Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AGQD92UEQIaVEcqDdQXIoxEgQ1k.roa
File: AGQD92UEQIaVEcqDdQXIoxEgQ1k.roa (raw, json)
Hash identifier: WOCArcdnhDcRrqWbqJhSvRuUb9iAE2UutSuhN69pKjs=
Subject key identifier: 00:64:03:F7:65:04:40:86:95:11:CA:83:75:05:C8:A3:11:20:43:59
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64BDBB024C786747590BFE174BDA79
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AGQD92UEQIaVEcqDdQXIoxEgQ1k.roa
Signing time: Thu 09 Jan 2025 09:28:23 +0000
ROA not before: Thu 09 Jan 2025 09:28:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202309
IP address blocks: 62.68.70.0/24 maxlen: 24
79.124.42.0/23 maxlen: 24
80.72.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:bd:bb:02:4c:78:67:47:59:0b:fe:17:4b:da:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=006403f7650440869511ca837505c8a311204359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:db:d2:3d:cf:48:a5:c1:67:31:ca:31:f3:89:
36:3a:23:68:b1:5d:39:50:f9:ab:68:e8:c3:1c:6b:
73:73:93:95:0f:44:ae:dd:57:86:88:7f:9e:bf:5d:
c3:1c:4d:b2:18:0d:54:2c:62:e7:64:9a:ce:95:8e:
d7:57:3a:35:16:e2:7d:62:2b:99:36:e8:3c:12:c6:
3a:19:b6:38:f7:b0:75:58:7b:6b:89:2b:9c:d9:ac:
4e:33:31:0b:c6:68:77:9f:68:4e:68:89:39:0f:96:
da:76:22:c7:ba:be:eb:b1:db:fc:c4:66:ce:9e:ec:
b2:e3:09:01:99:01:fb:a8:86:b3:99:9d:27:4d:aa:
de:1e:22:8b:8b:9c:11:13:60:f3:9b:5a:e0:f7:02:
2f:6a:03:66:ab:b7:8f:42:9a:a9:01:e3:1c:33:13:
d4:c5:d8:36:0a:c5:e8:2a:f7:66:22:ee:b9:d8:a1:
84:e0:d6:10:25:ff:47:5a:24:65:b4:87:0e:7b:93:
cc:b6:b0:8a:5e:20:8f:d4:d4:3d:96:1b:f3:03:37:
53:1b:e3:ef:32:cd:eb:d2:7d:b7:43:d8:7e:38:ea:
a3:ac:63:c5:19:24:70:a2:cf:a4:1c:f9:c2:32:25:
04:de:bc:88:f6:56:47:d7:5f:58:e4:e6:a2:83:09:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:64:03:F7:65:04:40:86:95:11:CA:83:75:05:C8:A3:11:20:43:59
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/AGQD92UEQIaVEcqDdQXIoxEgQ1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.70.0/24
79.124.42.0/23
80.72.78.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:61:f0:63:de:79:22:76:2c:94:8e:3b:50:e4:14:4c:dc:6f:
f8:4b:50:5f:fe:3c:1c:da:07:af:af:a1:33:54:48:cd:66:73:
a7:9c:c0:99:f7:f4:0b:c9:54:8c:18:b7:a8:c3:b9:83:18:ca:
a0:6b:b7:29:aa:64:56:80:ab:82:e9:e6:7f:d1:74:fb:4b:0c:
6f:fe:ff:ce:36:50:3f:fd:79:98:29:a9:ee:d3:e3:3c:26:a9:
c2:10:93:2f:98:06:e9:06:80:24:50:39:a3:b0:2f:7f:eb:cf:
fc:7e:42:ec:aa:fe:29:f5:a1:e2:c6:54:19:14:5f:b1:b1:b3:
bf:86:f6:a5:27:85:cf:60:fc:af:6f:19:a8:90:39:58:34:a7:
05:a8:36:fd:91:96:fa:1c:0c:df:7d:d0:9e:e1:02:37:31:23:
ba:61:3f:a7:0a:7e:f1:0f:fc:0e:9c:0e:42:60:ff:eb:4b:0f:
96:40:a6:b2:92:e9:7a:bf:5d:24:7b:fd:0f:80:18:59:d6:31:
78:cc:e1:fa:00:e1:98:b4:f8:90:e1:7a:44:a3:47:3f:5a:7f:
3f:94:34:39:5d:c3:99:90:1e:b3:0a:54:80:ed:57:c2:3f:31:
57:f7:f4:9d:10:3e:d9:e5:9f:56:97:4f:33:bf:42:9f:23:13:
33:a7:f2:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRKZL27Akx4Z0dZC/4XS9p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY0MDNmNzY1MDQ0MDg2OTUxMWNhODM3NTA1YzhhMzExMjA0MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tvSPc9IpcFnMcox84k2OiNosV05
UPmraOjDHGtzc5OVD0Su3VeGiH+ev13DHE2yGA1ULGLnZJrOlY7XVzo1FuJ9YiuZ
Nug8EsY6GbY497B1WHtriSuc2axOMzELxmh3n2hOaIk5D5badiLHur7rsdv8xGbO
nuyy4wkBmQH7qIazmZ0nTareHiKLi5wRE2Dzm1rg9wIvagNmq7ePQpqpAeMcMxPU
xdg2CsXoKvdmIu652KGE4NYQJf9HWiRltIcOe5PMtrCKXiCP1NQ9lhvzAzdTG+Pv
Ms3r0n23Q9h+OOqjrGPFGSRwos+kHPnCMiUE3ryI9lZH119Y5OaigwndEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFABkA/dlBECGlRHKg3UFyKMRIENZMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvQUdRRDkyVUVRSWFWRWNxRGRRWElveEVnUTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkRGAwQB
T3wqAwQAUEhOMA0GCSqGSIb3DQEBCwUAA4IBAQDBYfBj3nkidiyUjjtQ5BRM3G/4
S1Bf/jwc2gevr6EzVEjNZnOnnMCZ9/QLyVSMGLeow7mDGMqga7cpqmRWgKuC6eZ/
0XT7Swxv/v/ONlA//XmYKanu0+M8JqnCEJMvmAbpBoAkUDmjsC9/68/8fkLsqv4p
9aHixlQZFF+xsbO/hvalJ4XPYPyvbxmokDlYNKcFqDb9kZb6HAzffdCe4QI3MSO6
YT+nCn7xD/wOnA5CYP/rSw+WQKaykul6v10ke/0PgBhZ1jF4zOH6AOGYtPiQ4XpE
o0c/Wn8/lDQ5XcOZkB6zClSA7VfCPzFX9/SdED7Z5Z9Wl08zv0KfIxMzp/Jr
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:48:46 2025 by rpki-client