Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/rqMllQ155A2S7SS_4PQfBNAn4gw.roa
File: rqMllQ155A2S7SS_4PQfBNAn4gw.roa (raw, json)
Hash identifier: fS87JWrPgH68/hK1SJfJVRTn1bsQGrCVPuQ1+n82lao=
Subject key identifier: AE:A3:25:95:0D:79:E4:0D:92:ED:24:BF:E0:F4:1F:04:D0:27:E2:0C
Certificate issuer: /CN=93515f25986e4b572a78b109d995c9ddf5da1266
Certificate serial: 01942445153A0AFFB8D4F306433E12E30740
Authority key identifier: 93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/rqMllQ155A2S7SS_4PQfBNAn4gw.roa
Signing time: Wed 01 Jan 2025 23:48:14 +0000
ROA not before: Wed 01 Jan 2025 23:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60855
IP address blocks: 143.126.100.0/24 maxlen: 24
143.126.203.0/24 maxlen: 24
143.126.211.0/24 maxlen: 24
143.126.221.0/24 maxlen: 24
143.126.248.0/23 maxlen: 23
143.126.248.0/24 maxlen: 24
143.126.249.0/24 maxlen: 24
143.126.250.0/23 maxlen: 23
143.126.250.0/24 maxlen: 24
143.126.251.0/24 maxlen: 24
143.126.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:15:3a:0a:ff:b8:d4:f3:06:43:3e:12:e3:07:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93515f25986e4b572a78b109d995c9ddf5da1266
Validity
Not Before: Jan 1 23:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aea325950d79e40d92ed24bfe0f41f04d027e20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:0a:be:c6:c4:db:47:10:db:ce:7d:11:1c:
2c:e4:5f:94:24:8b:d0:be:dd:d5:b3:9b:37:ea:00:
19:a2:2d:14:62:68:d7:0a:79:29:f6:09:85:d5:9c:
b7:e5:53:14:ff:a6:b5:1c:3d:b8:6d:d4:96:35:77:
70:88:c2:94:90:60:e4:b4:ae:aa:43:1e:91:e6:55:
08:1f:d0:8f:1c:02:d8:db:76:da:21:58:4c:df:0f:
30:47:29:0a:ef:aa:8e:4f:e1:a0:72:7a:b1:b5:12:
b1:1d:4c:58:ea:bf:9b:01:32:9f:52:bf:66:68:8b:
bf:d4:d6:9c:83:51:b7:b2:9f:84:2e:4c:e9:d9:11:
6b:60:54:0a:b8:c9:72:40:aa:60:77:b9:73:06:8a:
9c:eb:a9:7d:03:be:98:3d:b9:73:2a:78:35:d6:80:
88:ee:5a:06:f7:2f:04:b8:fe:1a:d8:ed:39:2a:e1:
8f:97:4a:09:cf:80:dc:ba:77:cf:4b:08:b1:27:c5:
57:97:f9:1d:fa:da:2e:7e:a5:17:2a:33:8f:2f:43:
28:c1:af:13:b7:5a:8a:7f:a9:96:77:e6:e7:1f:05:
d5:6c:72:84:27:bf:e1:97:33:81:39:e1:eb:76:19:
86:11:8d:dd:78:c0:49:66:37:23:a6:f9:c7:91:6b:
50:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A3:25:95:0D:79:E4:0D:92:ED:24:BF:E0:F4:1F:04:D0:27:E2:0C
X509v3 Authority Key Identifier:
keyid:93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/rqMllQ155A2S7SS_4PQfBNAn4gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.126.100.0/24
143.126.203.0/24
143.126.211.0/24
143.126.221.0/24
143.126.248.0/22
143.126.255.0/24
Signature Algorithm: sha256WithRSAEncryption
66:81:e9:68:c7:be:19:bb:da:07:fc:6f:02:fc:b0:22:4d:62:
e8:5c:01:2c:79:8b:4b:36:07:c4:10:54:04:56:3e:cb:30:d0:
5b:93:58:d2:8c:88:a9:96:75:93:b6:7a:37:e2:02:9f:79:45:
fd:9f:0d:c8:34:df:4e:a5:20:ba:6e:f2:87:b0:5b:be:af:83:
b2:4f:f7:c9:4c:4a:e7:c4:7e:a9:d1:f2:3e:98:2e:92:c8:9a:
16:5d:7f:76:df:62:52:dd:ca:54:cc:bf:7f:d6:9e:4d:7b:74:
49:1d:d1:46:8c:36:d8:2c:05:0c:30:2f:81:5e:40:15:34:20:
14:ee:96:e6:75:63:be:ec:01:c5:12:59:07:13:66:02:9f:20:
8f:07:83:0b:37:01:8f:f1:a8:e2:eb:b8:05:54:8d:49:18:90:
a0:f6:bf:3f:50:be:71:0b:24:23:a5:6c:80:bc:50:1a:6e:41:
1f:1f:77:5e:5b:44:39:a2:23:bd:23:ab:b2:c8:c3:e5:5d:f8:
ca:32:53:68:9c:f0:8c:6d:c7:b3:48:c6:59:22:de:ff:b2:b1:
4c:ab:01:b6:26:07:17:ab:d6:83:4f:28:cf:1a:b0:1b:bb:48:
00:99:9f:57:89:7c:57:b4:c6:b5:59:cd:17:ed:f2:8b:1e:6f:
c3:05:3a:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQkRRU6Cv+41PMGQz4S4wdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTE1ZjI1OTg2ZTRiNTcyYTc4YjEwOWQ5OTVjOWRkZjVk
YTEyNjYwHhcNMjUwMTAxMjM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEzMjU5NTBkNzllNDBkOTJlZDI0YmZlMGY0MWYwNGQwMjdlMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuboKvsbE20cQ2859ERws5F+UJIvQ
vt3Vs5s36gAZoi0UYmjXCnkp9gmF1Zy35VMU/6a1HD24bdSWNXdwiMKUkGDktK6q
Qx6R5lUIH9CPHALY23baIVhM3w8wRykK76qOT+GgcnqxtRKxHUxY6r+bATKfUr9m
aIu/1Nacg1G3sp+ELkzp2RFrYFQKuMlyQKpgd7lzBoqc66l9A76YPblzKng11oCI
7loG9y8EuP4a2O05KuGPl0oJz4DcunfPSwixJ8VXl/kd+toufqUXKjOPL0Mowa8T
t1qKf6mWd+bnHwXVbHKEJ7/hlzOBOeHrdhmGEY3deMBJZjcjpvnHkWtQ5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK6jJZUNeeQNku0kv+D0HwTQJ+IMMB8GA1UdIwQY
MBaAFJNRXyWYbktXKnixCdmVyd312hJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2Yt
MTNkNTEzMjhhOWY3LzEvcnFNbGxRMTU1QTJTN1NTXzRQUWZCTkFuNGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2YtMTNkNTEzMjhhOWY3
LzEvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAj35kAwQA
j37LAwQAj37TAwQAj37dAwQCj374AwQAj37/MA0GCSqGSIb3DQEBCwUAA4IBAQBm
gelox74Zu9oH/G8C/LAiTWLoXAEseYtLNgfEEFQEVj7LMNBbk1jSjIiplnWTtno3
4gKfeUX9nw3INN9OpSC6bvKHsFu+r4OyT/fJTErnxH6p0fI+mC6SyJoWXX9232JS
3cpUzL9/1p5Ne3RJHdFGjDbYLAUMMC+BXkAVNCAU7pbmdWO+7AHFElkHE2YCnyCP
B4MLNwGP8aji67gFVI1JGJCg9r8/UL5xCyQjpWyAvFAabkEfH3deW0Q5oiO9I6uy
yMPlXfjKMlNonPCMbcezSMZZIt7/srFMqwG2JgcXq9aDTyjPGrAbu0gAmZ9XiXxX
tMa1Wc0X7fKLHm/DBTp0
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:59:37 2025 by rpki-client