Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/qP3YU_S4LUHGi-PUyOS9YdXOrOg.roa
File: qP3YU_S4LUHGi-PUyOS9YdXOrOg.roa (raw, json)
Hash identifier: 86gRYjmoaW5iHjfh3rXQG4yuY8yHQt9SBONVBj8bSuQ=
Subject key identifier: A8:FD:D8:53:F4:B8:2D:41:C6:8B:E3:D4:C8:E4:BD:61:D5:CE:AC:E8
Certificate issuer: /CN=96b8121d556df453456553dcb45c4143f4cdd213
Certificate serial: 01941FFA02CB1F8E8B48CA7DABC587C0D4C3
Authority key identifier: 96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/qP3YU_S4LUHGi-PUyOS9YdXOrOg.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41465
IP address blocks: 89.19.192.0/24 maxlen: 24
89.19.193.0/24 maxlen: 24
89.19.194.0/24 maxlen: 24
89.19.195.0/24 maxlen: 24
89.19.196.0/24 maxlen: 24
89.19.197.0/24 maxlen: 24
89.19.198.0/24 maxlen: 24
89.19.199.0/24 maxlen: 24
89.19.200.0/24 maxlen: 24
89.19.201.0/24 maxlen: 24
89.19.202.0/24 maxlen: 24
89.19.203.0/24 maxlen: 24
89.19.204.0/24 maxlen: 24
89.19.205.0/24 maxlen: 24
89.19.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:02:cb:1f:8e:8b:48:ca:7d:ab:c5:87:c0:d4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8121d556df453456553dcb45c4143f4cdd213
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8fdd853f4b82d41c68be3d4c8e4bd61d5ceace8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7d:a6:3f:74:41:28:ae:a0:b1:9f:53:6b:c6:
de:68:0b:7f:c0:60:9a:51:d3:5a:7b:64:9e:c6:8f:
1a:35:48:7d:b7:15:9b:7e:90:8b:75:d2:40:af:2c:
01:ae:79:49:11:1f:6a:ae:e0:42:b7:19:15:f9:ce:
3c:16:c6:0d:2a:a7:32:ae:1c:89:cc:2c:48:60:e2:
c5:e3:80:0a:a2:0f:46:35:aa:2e:dd:7f:69:db:3f:
26:14:1f:78:5b:ad:ac:2d:26:0c:37:e3:8f:ea:3f:
c4:d7:8f:af:6e:4a:67:29:79:95:08:ad:a6:9c:ea:
f4:6f:bb:a4:4d:7b:f3:90:81:86:a6:38:fe:a3:c5:
27:97:1c:44:4e:1c:ae:7d:90:bf:70:9d:38:62:f9:
e2:e4:e5:4f:e2:d4:9c:1a:1e:d3:21:b5:64:6a:83:
05:bd:59:9b:9b:89:58:60:65:68:6b:a2:60:55:c2:
4b:0d:39:cd:9f:93:1d:16:be:d1:3f:e6:77:80:b0:
1f:fc:9a:53:39:c8:62:68:2d:a1:3b:65:d4:c8:32:
1c:82:67:4f:8a:5e:a5:47:87:8a:cb:58:96:b0:68:
e4:9e:2d:77:9f:2d:a5:f0:da:cd:a1:f7:8d:9f:87:
4d:f9:2e:7d:05:9e:28:de:07:0a:d3:6c:fb:5d:e1:
ce:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FD:D8:53:F4:B8:2D:41:C6:8B:E3:D4:C8:E4:BD:61:D5:CE:AC:E8
X509v3 Authority Key Identifier:
keyid:96:B8:12:1D:55:6D:F4:53:45:65:53:DC:B4:5C:41:43:F4:CD:D2:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrgSHVVt9FNFZVPctFxBQ_TN0hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/qP3YU_S4LUHGi-PUyOS9YdXOrOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d665e6-f95d-4347-8565-d4f5317c5830/1/lrgSHVVt9FNFZVPctFxBQ_TN0hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.192.0-89.19.206.255
Signature Algorithm: sha256WithRSAEncryption
b7:7c:56:0b:b3:3a:ce:35:19:8c:42:d4:7c:0d:1c:8c:c1:b8:
83:5a:b4:b4:df:9c:8e:36:66:35:9e:36:dd:a8:09:3c:7f:12:
d8:d2:ff:f8:97:0f:c3:9c:2e:ee:a2:f2:55:78:b8:81:d8:c6:
57:90:ee:3d:83:bd:ef:a7:09:56:9c:5f:32:f1:a5:69:29:1b:
5d:a4:ef:74:7c:42:3e:16:c5:c2:ad:af:94:49:38:89:a2:34:
cf:79:c7:de:81:8e:47:c6:0b:33:0e:9a:66:e4:8d:b7:5d:af:
71:ec:bd:bf:ba:74:09:b6:98:ab:7b:6a:f3:cd:1e:bd:8b:39:
2d:a7:e8:3a:ed:82:7f:47:48:13:d8:40:62:fb:c4:29:34:11:
57:4b:65:89:92:f8:30:26:be:3c:f6:d5:16:f4:35:4c:db:4a:
51:0c:a7:3a:8a:d6:b6:3f:02:3c:24:cd:b7:80:a4:6d:fd:8f:
cc:3f:d3:2b:ab:dc:2b:a0:66:7d:f2:33:fe:58:86:01:11:90:
21:b9:16:a0:d7:30:02:61:55:a1:ef:f2:bd:e5:52:1a:7d:79:
af:0c:d8:b3:8b:42:af:cb:44:3d:8e:43:ce:f0:5e:b1:80:82:
23:2b:d9:04:45:5f:87:8a:5b:25:ee:02:7c:01:92:c7:3b:f2:
e7:6b:7f:3b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+gLLH46LSMp9q8WHwNTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjgxMjFkNTU2ZGY0NTM0NTY1NTNkY2I0NWM0MTQzZjRj
ZGQyMTMwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZkZDg1M2Y0YjgyZDQxYzY4YmUzZDRjOGU0YmQ2MWQ1Y2VhY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH2mP3RBKK6gsZ9Ta8beaAt/wGCa
UdNae2Sexo8aNUh9txWbfpCLddJArywBrnlJER9qruBCtxkV+c48FsYNKqcyrhyJ
zCxIYOLF44AKog9GNaou3X9p2z8mFB94W62sLSYMN+OP6j/E14+vbkpnKXmVCK2m
nOr0b7ukTXvzkIGGpjj+o8UnlxxEThyufZC/cJ04Yvni5OVP4tScGh7TIbVkaoMF
vVmbm4lYYGVoa6JgVcJLDTnNn5MdFr7RP+Z3gLAf/JpTOchiaC2hO2XUyDIcgmdP
il6lR4eKy1iWsGjkni13ny2l8NrNofeNn4dN+S59BZ4o3gcK02z7XeHO7QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKj92FP0uC1Bxovj1MjkvWHVzqzoMB8GA1UdIwQY
MBaAFJa4Eh1VbfRTRWVT3LRcQUP0zdITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUt
ZDRmNTMxN2M1ODMwLzEvcVAzWVVfUzRMVUhHaS1QVXlPUzlZZFhPck9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNjY1ZTYtZjk1ZC00MzQ3LTg1NjUtZDRmNTMxN2M1ODMw
LzEvbHJnU0hWVnQ5Rk5GWlZQY3RGeEJRX1ROMGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAZZE8AD
BABZE84wDQYJKoZIhvcNAQELBQADggEBALd8VguzOs41GYxC1HwNHIzBuINatLTf
nI42ZjWeNt2oCTx/EtjS//iXD8OcLu6i8lV4uIHYxleQ7j2Dve+nCVacXzLxpWkp
G12k73R8Qj4WxcKtr5RJOImiNM95x96BjkfGCzMOmmbkjbddr3Hsvb+6dAm2mKt7
avPNHr2LOS2n6Drtgn9HSBPYQGL7xCk0EVdLZYmS+DAmvjz21Rb0NUzbSlEMpzqK
1rY/AjwkzbeApG39j8w/0yur3CugZn3yM/5YhgERkCG5FqDXMAJhVaHv8r3lUhp9
ea8M2LOLQq/LRD2OQ87wXrGAgiMr2QRFX4eKWyXuAnwBksc78udrfzs=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:03 2025 by rpki-client