Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/QgsJlqJcTUYG8ULdRGgE3NFD82g.roa
File: QgsJlqJcTUYG8ULdRGgE3NFD82g.roa (raw, json)
Hash identifier: js71yBiScUO+PfDSCeaEzOg8Fh9K6ktXB24Y7dBG/Eo=
Subject key identifier: 42:0B:09:96:A2:5C:4D:46:06:F1:42:DD:44:68:04:DC:D1:43:F3:68
Certificate issuer: /CN=540b63d19d86ea345c9b5f169300c3a29d4c31c4
Certificate serial: 0194228E3D74B0A254B9D8025E06582697B9
Authority key identifier: 54:0B:63:D1:9D:86:EA:34:5C:9B:5F:16:93:00:C3:A2:9D:4C:31:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAtj0Z2G6jRcm18WkwDDop1MMcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/QgsJlqJcTUYG8ULdRGgE3NFD82g.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8680
IP address blocks: 37.18.136.0/21 maxlen: 24
37.18.136.0/23 maxlen: 23
37.18.138.0/23 maxlen: 23
37.18.138.0/24 maxlen: 24
37.18.140.0/23 maxlen: 23
46.31.200.0/21 maxlen: 24
46.31.202.0/23 maxlen: 23
46.31.204.0/23 maxlen: 23
46.31.206.0/24 maxlen: 24
46.31.207.0/24 maxlen: 24
185.48.76.0/22 maxlen: 24
185.48.78.0/24 maxlen: 24
2a04:b240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/VAtj0Z2G6jRcm18WkwDDop1MMcQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/VAtj0Z2G6jRcm18WkwDDop1MMcQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VAtj0Z2G6jRcm18WkwDDop1MMcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3d:74:b0:a2:54:b9:d8:02:5e:06:58:26:97:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=540b63d19d86ea345c9b5f169300c3a29d4c31c4
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=420b0996a25c4d4606f142dd446804dcd143f368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bb:31:47:62:08:dd:bd:9e:02:7d:4f:b7:ec:
dd:d3:97:1e:03:c7:2c:ef:23:8e:e8:7a:0b:f7:84:
05:2e:d7:28:d5:f0:0f:15:b6:1c:11:4f:9b:3c:60:
7d:5e:56:18:30:4d:04:f2:94:53:65:1d:d2:f4:5e:
be:ec:31:af:39:ba:05:5e:06:e0:5d:37:5a:d1:a8:
dc:fb:6d:62:4e:6f:bc:44:75:92:e7:c7:7e:6d:5c:
90:81:c8:21:33:b9:06:e7:1e:41:74:9d:2f:55:be:
ea:11:38:b4:3e:ce:47:78:06:ff:f9:db:09:f5:67:
fa:86:1b:12:08:50:ed:09:e8:54:15:d0:44:fb:31:
ab:87:71:74:e0:24:c5:41:aa:c6:c9:f9:3b:54:6f:
24:7e:f5:dd:6c:30:ef:37:ea:3d:43:a6:43:ad:90:
1f:f2:2d:d9:f1:82:c7:a3:93:bf:e8:de:85:3e:9a:
8a:f2:48:7d:d4:87:63:c2:95:fa:6a:3a:b7:cb:93:
24:46:08:fe:d4:ea:b5:b9:14:8e:bc:7c:79:f8:b4:
8e:ef:5c:f8:1e:66:6a:1b:8b:eb:b3:80:27:3d:6f:
cc:48:5b:57:1c:d9:62:9d:68:f2:56:3b:b8:98:12:
28:1a:1e:4c:76:40:96:b3:ee:7c:ec:1e:fd:8d:1c:
13:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0B:09:96:A2:5C:4D:46:06:F1:42:DD:44:68:04:DC:D1:43:F3:68
X509v3 Authority Key Identifier:
keyid:54:0B:63:D1:9D:86:EA:34:5C:9B:5F:16:93:00:C3:A2:9D:4C:31:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAtj0Z2G6jRcm18WkwDDop1MMcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/QgsJlqJcTUYG8ULdRGgE3NFD82g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d98472-f0b7-4df3-925b-0004b274630b/1/VAtj0Z2G6jRcm18WkwDDop1MMcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.136.0/21
46.31.200.0/21
185.48.76.0/22
IPv6:
2a04:b240::/29
Signature Algorithm: sha256WithRSAEncryption
2b:86:1c:da:7f:19:59:98:bf:b0:d6:ef:bd:58:30:ec:b5:2e:
e7:e8:fa:4a:33:72:ee:f5:b2:d5:c9:46:69:3c:74:4e:a1:ce:
d8:40:93:bb:e8:b6:a5:95:64:fe:2b:7b:f5:f4:d4:1d:6c:26:
fe:f8:60:2b:04:ef:4c:72:c9:25:fe:f0:7a:43:6d:89:d2:87:
61:5e:16:78:ed:97:37:66:4b:3f:12:66:d1:8e:68:93:bb:46:
0b:db:c7:50:fd:6c:41:0d:df:98:87:23:21:32:a9:2a:5f:e1:
d1:a0:ee:b8:c1:4a:36:3b:de:2d:c3:76:79:6a:71:3d:97:a8:
ca:79:13:a3:99:d2:07:1b:5d:86:21:32:b6:de:f2:d1:5a:c5:
c5:1d:03:b9:42:0c:82:b2:1c:82:3e:ea:84:00:68:47:e4:39:
79:56:e5:c7:4f:8c:05:50:77:af:ef:66:77:09:24:6a:64:d6:
69:2a:97:e2:cd:5a:ec:ad:46:fc:ab:47:c0:b3:01:07:74:bd:
50:66:d4:76:ca:21:60:64:ec:61:d1:30:32:e5:0a:ea:45:a8:
c3:96:fc:f6:db:28:71:7e:39:a0:81:f7:f7:26:d9:c2:d4:ea:
54:da:cf:96:6c:be:c7:32:9e:94:0c:fe:c5:20:2b:ee:c1:e6:
e4:cb:86:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQijj10sKJUudgCXgZYJpe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MGI2M2QxOWQ4NmVhMzQ1YzliNWYxNjkzMDBjM2EyOWQ0
YzMxYzQwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBiMDk5NmEyNWM0ZDQ2MDZmMTQyZGQ0NDY4MDRkY2QxNDNmMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrsxR2II3b2eAn1Pt+zd05ceA8cs
7yOO6HoL94QFLtco1fAPFbYcEU+bPGB9XlYYME0E8pRTZR3S9F6+7DGvOboFXgbg
XTda0ajc+21iTm+8RHWS58d+bVyQgcghM7kG5x5BdJ0vVb7qETi0Ps5HeAb/+dsJ
9Wf6hhsSCFDtCehUFdBE+zGrh3F04CTFQarGyfk7VG8kfvXdbDDvN+o9Q6ZDrZAf
8i3Z8YLHo5O/6N6FPpqK8kh91IdjwpX6ajq3y5MkRgj+1Oq1uRSOvHx5+LSO71z4
HmZqG4vrs4AnPW/MSFtXHNlinWjyVju4mBIoGh5MdkCWs+587B79jRwT2wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEILCZaiXE1GBvFC3URoBNzRQ/NoMB8GA1UdIwQY
MBaAFFQLY9Gdhuo0XJtfFpMAw6KdTDHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkF0ajBaMkc2alJjbTE4V2t3RERvcDFNTWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kOTg0NzItZjBiNy00ZGYzLTkyNWIt
MDAwNGIyNzQ2MzBiLzEvUWdzSmxxSmNUVVlHOFVMZFJHZ0UzTkZEODJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kOTg0NzItZjBiNy00ZGYzLTkyNWItMDAwNGIyNzQ2MzBi
LzEvVkF0ajBaMkc2alJjbTE4V2t3RERvcDFNTWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJRKIAwQD
Lh/IAwQCuTBMMA0EAgACMAcDBQMqBLJAMA0GCSqGSIb3DQEBCwUAA4IBAQArhhza
fxlZmL+w1u+9WDDstS7n6PpKM3Lu9bLVyUZpPHROoc7YQJO76LallWT+K3v19NQd
bCb++GArBO9Mcskl/vB6Q22J0odhXhZ47Zc3Zks/EmbRjmiTu0YL28dQ/WxBDd+Y
hyMhMqkqX+HRoO64wUo2O94tw3Z5anE9l6jKeROjmdIHG12GITK23vLRWsXFHQO5
QgyCshyCPuqEAGhH5Dl5VuXHT4wFUHev72Z3CSRqZNZpKpfizVrsrUb8q0fAswEH
dL1QZtR2yiFgZOxh0TAy5QrqRajDlvz22yhxfjmggff3JtnC1OpU2s+WbL7HMp6U
DP7FICvuwebky4Yl
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:08 2025 by rpki-client