Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/QDnTB1-gKLLvkYk5f0mHuXK293g.roa
File: QDnTB1-gKLLvkYk5f0mHuXK293g.roa (raw, json)
Hash identifier: ITp7yMZbWE36QWni9uBDxLpY4F+C9+SnVAj3E7l62Ts=
Subject key identifier: 40:39:D3:07:5F:A0:28:B2:EF:91:89:39:7F:49:87:B9:72:B6:F7:78
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 019498BC7D807200F9A515E249F5EE83C76F
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/QDnTB1-gKLLvkYk5f0mHuXK293g.roa
Signing time: Fri 24 Jan 2025 14:34:37 +0000
ROA not before: Fri 24 Jan 2025 14:34:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43754
IP address blocks: 78.110.120.0/24 maxlen: 24
78.110.122.0/24 maxlen: 24
78.110.123.0/24 maxlen: 24
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
152.89.44.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.47.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.58.240.0/24 maxlen: 24
185.58.241.0/24 maxlen: 24
185.58.242.0/24 maxlen: 24
185.58.243.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.141.107.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
188.209.153.0/24 maxlen: 24
195.110.38.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:bc:7d:80:72:00:f9:a5:15:e2:49:f5:ee:83:c7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 24 14:34:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4039d3075fa028b2ef9189397f4987b972b6f778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:83:76:9f:f8:87:de:65:1e:27:a8:96:0e:5a:
e2:26:20:95:16:71:0e:4d:95:09:e9:c9:f3:25:73:
7e:02:be:7a:fd:16:44:e9:aa:ed:51:de:9d:ad:a1:
12:01:cf:88:52:9e:4f:0d:46:2d:26:43:1d:ac:b6:
bd:50:7e:5d:15:c9:0c:ba:b8:c6:d6:49:87:0d:fd:
0b:21:d7:92:1e:e2:8b:b1:7a:4d:95:b2:a7:1e:7c:
95:7a:66:08:93:9a:1c:8e:b3:8b:49:91:da:9e:19:
d3:a8:6d:6f:bf:df:63:69:c6:44:7d:e1:4c:26:31:
bc:80:6d:2e:8e:bf:9d:20:4e:fe:8c:99:6e:e9:bc:
92:9a:83:85:c9:a8:fe:74:c8:67:69:91:88:bd:91:
78:a2:8a:c6:e2:c0:b1:0c:07:15:b4:fe:a2:db:78:
c1:2c:c1:49:4d:34:5e:57:4e:67:08:65:51:e7:07:
6b:0b:07:12:d5:f5:89:40:7d:fc:18:f8:dc:f8:62:
41:25:9f:60:12:89:34:69:16:c3:bd:a8:dd:64:ab:
cd:31:b5:2f:8a:cd:b9:6f:19:89:47:46:57:34:5f:
d9:bb:ba:55:4d:7c:0f:da:3e:48:52:47:6c:9c:8f:
f3:3a:d7:f4:eb:75:59:bf:1d:a7:08:34:c3:3b:26:
62:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:39:D3:07:5F:A0:28:B2:EF:91:89:39:7F:49:87:B9:72:B6:F7:78
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/QDnTB1-gKLLvkYk5f0mHuXK293g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/24
78.110.122.0/23
88.135.36.0/22
91.236.168.0/23
152.89.44.0/24
152.89.46.0/23
185.18.213.0-185.18.214.255
185.51.200.0/22
185.58.240.0/22
185.112.151.0/24
185.128.136.0/24
185.141.105.0-185.141.107.255
185.141.132.0/24
185.141.135.0/24
188.209.153.0/24
195.110.38.0/24
195.211.45.0-195.211.46.255
Signature Algorithm: sha256WithRSAEncryption
30:8c:ee:be:2a:2e:b3:ef:7f:64:92:28:71:54:5c:c5:63:0e:
d4:cb:aa:ee:69:f1:78:b8:4d:31:d4:3d:ff:6a:f1:16:33:83:
12:46:cf:e5:20:73:53:a0:1c:80:27:cb:a4:8a:23:bb:74:dc:
cd:08:99:d7:ab:dc:67:7a:cc:24:67:c8:a6:6b:a7:bc:d9:72:
40:42:91:59:54:50:47:79:bc:40:69:cd:b4:59:c3:aa:d6:0f:
36:09:d1:d0:b9:73:79:d6:2e:49:d6:a1:f6:59:c3:dd:28:25:
13:26:97:ff:c3:1e:b9:02:f8:23:31:bb:7e:37:f1:c5:87:88:
47:7f:c2:15:21:cd:5d:8e:30:ea:8a:b8:ff:35:eb:4a:ae:db:
9e:af:21:50:c9:13:5a:53:87:5b:23:3c:a3:51:4a:78:5b:9d:
b5:d4:94:04:78:e2:69:1f:0b:6e:c8:fd:83:7f:ad:7b:46:61:
3b:16:bf:8a:6e:7b:67:5a:22:4b:a9:3e:77:af:9b:eb:1e:d2:
3d:d9:d4:f1:f7:fa:46:5f:7b:da:8c:e9:f3:b5:44:ed:66:0b:
58:ce:a7:f2:fb:fa:55:a6:9a:c6:b2:f9:f4:be:65:10:27:64:
0b:ae:ab:92:b4:38:88:65:9f:f1:9d:ef:20:d0:32:20:8b:22:
dc:f0:b6:6e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZSYvH2AcgD5pRXiSfXug8dvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjUwMTI0MTQzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDM5ZDMwNzVmYTAyOGIyZWY5MTg5Mzk3ZjQ5ODdiOTcyYjZmNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oN2n/iH3mUeJ6iWDlriJiCVFnEO
TZUJ6cnzJXN+Ar56/RZE6artUd6draESAc+IUp5PDUYtJkMdrLa9UH5dFckMurjG
1kmHDf0LIdeSHuKLsXpNlbKnHnyVemYIk5ocjrOLSZHanhnTqG1vv99jacZEfeFM
JjG8gG0ujr+dIE7+jJlu6bySmoOFyaj+dMhnaZGIvZF4oorG4sCxDAcVtP6i23jB
LMFJTTReV05nCGVR5wdrCwcS1fWJQH38GPjc+GJBJZ9gEok0aRbDvajdZKvNMbUv
is25bxmJR0ZXNF/Zu7pVTXwP2j5IUkdsnI/zOtf063VZvx2nCDTDOyZirwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEA50wdfoCiy75GJOX9Jh7lytvd4MB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvUURuVEIxLWdLTEx2a1lrNWYwbUh1WEsyOTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAE5u
eAMEAU5uegMEAliHJAMEAVvsqAMEAJhZLAMEAZhZLjAMAwQAuRLVAwQAuRLWAwQC
uTPIAwQCuTrwAwQAuXCXAwQAuYCIMAwDBAC5jWkDBAK5jWgDBAC5jYQDBAC5jYcD
BAC80ZkDBADDbiYwDAMEAMPTLQMEAMPTLjANBgkqhkiG9w0BAQsFAAOCAQEAMIzu
vious+9/ZJIocVRcxWMO1Muq7mnxeLhNMdQ9/2rxFjODEkbP5SBzU6AcgCfLpIoj
u3TczQiZ16vcZ3rMJGfIpmunvNlyQEKRWVRQR3m8QGnNtFnDqtYPNgnR0LlzedYu
Sdah9lnD3SglEyaX/8MeuQL4IzG7fjfxxYeIR3/CFSHNXY4w6oq4/zXrSq7bnq8h
UMkTWlOHWyM8o1FKeFudtdSUBHjiaR8Lbsj9g3+te0ZhOxa/im57Z1oiS6k+d6+b
6x7SPdnU8ff6Rl972ozp87VE7WYLWM6n8vv6VaaaxrL59L5lECdkC66rkrQ4iGWf
8Z3vINAyIIsi3PC2bg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 03:54:05 2025 by rpki-client