Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/qkuP3INuoQUlkGzQXsg6hNdv2PE.roa
File: qkuP3INuoQUlkGzQXsg6hNdv2PE.roa (raw, json)
Hash identifier: nbTS8K6lNcxMgwiUyLADYWPREZ9Nv1ZzLCUppLN19Wk=
Subject key identifier: AA:4B:8F:DC:83:6E:A1:05:25:90:6C:D0:5E:C8:3A:84:D7:6F:D8:F1
Certificate issuer: /CN=4518b89c7dce2b5edc05581516cfc19d7a3174e8
Certificate serial: 0194266BFE4EB979D358F6EC02195C602F66
Authority key identifier: 45:18:B8:9C:7D:CE:2B:5E:DC:05:58:15:16:CF:C1:9D:7A:31:74:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/qkuP3INuoQUlkGzQXsg6hNdv2PE.roa
Signing time: Thu 02 Jan 2025 09:49:59 +0000
ROA not before: Thu 02 Jan 2025 09:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60103
IP address blocks: 185.57.152.0/22 maxlen: 22
185.57.153.0/24 maxlen: 24
185.57.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:fe:4e:b9:79:d3:58:f6:ec:02:19:5c:60:2f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4518b89c7dce2b5edc05581516cfc19d7a3174e8
Validity
Not Before: Jan 2 09:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa4b8fdc836ea10525906cd05ec83a84d76fd8f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:ec:da:f7:ad:55:de:6f:d2:fc:9e:fa:06:
00:d3:83:db:dc:9f:af:e5:89:c5:82:dd:08:9e:bd:
60:bd:19:aa:19:54:2a:c4:2d:6c:d2:c6:6c:95:ee:
e8:cb:b2:5e:bf:95:1e:49:b9:bc:ad:68:b3:d4:be:
8b:d3:66:2e:37:42:92:8b:51:5f:ac:0c:47:52:f0:
e6:86:87:34:b4:58:a3:55:b4:59:f1:a0:65:09:b5:
6a:13:32:5b:46:db:71:36:e1:54:0e:04:7e:55:20:
e2:57:77:e7:9f:4b:ef:0c:29:72:e7:7f:94:83:1d:
03:8e:70:ee:e4:e4:56:7e:fa:b2:4e:89:dc:7b:d5:
e3:09:6f:29:3d:29:f8:2a:50:e6:19:9b:76:85:1a:
7d:ec:e9:4c:85:c3:51:50:b4:fd:30:3f:b4:52:51:
6d:9c:34:4a:0d:f9:49:69:c0:e1:a8:f0:a7:5c:ca:
27:b3:4f:a0:1a:44:f3:02:4a:1b:dc:00:8a:aa:af:
e0:a8:2a:dc:47:c7:d1:f2:82:13:82:17:f8:8b:4f:
f7:85:d4:ac:8b:eb:b8:26:be:96:9a:46:25:0d:1f:
f0:a7:41:de:0e:6d:d8:80:92:a6:bf:53:9a:66:0c:
93:54:c3:5c:cb:54:28:29:b7:a7:cd:9e:78:6c:4d:
05:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4B:8F:DC:83:6E:A1:05:25:90:6C:D0:5E:C8:3A:84:D7:6F:D8:F1
X509v3 Authority Key Identifier:
keyid:45:18:B8:9C:7D:CE:2B:5E:DC:05:58:15:16:CF:C1:9D:7A:31:74:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RRi4nH3OK17cBVgVFs_BnXoxdOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/qkuP3INuoQUlkGzQXsg6hNdv2PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ccf444-a22c-4fcd-bf1a-0f937ccf02e0/1/RRi4nH3OK17cBVgVFs_BnXoxdOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.152.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:b7:45:1a:92:71:9a:d3:e3:25:be:13:25:15:f0:9a:1b:01:
7a:58:bd:40:db:04:60:0c:6d:30:d2:57:31:d4:a8:60:87:69:
53:83:54:d1:76:d5:4a:34:14:d6:55:35:88:4f:f2:96:58:1a:
04:a2:97:d4:89:b0:aa:5c:b0:a5:d2:c7:e1:05:72:bd:7b:82:
6f:33:3f:2c:4c:00:b6:cc:9e:4d:7c:78:f5:b7:25:65:c5:13:
51:de:15:a5:9a:7c:a3:21:48:99:74:8c:8a:43:d3:8d:a5:14:
37:30:9a:03:8e:13:a8:34:b4:4c:0a:84:87:1b:3e:55:b5:84:
46:23:c9:f9:ea:d0:d4:83:c5:86:6d:ae:4b:af:e8:87:63:f4:
ea:20:09:d6:22:fe:ec:96:7b:bc:ee:ef:e5:93:66:46:4e:d7:
ff:e2:8f:38:48:2b:37:08:1f:70:49:e0:97:fe:19:e2:1d:70:
e0:a8:d2:e6:fe:6c:e4:cf:75:fd:79:7b:e7:f5:10:fa:b6:c3:
56:8b:f4:a1:e9:91:2f:58:aa:15:23:c9:dc:55:ae:f7:7b:0a:
13:0f:38:26:27:7f:01:1d:cb:74:2c:dc:c3:0b:b5:63:fa:13:
fe:46:27:35:d0:0b:cf:11:1e:3c:12:6a:7a:9a:10:21:8d:4b:
86:4b:7e:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/5OuXnTWPbsAhlcYC9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MThiODljN2RjZTJiNWVkYzA1NTgxNTE2Y2ZjMTlkN2Ez
MTc0ZTgwHhcNMjUwMTAyMDk0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRiOGZkYzgzNmVhMTA1MjU5MDZjZDA1ZWM4M2E4NGQ3NmZkOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZjs2vetVd5v0vye+gYA04Pb3J+v
5YnFgt0Inr1gvRmqGVQqxC1s0sZsle7oy7Jev5UeSbm8rWiz1L6L02YuN0KSi1Ff
rAxHUvDmhoc0tFijVbRZ8aBlCbVqEzJbRttxNuFUDgR+VSDiV3fnn0vvDCly53+U
gx0DjnDu5ORWfvqyTonce9XjCW8pPSn4KlDmGZt2hRp97OlMhcNRULT9MD+0UlFt
nDRKDflJacDhqPCnXMons0+gGkTzAkob3ACKqq/gqCrcR8fR8oITghf4i0/3hdSs
i+u4Jr6WmkYlDR/wp0HeDm3YgJKmv1OaZgyTVMNcy1QoKbenzZ54bE0F+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpLj9yDbqEFJZBs0F7IOoTXb9jxMB8GA1UdIwQY
MBaAFEUYuJx9zite3AVYFRbPwZ16MXToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlJpNG5IM09LMTdjQlZnVkZzX0JuWG94ZE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jY2Y0NDQtYTIyYy00ZmNkLWJmMWEt
MGY5MzdjY2YwMmUwLzEvcWt1UDNJTnVvUVVsa0d6UVhzZzZoTmR2MlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jY2Y0NDQtYTIyYy00ZmNkLWJmMWEtMGY5MzdjY2YwMmUw
LzEvUlJpNG5IM09LMTdjQlZnVkZzX0JuWG94ZE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTmYMA0G
CSqGSIb3DQEBCwUAA4IBAQCdt0UaknGa0+MlvhMlFfCaGwF6WL1A2wRgDG0w0lcx
1Khgh2lTg1TRdtVKNBTWVTWIT/KWWBoEopfUibCqXLCl0sfhBXK9e4JvMz8sTAC2
zJ5NfHj1tyVlxRNR3hWlmnyjIUiZdIyKQ9ONpRQ3MJoDjhOoNLRMCoSHGz5VtYRG
I8n56tDUg8WGba5Lr+iHY/TqIAnWIv7slnu87u/lk2ZGTtf/4o84SCs3CB9wSeCX
/hniHXDgqNLm/mzkz3X9eXvn9RD6tsNWi/Sh6ZEvWKoVI8ncVa73ewoTDzgmJ38B
Hct0LNzDC7Vj+hP+Ric10AvPER48Emp6mhAhjUuGS35I
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:26 2025 by rpki-client