Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/QLu-t4-kWwjTWD2HUVQ3JUjA93E.roa
File: QLu-t4-kWwjTWD2HUVQ3JUjA93E.roa (raw, json)
Hash identifier: wwPcnLN7UsFWJVqWb0xH9PzsYRh1MZUdzN16ZynKLqU=
Subject key identifier: 40:BB:BE:B7:8F:A4:5B:08:D3:58:3D:87:51:54:37:25:48:C0:F7:71
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 019427B64362E8A0E726553A3863CBCE9559
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/QLu-t4-kWwjTWD2HUVQ3JUjA93E.roa
Signing time: Thu 02 Jan 2025 15:50:43 +0000
ROA not before: Thu 02 Jan 2025 15:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.1.0/24 maxlen: 24
146.0.2.0/24 maxlen: 24
146.0.5.0/24 maxlen: 24
146.0.8.0/24 maxlen: 24
146.0.9.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:43:62:e8:a0:e7:26:55:3a:38:63:cb:ce:95:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Jan 2 15:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40bbbeb78fa45b08d3583d875154372548c0f771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c4:b3:ff:ad:55:3c:9a:13:35:e6:4a:99:81:
8d:7d:6f:c1:63:99:d6:e0:5f:8e:21:e3:96:35:16:
fc:40:53:5e:6c:95:4e:2f:26:40:af:e6:7b:d5:1b:
b7:a7:c2:fb:6e:50:92:ef:da:70:9e:dc:16:1c:8c:
2f:cb:be:73:8f:a7:52:92:58:56:66:87:6a:fa:f6:
bb:bf:b8:09:54:11:dd:c5:fe:54:14:8a:91:b6:f4:
99:b5:21:a5:88:18:62:c9:d4:37:65:c5:3a:0c:cc:
a4:06:7c:e2:82:b3:d9:4d:fd:01:10:17:4e:2c:b5:
4f:cc:5c:3b:18:88:e6:b2:03:da:9e:91:b4:1d:d2:
91:db:9f:b4:99:4d:a2:ee:88:83:5f:c7:21:23:36:
b5:55:f1:ea:e4:fa:2b:9b:9b:83:7b:20:2a:95:4e:
81:16:32:9d:c9:4d:d5:f9:bd:4d:8c:0b:44:87:f6:
32:be:37:f7:da:49:f6:94:d8:38:3c:12:9d:cb:6f:
b5:ef:da:8f:73:65:34:27:f9:9c:2d:e0:71:e0:d9:
08:f9:6d:0c:9c:bb:80:7f:9b:d2:04:61:d7:49:0a:
28:d0:b7:90:00:fe:80:d4:81:70:bc:63:8b:d3:c5:
25:97:ed:f1:a6:8d:fb:43:61:0d:4a:4f:6f:48:5f:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BB:BE:B7:8F:A4:5B:08:D3:58:3D:87:51:54:37:25:48:C0:F7:71
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/QLu-t4-kWwjTWD2HUVQ3JUjA93E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0-146.0.2.255
146.0.5.0/24
146.0.8.0/23
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:32:da:d3:41:21:64:9b:85:f0:47:c4:46:3d:58:87:66:9d:
cc:94:31:76:c4:a0:e8:75:64:3a:71:bb:4e:82:1a:f5:32:ca:
8f:f0:58:e9:01:19:d9:dd:7d:4b:ba:b7:02:0b:57:0b:1c:ba:
36:db:b8:79:23:1a:11:4a:c1:07:9f:13:2d:6c:48:6a:70:49:
14:21:8f:f7:31:fc:8c:d3:42:d9:25:bd:07:f8:59:0a:92:23:
2e:10:23:14:9a:be:be:ae:ce:11:cd:01:38:7d:ee:6a:5f:24:
90:9b:91:e3:4f:12:00:5c:5f:21:b4:f2:1a:d2:ee:cf:c4:53:
2d:16:b9:d8:a8:af:da:71:fc:10:85:1f:f3:98:ab:f8:16:8d:
d5:09:32:7c:3c:eb:f6:5e:3e:0e:2f:a5:e6:87:50:15:91:74:
75:97:2a:e3:35:b7:03:ec:fa:7d:e1:2a:7c:58:5e:b8:fc:7a:
df:d8:c3:cd:7a:55:43:d1:62:8f:25:41:a8:5b:a7:a0:23:19:
7e:9c:01:7b:83:93:47:03:af:d8:ab:9b:10:89:3e:73:e8:ae:
23:63:93:f0:40:47:f7:81:63:6e:80:3d:00:6a:da:9b:54:90:
a8:44:98:d9:7f:5e:0f:a2:18:0b:f1:3a:66:b6:6f:2e:a7:c0:
06:7a:34:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntkNi6KDnJlU6OGPLzpVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjUwMTAyMTU1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJiYmViNzhmYTQ1YjA4ZDM1ODNkODc1MTU0MzcyNTQ4YzBmNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8Sz/61VPJoTNeZKmYGNfW/BY5nW
4F+OIeOWNRb8QFNebJVOLyZAr+Z71Ru3p8L7blCS79pwntwWHIwvy75zj6dSklhW
Zodq+va7v7gJVBHdxf5UFIqRtvSZtSGliBhiydQ3ZcU6DMykBnzigrPZTf0BEBdO
LLVPzFw7GIjmsgPanpG0HdKR25+0mU2i7oiDX8chIza1VfHq5Porm5uDeyAqlU6B
FjKdyU3V+b1NjAtEh/Yyvjf32kn2lNg4PBKdy2+179qPc2U0J/mcLeBx4NkI+W0M
nLuAf5vSBGHXSQoo0LeQAP6A1IFwvGOL08Ull+3xpo37Q2ENSk9vSF8pgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEC7vrePpFsI01g9h1FUNyVIwPdxMB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEvUUx1LXQ0LWtXd2pUV0QySFVWUTNKVWpBOTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeMAoDAgGSAwQA
kgACAwQAkgAFAwQBkgAIAwQAkgAPMA0GCSqGSIb3DQEBCwUAA4IBAQCbMtrTQSFk
m4XwR8RGPViHZp3MlDF2xKDodWQ6cbtOghr1MsqP8FjpARnZ3X1LurcCC1cLHLo2
27h5IxoRSsEHnxMtbEhqcEkUIY/3MfyM00LZJb0H+FkKkiMuECMUmr6+rs4RzQE4
fe5qXySQm5HjTxIAXF8htPIa0u7PxFMtFrnYqK/acfwQhR/zmKv4Fo3VCTJ8POv2
Xj4OL6Xmh1AVkXR1lyrjNbcD7Pp94Sp8WF64/Hrf2MPNelVD0WKPJUGoW6egIxl+
nAF7g5NHA6/Yq5sQiT5z6K4jY5PwQEf3gWNugD0AatqbVJCoRJjZf14PohgL8Tpm
tm8up8AGejQV
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:32 2025 by rpki-client