Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/QvqihRljCm445jweQ6gFK7wXIOs.roa
File: QvqihRljCm445jweQ6gFK7wXIOs.roa (raw, json)
Hash identifier: b6Ii57U4Sye1rJOrny/XLuYZqJiC9WdbHx+cBgoka7I=
Subject key identifier: 42:FA:A2:85:19:63:0A:6E:38:E6:3C:1E:43:A8:05:2B:BC:17:20:EB
Certificate issuer: /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial: 0194266C2FA09752D777DF82422D15640E4A
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/QvqihRljCm445jweQ6gFK7wXIOs.roa
Signing time: Thu 02 Jan 2025 09:50:11 +0000
ROA not before: Thu 02 Jan 2025 09:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48359
IP address blocks: 185.129.184.0/24 maxlen: 24
185.129.185.0/24 maxlen: 24
185.129.186.0/24 maxlen: 24
185.129.187.0/24 maxlen: 24
185.129.198.0/24 maxlen: 24
185.129.201.0/24 maxlen: 24
185.129.212.0/24 maxlen: 24
185.129.228.0/24 maxlen: 24
185.129.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 16:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2f:a0:97:52:d7:77:df:82:42:2d:15:64:0e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Validity
Not Before: Jan 2 09:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42faa28519630a6e38e63c1e43a8052bbc1720eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:df:55:cb:20:54:35:92:8a:ed:8d:f6:88:30:
8b:36:b1:12:cf:50:a6:7c:66:80:ea:ce:46:60:d7:
c1:5f:6d:0b:bc:04:81:42:1f:ce:9f:31:37:16:3d:
d7:e7:bf:00:f1:ff:de:2b:d3:ae:19:1d:2c:8a:8a:
1d:78:3b:c1:70:ae:a7:26:51:a6:a6:f7:44:b0:09:
fa:aa:10:8a:c0:b1:13:69:64:eb:a8:be:38:c0:19:
da:58:61:80:5d:e9:e6:fc:85:0f:5c:07:29:d7:07:
60:bb:80:77:a2:b6:1a:05:2b:a6:df:f0:67:ec:0f:
54:5d:aa:9a:6b:a7:55:2c:4e:58:55:48:be:dc:a2:
b9:49:34:7e:72:f0:ef:de:7e:ca:79:f6:bc:9f:08:
b1:67:85:6d:38:ef:03:93:33:58:53:bf:1b:cf:f5:
2c:53:b4:ad:66:42:d0:12:6f:6a:69:58:54:ac:8d:
75:fa:61:84:29:19:d3:b9:f6:ad:aa:00:c3:02:8e:
d6:c5:63:9e:c8:f0:ae:1f:41:ac:02:2e:f4:2e:f3:
6b:7c:fa:04:3d:82:29:11:b0:78:40:d3:19:a8:a3:
11:1c:6d:43:ed:61:cc:d4:31:37:24:f8:12:15:6e:
42:b6:2a:d4:ec:bd:73:ad:ee:1c:50:a3:6a:74:6e:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FA:A2:85:19:63:0A:6E:38:E6:3C:1E:43:A8:05:2B:BC:17:20:EB
X509v3 Authority Key Identifier:
keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/QvqihRljCm445jweQ6gFK7wXIOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.184.0/22
185.129.198.0/24
185.129.201.0/24
185.129.212.0/24
185.129.228.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:0e:69:32:0c:2a:dc:4b:2b:f4:b2:a5:a2:71:34:4d:80:d9:
06:e8:31:97:fa:cd:7e:2f:d1:68:45:be:f6:7f:3c:06:f5:01:
cf:3d:43:ec:bb:8d:72:72:99:9c:a2:ec:44:2b:c5:a7:1f:1b:
e2:13:62:7b:08:d2:f0:3c:a7:f5:0a:2b:85:3d:e6:ee:bc:75:
cc:a6:8f:47:b4:51:42:2d:48:53:1c:0b:da:34:8a:38:af:65:
02:ab:ac:34:cb:4f:05:7b:53:9d:7c:fa:dc:a2:6d:61:5c:7a:
52:af:01:ac:8f:e0:cd:9a:5b:e9:9f:e5:91:2f:68:89:05:4d:
9f:67:78:f8:d8:7f:4c:cf:e7:5b:8b:73:3c:cc:90:e7:ad:9e:
47:a9:b5:d8:e9:b2:05:eb:39:52:df:bb:ec:4d:8a:64:fa:90:
24:3c:26:4d:7e:c3:54:04:e7:be:0b:fb:04:50:4e:e1:13:2f:
09:a6:98:2a:6a:36:85:22:c8:2e:e9:eb:b3:be:1a:b9:18:fe:
5f:b4:f2:bf:9a:e3:04:02:ac:84:81:5f:33:5c:0e:78:87:ad:
8f:b2:f8:ea:37:1f:ee:3a:d4:a1:f2:20:fa:5e:ec:6d:c1:c6:
5c:4a:f4:3c:29:c4:c2:b9:02:8c:65:9a:a9:d9:4f:4a:3a:7c:
b1:e7:d8:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbC+gl1LXd9+CQi0VZA5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjUwMTAyMDk1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZhYTI4NTE5NjMwYTZlMzhlNjNjMWU0M2E4MDUyYmJjMTcyMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN9VyyBUNZKK7Y32iDCLNrESz1Cm
fGaA6s5GYNfBX20LvASBQh/OnzE3Fj3X578A8f/eK9OuGR0sioodeDvBcK6nJlGm
pvdEsAn6qhCKwLETaWTrqL44wBnaWGGAXenm/IUPXAcp1wdgu4B3orYaBSum3/Bn
7A9UXaqaa6dVLE5YVUi+3KK5STR+cvDv3n7Kefa8nwixZ4VtOO8DkzNYU78bz/Us
U7StZkLQEm9qaVhUrI11+mGEKRnTufatqgDDAo7WxWOeyPCuH0GsAi70LvNrfPoE
PYIpEbB4QNMZqKMRHG1D7WHM1DE3JPgSFW5CtirU7L1zre4cUKNqdG7sNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEL6ooUZYwpuOOY8HkOoBSu8FyDrMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvUXZxaWhSbGpDbTQ0NWp3ZVE2Z0ZLN3dYSU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuYG4AwQA
uYHGAwQAuYHJAwQAuYHUAwQBuYHkMA0GCSqGSIb3DQEBCwUAA4IBAQC2DmkyDCrc
Syv0sqWicTRNgNkG6DGX+s1+L9FoRb72fzwG9QHPPUPsu41ycpmcouxEK8WnHxvi
E2J7CNLwPKf1CiuFPebuvHXMpo9HtFFCLUhTHAvaNIo4r2UCq6w0y08Fe1OdfPrc
om1hXHpSrwGsj+DNmlvpn+WRL2iJBU2fZ3j42H9Mz+dbi3M8zJDnrZ5HqbXY6bIF
6zlS37vsTYpk+pAkPCZNfsNUBOe+C/sEUE7hEy8JppgqajaFIsgu6euzvhq5GP5f
tPK/muMEAqyEgV8zXA54h62PsvjqNx/uOtSh8iD6XuxtwcZcSvQ8KcTCuQKMZZqp
2U9KOnyx59gH
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:15:05 2025 by rpki-client