Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/qoiJ2dkjuPKR2DINrHtiZnfckMQ.roa
File: qoiJ2dkjuPKR2DINrHtiZnfckMQ.roa (raw, json)
Hash identifier: LgXeymWOOJplKwnla/9DQkVIgYhvAdLAg89NuJpLJ/o=
Subject key identifier: AA:88:89:D9:D9:23:B8:F2:91:D8:32:0D:AC:7B:62:66:77:DC:90:C4
Certificate issuer: /CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Certificate serial: 0194274855B263DC225438F4E499F75F9D1E
Authority key identifier: 64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/qoiJ2dkjuPKR2DINrHtiZnfckMQ.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198336
IP address blocks: 176.227.224.0/20 maxlen: 20
176.227.224.0/21 maxlen: 21
176.227.232.0/23 maxlen: 23
176.227.234.0/23 maxlen: 23
176.227.236.0/24 maxlen: 24
176.227.237.0/24 maxlen: 24
176.227.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:55:b2:63:dc:22:54:38:f4:e4:99:f7:5f:9d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa8889d9d923b8f291d8320dac7b626677dc90c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:7d:03:c3:7c:3c:9d:ad:d8:ca:b3:ec:41:
6f:a7:7c:97:77:01:5e:96:5a:15:55:61:36:82:70:
6f:5b:76:56:d5:29:71:0b:7f:e9:e8:c9:a2:f5:c5:
ea:d8:b4:f2:b2:e0:0f:cb:ef:cf:e4:26:5a:f8:30:
e0:ce:73:e5:5e:48:3c:cc:c3:01:f2:9b:5d:18:f7:
1d:88:6e:76:c7:43:2b:f4:85:ee:56:68:01:91:f1:
5d:4f:19:e5:4f:f4:9d:e4:08:44:27:cb:4b:7c:f7:
23:29:04:86:7a:f2:29:3e:dc:23:eb:b4:63:ab:3d:
ad:ef:7c:f5:f1:ae:1a:ee:16:73:14:bb:9c:75:db:
64:40:fa:e8:8d:af:22:28:cf:6a:1c:10:68:9e:b6:
8f:23:a4:04:ef:d7:00:43:bf:6e:2e:df:a2:dd:95:
b3:5c:44:42:89:72:43:d0:77:4f:ee:fc:57:66:7f:
43:46:d9:84:cc:74:1a:61:1f:66:a3:87:18:96:51:
e6:fa:4e:41:d7:92:85:10:8e:31:72:41:57:ef:be:
74:d7:bb:5b:11:1b:ba:8e:d9:50:b7:e9:e5:1a:9d:
b5:ea:34:d7:1d:fc:6a:07:d0:62:7b:e3:1a:93:8c:
e7:af:06:c4:2d:46:cf:ed:c6:8c:32:98:c0:d4:2b:
ac:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:88:89:D9:D9:23:B8:F2:91:D8:32:0D:AC:7B:62:66:77:DC:90:C4
X509v3 Authority Key Identifier:
keyid:64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/qoiJ2dkjuPKR2DINrHtiZnfckMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.224.0/20
Signature Algorithm: sha256WithRSAEncryption
75:c6:b8:7c:61:7d:ad:b6:33:3b:71:03:00:80:d2:74:67:9e:
17:89:62:c9:be:14:d3:86:d2:89:b9:e4:5b:96:b9:01:fe:d1:
28:6f:ec:e6:9c:fb:df:e4:2f:98:63:14:61:48:ff:8c:15:97:
4d:0b:af:2e:75:ce:a0:f6:0a:6a:66:d0:b1:6e:39:57:53:80:
81:ff:e6:0e:cc:b3:dc:2a:89:51:b3:29:06:5a:a6:e3:5c:5e:
78:0c:01:99:a3:59:fe:17:20:0f:3e:18:bc:16:2f:59:cf:55:
85:2d:5c:db:c7:2b:6f:38:24:5a:3d:04:a7:ba:62:9f:cc:5b:
13:3b:32:b8:82:8a:e4:7f:4d:fb:a5:05:cc:9b:f1:11:91:d8:
bb:f3:16:ad:27:66:3c:2c:0f:57:03:e9:2d:ff:b8:e4:05:be:
a4:6a:7b:96:cc:d8:2c:32:c8:47:30:59:c2:4d:32:ff:a9:bc:
f2:e8:50:d4:f6:84:d7:83:f4:4c:61:3c:b6:0b:ed:1c:18:c4:
e2:fa:1e:11:bb:ef:0d:05:ee:23:f7:29:0d:12:fe:4a:64:99:
93:11:9e:07:42:6d:12:d0:3a:cf:ac:82:d9:66:05:3a:ef:8a:
8a:5d:32:67:fb:e1:49:1d:39:eb:f2:d6:99:93:d5:18:07:0c:
95:cd:d4:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFWyY9wiVDj05Jn3X50eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZTkwNjI3MDIxYWRjZmE1NjI0MzQyZDNlNWY4YjQ4MDM1
YWNmYjQwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg4ODlkOWQ5MjNiOGYyOTFkODMyMGRhYzdiNjI2Njc3ZGM5MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDZ9A8N8PJ2t2Mqz7EFvp3yXdwFe
lloVVWE2gnBvW3ZW1SlxC3/p6Mmi9cXq2LTysuAPy+/P5CZa+DDgznPlXkg8zMMB
8ptdGPcdiG52x0Mr9IXuVmgBkfFdTxnlT/Sd5AhEJ8tLfPcjKQSGevIpPtwj67Rj
qz2t73z18a4a7hZzFLucddtkQProja8iKM9qHBBonraPI6QE79cAQ79uLt+i3ZWz
XERCiXJD0HdP7vxXZn9DRtmEzHQaYR9mo4cYllHm+k5B15KFEI4xckFX775017tb
ERu6jtlQt+nlGp216jTXHfxqB9Bie+Mak4znrwbELUbP7caMMpjA1CusfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqIidnZI7jykdgyDax7YmZ33JDEMB8GA1UdIwQY
MBaAFGTpBicCGtz6ViQ0LT5fi0gDWs+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk9rR0p3SWEzUHBXSkRRdFBsLUxTQU5hejdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82ZTNmYmEtNGQzYS00M2NiLWJhYmYt
NWYyODgyZGUzZWM3LzEvcW9pSjJka2p1UEtSMkRJTnJIdGlabmZja01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82ZTNmYmEtNGQzYS00M2NiLWJhYmYtNWYyODgyZGUzZWM3
LzEvWk9rR0p3SWEzUHBXSkRRdFBsLUxTQU5hejdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsOPgMA0G
CSqGSIb3DQEBCwUAA4IBAQB1xrh8YX2ttjM7cQMAgNJ0Z54XiWLJvhTThtKJueRb
lrkB/tEob+zmnPvf5C+YYxRhSP+MFZdNC68udc6g9gpqZtCxbjlXU4CB/+YOzLPc
KolRsykGWqbjXF54DAGZo1n+FyAPPhi8Fi9Zz1WFLVzbxytvOCRaPQSnumKfzFsT
OzK4gorkf037pQXMm/ERkdi78xatJ2Y8LA9XA+kt/7jkBb6kanuWzNgsMshHMFnC
TTL/qbzy6FDU9oTXg/RMYTy2C+0cGMTi+h4Ru+8NBe4j9ykNEv5KZJmTEZ4HQm0S
0DrPrILZZgU674qKXTJn++FJHTnr8taZk9UYBwyVzdRQ
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:20 2025 by rpki-client