Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/qSKiJOg3xCxclMNg-Fd_1qbi_3I.roa
File: qSKiJOg3xCxclMNg-Fd_1qbi_3I.roa (raw, json)
Hash identifier: /vBH3d6n8qi+I8tEAft/7KOt6213rHrV93iMeTKUeww=
Subject key identifier: A9:22:A2:24:E8:37:C4:2C:5C:94:C3:60:F8:57:7F:D6:A6:E2:FF:72
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 019424B33B16DF2406D96C06C0D461E9A3EF
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/qSKiJOg3xCxclMNg-Fd_1qbi_3I.roa
Signing time: Thu 02 Jan 2025 01:48:33 +0000
ROA not before: Thu 02 Jan 2025 01:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12912
IP address blocks: 62.29.128.0/17 maxlen: 17
212.38.192.0/19 maxlen: 19
212.203.128.0/17 maxlen: 17
213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:3b:16:df:24:06:d9:6c:06:c0:d4:61:e9:a3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Jan 2 01:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a922a224e837c42c5c94c360f8577fd6a6e2ff72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:58:c6:93:cc:50:1f:f3:02:bf:ea:dd:9f:d4:
ce:94:ec:dc:1a:b7:a1:79:ef:70:24:a5:ba:56:f2:
da:0c:12:05:ba:16:aa:1d:1b:d7:a3:88:e5:34:27:
bc:f7:fe:f8:19:15:44:8b:d4:e3:d5:05:5c:61:bb:
88:98:c9:a1:37:64:27:f6:1e:08:4c:65:0f:14:9f:
bc:ae:bf:93:58:17:f1:dd:16:c3:df:41:3a:c2:b3:
c1:94:0d:2a:72:68:fe:fb:fc:bc:36:ed:72:d2:21:
09:cc:56:52:f1:cf:03:37:ef:ee:8b:2b:3d:64:17:
c0:42:04:fd:e4:e4:3a:46:d5:d1:06:3b:61:51:b8:
9c:af:22:3a:81:92:ba:11:a9:19:7c:c8:a2:36:41:
9b:5b:9e:ad:5c:88:f5:18:9c:c5:14:3d:70:ba:dc:
d8:72:1f:97:d3:40:24:bf:52:2b:e7:f1:5d:51:9f:
b5:d1:47:42:32:da:a3:13:64:68:58:82:0c:7b:e6:
0f:f6:35:83:8f:41:05:f1:74:0d:3b:a7:f4:51:41:
cd:7c:0e:16:46:0a:1d:74:9f:ec:ca:d7:7b:c9:62:
bb:8a:80:1b:58:6b:f9:d6:66:a3:a5:e4:70:f5:5f:
af:2e:86:cc:57:95:4c:5e:14:1b:fd:08:6c:3d:fd:
6b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:22:A2:24:E8:37:C4:2C:5C:94:C3:60:F8:57:7F:D6:A6:E2:FF:72
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/qSKiJOg3xCxclMNg-Fd_1qbi_3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
80:6b:12:07:17:d7:b9:48:67:40:17:33:28:74:f0:1d:a4:d8:
53:ea:0d:13:7d:8a:35:60:6f:5a:7f:68:ee:cd:58:29:81:c7:
ca:16:00:4c:5c:11:40:59:d8:6b:30:51:7e:6a:99:fb:31:33:
ee:9f:04:38:5d:69:bf:55:ee:ef:18:3d:1c:da:df:62:4a:c2:
6e:bf:64:74:56:36:68:9b:b9:72:58:15:af:43:70:62:06:0b:
01:50:9d:59:1b:87:98:5d:f2:95:cb:36:c4:3a:5e:02:4d:91:
be:e8:7a:8f:b7:7e:b0:19:64:93:34:09:c8:ec:db:87:3b:a9:
2b:5a:e5:c7:c4:4f:93:45:56:f0:f7:22:44:f7:ee:3f:83:e7:
09:5d:ea:09:b4:5d:1a:82:ed:ea:02:58:58:2e:51:31:a6:f3:
0c:a1:13:b8:af:97:49:1c:ce:3b:4c:46:93:19:f6:af:2b:5a:
c6:bc:3b:7d:2c:77:e6:48:62:f6:e2:d2:fd:14:29:63:55:0e:
74:81:3f:5e:67:9e:da:1b:78:f0:4c:33:67:df:f8:73:61:95:
20:e1:b6:5e:dc:88:2b:6a:13:85:9d:07:c8:7e:ad:b8:8d:96:
3a:4b:76:86:30:b8:c5:3f:45:d9:7a:5a:a0:c6:b0:98:a5:6b:
d7:08:70:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkszsW3yQG2WwGwNRh6aPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNl
OThlMjAwHhcNMjUwMTAyMDE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIyYTIyNGU4MzdjNDJjNWM5NGMzNjBmODU3N2ZkNmE2ZTJmZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VjGk8xQH/MCv+rdn9TOlOzcGreh
ee9wJKW6VvLaDBIFuhaqHRvXo4jlNCe89/74GRVEi9Tj1QVcYbuImMmhN2Qn9h4I
TGUPFJ+8rr+TWBfx3RbD30E6wrPBlA0qcmj++/y8Nu1y0iEJzFZS8c8DN+/uiys9
ZBfAQgT95OQ6RtXRBjthUbicryI6gZK6EakZfMiiNkGbW56tXIj1GJzFFD1wutzY
ch+X00Akv1Ir5/FdUZ+10UdCMtqjE2RoWIIMe+YP9jWDj0EF8XQNO6f0UUHNfA4W
RgoddJ/sytd7yWK7ioAbWGv51majpeRw9V+vLobMV5VMXhQb/QhsPf1r4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKkioiToN8QsXJTDYPhXf9am4v9yMB8GA1UdIwQY
MBaAFD4L6OSNugffIXEXRbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5Zjgt
MjBmOWYwZGJmNDU4LzEvcVNLaUpPZzN4Q3hjbE1OZy1GZF8xcWJpXzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4
LzEvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF
1CbAAwQH1MuAAwQF1dpgMA0GCSqGSIb3DQEBCwUAA4IBAQCAaxIHF9e5SGdAFzMo
dPAdpNhT6g0TfYo1YG9af2juzVgpgcfKFgBMXBFAWdhrMFF+apn7MTPunwQ4XWm/
Ve7vGD0c2t9iSsJuv2R0VjZom7lyWBWvQ3BiBgsBUJ1ZG4eYXfKVyzbEOl4CTZG+
6HqPt36wGWSTNAnI7NuHO6krWuXHxE+TRVbw9yJE9+4/g+cJXeoJtF0agu3qAlhY
LlExpvMMoRO4r5dJHM47TEaTGfavK1rGvDt9LHfmSGL24tL9FCljVQ50gT9eZ57a
G3jwTDNn3/hzYZUg4bZe3IgrahOFnQfIfq24jZY6S3aGMLjFP0XZelqgxrCYpWvX
CHB9
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:00:58 2025 by rpki-client