:a5:b3:6a:7b:fe:67:4a:8c:ac:ff:cd:4f:
52:3d:d9:1e:6b:e7:4a:17:07:28:71:c7:c0:0f:32:01:4a:27:
36:e2:4e:5b:50:1c:ec:a2:1a:39:cd:ca:e7:2e:f9:23:ae:db:
3f:8f:94:1d:a3:20:f5:53:72:fe:73:4c:78:be:72:95:44:37:
01:9d:7b:7e:5a:ad:65:39:51:98:36:2a:df:e9:31:1c:1c:ad:
8c:f1:01:21:5e:02:17:af:80:fb:f4:bb:4e:0d:d6:1f:1b:1f:
3a:91:69:a5:29:86:a7:05:e3:41:46:17:4e:f8:36:75:bc:25:
17:94:d2:d9:58:47:e2:42:ae:b0:10:51:58:4f:f6:47:c7:48:
1c:e0:0a:25:7c:57:c1:28:6d:4e:94:3c:f0:ba:52:3b:fc:87:
17:0f:4e:dd:3c:75:8b:b2:3c:ad:97:1c:63:fe:1d:01:f2:b6:
9d:d6:4f:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/DvOuchultPbBpq5SoUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMTZjY2IxYWM3N2M3YzAyYTRlZGU2MDZkZjFmN2VmOTcz
YTBiZjkwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFlOTU5YjQ1NTM2NTA2MzQxNGI3YjU1NTg5NzQ0OWRkM2ZiMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbGKb0WEaO6ygftz1pRHQ7Wrc0oQ
QINd2cHIUuvEf6aYO+0rAsF+9nISQYWQIPcGtnMA3V8ao0zD4NgmLXiDOhsm3dy2
KgL71v/OLwSeSAo/k145TDLeL78zPELogbTqMvi315GlRgmWqLuEHzHXhyljXFaC
tCyiz2yg5BepYRVXtf/rS+Qn2cP8Vq/sGwWbNnFGIudAHncsjC0bBxIAIRz/NJml
pDFj0qoAJKit7s/bA3xBz6BJeuMmMv/5bLGpkzzYR3PEvgeSM5KoiUa59UHi6smg
CZ5EY3kQ1uC/r1R2Q/dmv6aaj7Y5DATfQwfxYcl6n5v/lvy2mAWAtVzwxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAMelZtFU2UGNBS3tVWJdEndP7KqMB8GA1UdIwQY
MBaAFIAWzLGsd8fAKk7eYG3x9++XOgv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUt
YTk2NmFlODU2OTI2LzEvQXg2Vm0wVlRaUVkwRkxlMVZZbDBTZDBfc3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUtYTk2NmFlODU2OTI2
LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbeyoAwQA
wQM5AwQCwmkkMA0GCSqGSIb3DQEBCwUAA4IBAQBtfZSStfZoLqE/+ptNIWOToHzN
KHl8OSR3ODgrG5nfCdODJaSKVVAnjSU5FiOwvuZWJHbsmiTbMkkcLCQtq7kvSjsq
yLqtv/hhY0URFr6ls2p7/mdKjKz/zU9SPdkea+dKFwcoccfADzIBSic24k5bUBzs
oho5zcrnLvkjrts/j5QdoyD1U3L+c0x4vnKVRDcBnXt+Wq1lOVGYNirf6TEcHK2M
8QEhXgIXr4D79LtODdYfGx86kWmlKYanBeNBRhdO+DZ1vCUXlNLZWEfiQq6wEFFY
T/ZHx0gc4AolfFfBKG1OlDzwulI7/IcXD07dPHWLsjytlxxj/h0B8rad1k8L
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:34:29 2025 by rpki-client