Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa
File: Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa (raw, json)
Hash identifier: T3aZ91YVxRUkDJ96e4vMqo7oCynEMTZ2Xb8h0pZbGMo=
Subject key identifier: 43:97:BA:83:55:94:31:11:B8:70:BE:1A:35:9B:49:AA:A0:FF:FB:2A
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 0194214384053DC099284D66BFAB876F7E3E
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa
Signing time: Wed 01 Jan 2025 09:47:40 +0000
ROA not before: Wed 01 Jan 2025 09:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 93.190.198.0/23 maxlen: 23
93.190.198.0/24 maxlen: 24
93.190.199.0/24 maxlen: 24
213.153.96.0/19 maxlen: 19
213.153.96.0/20 maxlen: 20
213.153.112.0/20 maxlen: 20
2a01:6d00::/32 maxlen: 32
2a01:6d00::/33 maxlen: 33
2a01:6d00:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 15:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:84:05:3d:c0:99:28:4d:66:bf:ab:87:6f:7e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Jan 1 09:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4397ba8355943111b870be1a359b49aaa0fffb2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e8:3f:73:02:8d:2a:60:33:b4:75:1a:4f:be:
5c:ca:78:a9:83:ed:74:86:0a:bb:a8:b1:d9:af:79:
03:cf:5a:2a:d0:e3:ec:c9:3e:e7:0a:f1:0a:f0:fc:
01:70:50:95:9d:8f:44:f4:ed:32:78:66:f2:dc:13:
f7:45:03:7c:fd:e4:cf:59:c8:bd:5f:0e:eb:65:6f:
96:e7:c0:54:ee:88:71:d9:9e:58:2f:94:2f:39:f4:
27:12:ef:f4:d4:91:a0:6c:53:d4:38:49:c7:1d:ff:
3e:66:31:76:d2:2e:07:0b:e0:09:4c:12:10:e3:96:
f5:f5:b5:2c:56:b2:fb:39:5e:9f:f7:4e:4b:79:a3:
c7:cc:ce:1a:5a:78:43:57:38:82:3f:e9:1d:44:bc:
0b:d2:14:73:59:30:4c:ab:41:43:08:eb:e9:cc:51:
22:c8:db:42:7d:13:d0:0a:f5:e7:18:22:89:25:83:
5b:f9:32:35:6a:1d:3f:77:8e:14:20:f6:1b:bf:96:
d6:06:a8:59:1d:7d:0d:ad:fc:fd:9e:5c:a6:53:04:
63:3d:a5:2d:00:fd:33:24:7f:45:d4:f9:be:93:dd:
4c:79:4b:ab:65:26:55:d1:6a:d3:5b:95:1c:77:0d:
8f:16:d1:61:57:1d:14:c6:9a:b6:13:b0:c8:3e:83:
2c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:BA:83:55:94:31:11:B8:70:BE:1A:35:9B:49:AA:A0:FF:FB:2A
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/Q5e6g1WUMRG4cL4aNZtJqqD_-yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.198.0/23
213.153.96.0/19
IPv6:
2a01:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
05:29:4f:da:40:ef:99:b0:41:39:e9:f9:59:c1:1a:4f:ef:60:
86:83:39:7d:43:5b:f2:72:c5:a4:a6:3d:c0:20:f4:d3:c9:80:
69:71:31:e0:da:45:12:c0:3a:b5:25:aa:3c:c8:fb:ca:a0:7e:
03:fa:aa:3e:e9:7b:ca:10:03:c1:49:cd:ba:9a:51:7a:d3:b7:
95:14:c3:13:87:d8:66:0b:d4:e2:75:1a:b6:48:57:84:af:d0:
fc:45:b7:75:aa:78:63:bd:db:23:aa:5a:40:9c:39:7c:1b:7f:
8d:d7:4d:ed:a3:2e:51:9c:63:cd:90:b3:0d:2f:a3:52:e5:b8:
e2:71:ba:b2:35:b4:f6:e3:de:35:29:19:ef:ef:18:06:40:20:
58:77:a9:08:8f:ec:96:a8:2e:21:96:6d:6f:36:e7:c7:e1:23:
83:a0:7d:42:b2:12:eb:1d:b0:4d:87:34:c1:c6:a1:44:89:f7:
51:ba:1b:2b:d8:6c:ea:bd:6b:5f:fb:39:e4:f5:ba:67:86:05:
bd:4a:8d:c8:45:ca:42:d1:1d:46:b8:e4:43:9d:e5:5f:25:3b:
62:c9:24:be:1b:c5:23:1d:ad:7f:82:5c:b7:a7:af:04:02:ca:
f4:96:46:5b:3b:e8:44:14:56:f1:42:63:61:6c:99:90:2f:e3:
23:ed:91:43
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhQ4QFPcCZKE1mv6uHb34+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjUwMTAxMDk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk3YmE4MzU1OTQzMTExYjg3MGJlMWEzNTliNDlhYWEwZmZmYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueg/cwKNKmAztHUaT75cynipg+10
hgq7qLHZr3kDz1oq0OPsyT7nCvEK8PwBcFCVnY9E9O0yeGby3BP3RQN8/eTPWci9
Xw7rZW+W58BU7ohx2Z5YL5QvOfQnEu/01JGgbFPUOEnHHf8+ZjF20i4HC+AJTBIQ
45b19bUsVrL7OV6f905LeaPHzM4aWnhDVziCP+kdRLwL0hRzWTBMq0FDCOvpzFEi
yNtCfRPQCvXnGCKJJYNb+TI1ah0/d44UIPYbv5bWBqhZHX0Nrfz9nlymUwRjPaUt
AP0zJH9F1Pm+k91MeUurZSZV0WrTW5Ucdw2PFtFhVx0Uxpq2E7DIPoMs+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEOXuoNVlDERuHC+GjWbSaqg//sqMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUTVlNmcxV1VNUkc0Y0w0YU5adEpxcURfLXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBXb7GAwQF
1ZlgMA0EAgACMAcDBQAqAW0AMA0GCSqGSIb3DQEBCwUAA4IBAQAFKU/aQO+ZsEE5
6flZwRpP72CGgzl9Q1vycsWkpj3AIPTTyYBpcTHg2kUSwDq1Jao8yPvKoH4D+qo+
6XvKEAPBSc26mlF607eVFMMTh9hmC9TidRq2SFeEr9D8Rbd1qnhjvdsjqlpAnDl8
G3+N103toy5RnGPNkLMNL6NS5bjicbqyNbT24941KRnv7xgGQCBYd6kIj+yWqC4h
lm1vNufH4SODoH1CshLrHbBNhzTBxqFEifdRuhsr2GzqvWtf+znk9bpnhgW9So3I
RcpC0R1GuORDneVfJTtiySS+G8UjHa1/gly3p68EAsr0lkZbO+hEFFbxQmNhbJmQ
L+Mj7ZFD
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:25 2025 by rpki-client