Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/qBI-2zh83yrxwps5B2wpeqKjzBE.roa
File: qBI-2zh83yrxwps5B2wpeqKjzBE.roa (raw, json)
Hash identifier: +a40JJUntJvdA4SOSdLnTGJXNEt6hOF4b5LOIU68Stg=
Subject key identifier: A8:12:3E:DB:38:7C:DF:2A:F1:C2:9B:39:07:6C:29:7A:A2:A3:CC:11
Certificate issuer: /CN=eeed878b81a9023940d4ec8c172d04d4c25586ca
Certificate serial: 0194B7612D18372DD06CD3378526CAD84042
Authority key identifier: EE:ED:87:8B:81:A9:02:39:40:D4:EC:8C:17:2D:04:D4:C2:55:86:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7u2Hi4GpAjlA1OyMFy0E1MJVhso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/qBI-2zh83yrxwps5B2wpeqKjzBE.roa
Signing time: Thu 30 Jan 2025 13:23:06 +0000
ROA not before: Thu 30 Jan 2025 13:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203201
IP address blocks: 78.142.240.0/24 maxlen: 24
80.80.239.0/24 maxlen: 24
185.142.152.0/22 maxlen: 22
185.142.152.0/24 maxlen: 24
185.145.192.0/22 maxlen: 22
2a07:2e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/7u2Hi4GpAjlA1OyMFy0E1MJVhso.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/7u2Hi4GpAjlA1OyMFy0E1MJVhso.mft
rsync://rpki.ripe.net/repository/DEFAULT/7u2Hi4GpAjlA1OyMFy0E1MJVhso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:61:2d:18:37:2d:d0:6c:d3:37:85:26:ca:d8:40:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeed878b81a9023940d4ec8c172d04d4c25586ca
Validity
Not Before: Jan 30 13:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8123edb387cdf2af1c29b39076c297aa2a3cc11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e1:8c:65:f7:c6:12:48:ef:76:ec:a6:51:71:
17:ce:eb:d2:f9:d3:fd:65:ea:bf:e2:0c:36:a1:31:
66:d9:3e:fa:65:a4:69:1d:ba:6f:a9:f0:cf:b1:14:
b5:31:3e:77:cb:fe:0b:d7:a2:ff:a1:ad:0a:9c:20:
60:8b:35:ab:84:bb:56:5f:65:37:34:6d:cc:b1:71:
75:7c:55:c6:42:34:1f:5b:82:5f:94:13:20:fa:64:
aa:76:96:9a:b0:ea:8a:4a:38:d5:b6:38:ce:a5:e0:
e1:6c:f1:2d:3a:eb:1d:45:31:5e:e8:cd:e0:a0:5e:
f9:a8:d5:09:89:44:34:3b:60:b7:96:aa:bc:e1:6f:
03:f1:4a:af:54:4e:98:f4:7c:56:49:28:e7:d3:ae:
57:c3:23:4b:d7:84:49:f0:7d:51:f4:7e:23:f7:68:
0f:d5:7b:01:86:91:ac:a5:f7:cc:66:70:a1:b1:d3:
dd:20:5e:8f:0f:e1:da:d4:cf:d4:1e:d6:28:7d:0c:
83:64:1f:81:0f:2d:e8:1f:e1:e8:c2:e4:2b:a5:db:
59:10:1e:46:16:2c:df:eb:28:74:a7:ea:09:73:d0:
59:19:13:60:23:08:90:fa:0c:6c:36:7b:d1:d1:63:
c3:51:ec:2f:0c:fc:67:22:c8:f4:6b:9d:0c:96:aa:
94:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:12:3E:DB:38:7C:DF:2A:F1:C2:9B:39:07:6C:29:7A:A2:A3:CC:11
X509v3 Authority Key Identifier:
keyid:EE:ED:87:8B:81:A9:02:39:40:D4:EC:8C:17:2D:04:D4:C2:55:86:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7u2Hi4GpAjlA1OyMFy0E1MJVhso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/qBI-2zh83yrxwps5B2wpeqKjzBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/65ea96-e958-4bdb-b947-56c3624b8b1b/1/7u2Hi4GpAjlA1OyMFy0E1MJVhso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.240.0/24
80.80.239.0/24
185.142.152.0/22
185.145.192.0/22
IPv6:
2a07:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
a6:2f:fd:32:34:f5:3b:85:80:2a:da:e5:4e:53:db:31:3a:3d:
83:54:d5:68:7a:46:e9:8b:98:15:b9:4a:09:3f:ea:67:cb:35:
f0:f2:88:2c:b7:b8:e7:06:10:a9:e9:0f:67:35:1f:d6:50:6d:
74:e9:50:15:af:f9:b7:3c:cb:2f:d8:f0:84:3f:1d:75:7e:80:
1b:62:c5:a9:c2:c3:6d:c2:80:79:38:18:9b:bf:1d:89:3a:19:
49:43:b3:e6:47:5a:64:e4:a9:d1:00:70:9d:68:fb:5f:d0:7c:
3d:68:b9:64:08:70:5c:5c:9b:d3:9b:86:68:45:91:9c:cf:45:
41:1c:28:be:f7:6f:39:9d:fe:93:63:a3:17:6f:a4:20:02:9b:
71:77:0f:ea:63:40:c6:36:89:0d:13:11:54:38:58:57:96:49:
3b:36:fb:e8:f6:b3:41:ac:61:36:10:0e:c5:5a:ea:f0:25:59:
64:f4:16:e0:33:35:9f:a0:57:63:f8:10:38:6f:94:d9:f2:dd:
ba:e4:be:fa:35:61:60:97:fd:b2:1c:45:c4:2b:3b:0c:f0:ad:
8e:17:85:9e:cc:66:00:34:15:0b:4d:9e:97:ea:23:99:fd:04:
23:95:21:f3:fb:8d:9a:dc:63:86:20:87:ce:c9:4f:9c:38:63:
58:2e:90:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZS3YS0YNy3QbNM3hSbK2EBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZWQ4NzhiODFhOTAyMzk0MGQ0ZWM4YzE3MmQwNGQ0YzI1
NTg2Y2EwHhcNMjUwMTMwMTMyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODEyM2VkYjM4N2NkZjJhZjFjMjliMzkwNzZjMjk3YWEyYTNjYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uGMZffGEkjvduymUXEXzuvS+dP9
Zeq/4gw2oTFm2T76ZaRpHbpvqfDPsRS1MT53y/4L16L/oa0KnCBgizWrhLtWX2U3
NG3MsXF1fFXGQjQfW4JflBMg+mSqdpaasOqKSjjVtjjOpeDhbPEtOusdRTFe6M3g
oF75qNUJiUQ0O2C3lqq84W8D8UqvVE6Y9HxWSSjn065XwyNL14RJ8H1R9H4j92gP
1XsBhpGspffMZnChsdPdIF6PD+Ha1M/UHtYofQyDZB+BDy3oH+HowuQrpdtZEB5G
Fizf6yh0p+oJc9BZGRNgIwiQ+gxsNnvR0WPDUewvDPxnIsj0a50MlqqUIwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKgSPts4fN8q8cKbOQdsKXqio8wRMB8GA1UdIwQY
MBaAFO7th4uBqQI5QNTsjBctBNTCVYbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3UySGk0R3BBamxBMU95TUZ5MEUxTUpWaHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NWVhOTYtZTk1OC00YmRiLWI5NDct
NTZjMzYyNGI4YjFiLzEvcUJJLTJ6aDgzeXJ4d3BzNUIyd3BlcUtqekJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NWVhOTYtZTk1OC00YmRiLWI5NDctNTZjMzYyNGI4YjFi
LzEvN3UySGk0R3BBamxBMU95TUZ5MEUxTUpWaHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQATo7wAwQA
UFDvAwQCuY6YAwQCuZHAMA0EAgACMAcDBQMqBy6AMA0GCSqGSIb3DQEBCwUAA4IB
AQCmL/0yNPU7hYAq2uVOU9sxOj2DVNVoekbpi5gVuUoJP+pnyzXw8ogst7jnBhCp
6Q9nNR/WUG106VAVr/m3PMsv2PCEPx11foAbYsWpwsNtwoB5OBibvx2JOhlJQ7Pm
R1pk5KnRAHCdaPtf0Hw9aLlkCHBcXJvTm4ZoRZGcz0VBHCi+9285nf6TY6MXb6Qg
Aptxdw/qY0DGNokNExFUOFhXlkk7Nvvo9rNBrGE2EA7FWurwJVlk9BbgMzWfoFdj
+BA4b5TZ8t265L76NWFgl/2yHEXEKzsM8K2OF4WezGYANBULTZ6X6iOZ/QQjlSHz
+42a3GOGIIfOyU+cOGNYLpDV
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:33 2025 by rpki-client