Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/DQQVfrDiRTCIUPr9zd0b4FQXD9s.roa
File: DQQVfrDiRTCIUPr9zd0b4FQXD9s.roa (raw, json)
Hash identifier: 8keLR4RgePK/t+qeMIRiOhqAQZ/cmQFBEI8DEv5+z8s=
Subject key identifier: 0D:04:15:7E:B0:E2:45:30:88:50:FA:FD:CD:DD:1B:E0:54:17:0F:DB
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0195FBFD81921450D76492B6992466967576
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/DQQVfrDiRTCIUPr9zd0b4FQXD9s.roa
Signing time: Thu 03 Apr 2025 14:10:49 +0000
ROA not before: Thu 03 Apr 2025 14:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
85.118.216.0/21 maxlen: 21
185.63.148.0/22 maxlen: 22
212.103.64.0/19 maxlen: 19
212.103.64.0/24 maxlen: 24
212.103.65.0/24 maxlen: 24
217.11.208.0/20 maxlen: 20
217.146.160.0/20 maxlen: 20
217.146.165.0/24 maxlen: 24
2a00:c38::/32 maxlen: 32
2a00:c38:1a5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.mft
rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:fd:81:92:14:50:d7:64:92:b6:99:24:66:96:75:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Apr 3 14:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d04157eb0e245308850fafdcddd1be054170fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:89:c8:1b:e5:fc:38:ca:38:e8:1b:18:71:82:
64:29:5f:f5:18:55:02:81:d0:70:92:da:59:43:2e:
25:84:8c:05:93:b4:91:3d:80:60:e4:d3:2a:8e:df:
89:7e:0a:22:e9:2a:1b:12:3d:b9:3c:49:75:03:76:
52:83:e0:c6:07:5a:e7:24:0b:d9:f7:b9:6d:c3:fb:
33:71:5d:83:a5:c8:52:2c:f3:19:01:0f:60:eb:10:
34:16:bd:25:ea:8d:92:91:af:a6:0d:72:14:5a:10:
64:ab:fe:20:05:be:e6:ce:9a:7d:f9:8e:bb:2d:e7:
2c:58:16:b4:32:b1:8a:84:d2:0c:5b:34:28:84:fb:
55:02:3b:85:22:07:98:0b:af:f5:06:35:5a:f3:df:
2a:b0:9a:e7:bb:dc:2f:41:7e:da:bd:2f:15:da:13:
f2:5a:07:b3:a6:3f:07:07:4b:ce:d5:ec:7c:a1:25:
62:41:4e:04:ae:bf:24:f5:f8:fd:03:7b:64:7c:e1:
76:b6:35:8d:1a:0d:f6:22:75:ab:8c:c4:bf:0c:4d:
7b:d1:bf:35:32:84:2b:67:27:17:e5:ea:41:03:15:
a7:aa:49:ee:0b:06:50:22:5a:3e:a0:ef:b2:dc:45:
11:ff:94:86:cb:68:ed:01:30:e9:c4:4a:51:f7:48:
8e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:04:15:7E:B0:E2:45:30:88:50:FA:FD:CD:DD:1B:E0:54:17:0F:DB
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/DQQVfrDiRTCIUPr9zd0b4FQXD9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
85.118.216.0/21
185.63.148.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
96:f4:47:b1:af:22:2b:c7:d1:1e:e7:aa:be:10:61:8d:80:2b:
0a:7b:52:de:8f:4d:5c:85:14:f0:80:2a:06:1f:e6:57:db:8a:
23:35:e3:11:ca:9b:32:ea:0e:50:55:1e:3e:4f:16:85:38:44:
60:4e:6d:24:4e:62:46:8a:f9:1f:e2:3b:02:fd:8c:cb:7f:f1:
c8:e3:57:08:02:02:93:a2:01:f0:6a:6f:89:8d:fa:43:04:91:
ca:3d:92:97:7d:41:26:a4:38:19:bb:ef:84:57:3c:5d:77:d4:
e3:e9:74:98:62:4c:41:e7:dc:8e:3d:e6:57:bf:13:43:9e:5e:
1e:d2:d3:03:17:b1:89:17:db:3c:3c:4c:bc:0e:ae:8c:eb:54:
2c:d0:17:91:59:a5:6a:b4:ca:db:03:a6:80:d0:36:68:3e:0c:
06:41:e0:18:9d:93:cb:9d:62:5e:29:7f:dd:d6:59:e0:09:df:
3a:cf:f0:a3:b6:e4:40:fb:56:1d:e9:89:a9:f0:41:ba:17:49:
ef:5a:05:6f:2e:71:60:fd:48:2b:c3:a6:f7:71:6c:81:ff:1d:
01:a6:8d:a0:2d:81:4a:cb:08:f1:4f:2f:c7:6b:f6:88:0f:97:
41:01:3c:b0:88:7d:70:cf:0a:35:a3:f6:21:fd:a4:e3:7f:df:
60:f5:08:1c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZX7/YGSFFDXZJK2mSRmlnV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwNDAzMTQxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDA0MTU3ZWIwZTI0NTMwODg1MGZhZmRjZGRkMWJlMDU0MTcwZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4nIG+X8OMo46BsYcYJkKV/1GFUC
gdBwktpZQy4lhIwFk7SRPYBg5NMqjt+Jfgoi6SobEj25PEl1A3ZSg+DGB1rnJAvZ
97ltw/szcV2DpchSLPMZAQ9g6xA0Fr0l6o2Ska+mDXIUWhBkq/4gBb7mzpp9+Y67
LecsWBa0MrGKhNIMWzQohPtVAjuFIgeYC6/1BjVa898qsJrnu9wvQX7avS8V2hPy
Wgezpj8HB0vO1ex8oSViQU4Err8k9fj9A3tkfOF2tjWNGg32InWrjMS/DE170b81
MoQrZycX5epBAxWnqknuCwZQIlo+oO+y3EUR/5SGy2jtATDpxEpR90iOBwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFA0EFX6w4kUwiFD6/c3dG+BUFw/bMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvRFFRVmZyRGlSVENJVVByOXpkMGI0RlFYRDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTV94AwQD
VXbYAwQCuT+UAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqG
SIb3DQEBCwUAA4IBAQCW9EexryIrx9Ee56q+EGGNgCsKe1Lej01chRTwgCoGH+ZX
24ojNeMRypsy6g5QVR4+TxaFOERgTm0kTmJGivkf4jsC/YzLf/HI41cIAgKTogHw
am+JjfpDBJHKPZKXfUEmpDgZu++EVzxdd9Tj6XSYYkxB59yOPeZXvxNDnl4e0tMD
F7GJF9s8PEy8Dq6M61Qs0BeRWaVqtMrbA6aA0DZoPgwGQeAYnZPLnWJeKX/d1lng
Cd86z/CjtuRA+1Yd6Ymp8EG6F0nvWgVvLnFg/Ugrw6b3cWyB/x0Bpo2gLYFKywjx
Ty/Ha/aID5dBATywiH1wzwo1o/Yh/aTjf99g9Qgc
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:35:21 2025 by rpki-client