Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/vqIlQ51IAOGJFiTSPtHU72fvx08.roa
File: vqIlQ51IAOGJFiTSPtHU72fvx08.roa (raw, json)
Hash identifier: zUhV3nwfP0jHHq/oTFIpW9P4yGQL+wJghHGlBxSt0/g=
Subject key identifier: BE:A2:25:43:9D:48:00:E1:89:16:24:D2:3E:D1:D4:EF:67:EF:C7:4F
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 01942368FBB712A67DAD0D62DF2006A9D345
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/vqIlQ51IAOGJFiTSPtHU72fvx08.roa
Signing time: Wed 01 Jan 2025 19:47:50 +0000
ROA not before: Wed 01 Jan 2025 19:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 143.196.0.0/24 maxlen: 24
143.196.1.0/24 maxlen: 24
143.196.16.0/24 maxlen: 24
143.196.17.0/24 maxlen: 24
143.196.18.0/24 maxlen: 24
143.196.20.0/24 maxlen: 24
143.196.21.0/24 maxlen: 24
143.196.124.0/24 maxlen: 24
143.196.125.0/24 maxlen: 24
143.196.126.0/24 maxlen: 24
143.196.127.0/24 maxlen: 24
143.196.130.0/24 maxlen: 24
143.196.143.0/24 maxlen: 24
143.196.144.0/24 maxlen: 24
143.196.157.0/24 maxlen: 24
143.196.158.0/24 maxlen: 24
143.196.159.0/24 maxlen: 24
143.196.160.0/24 maxlen: 24
143.196.161.0/24 maxlen: 24
143.196.162.0/24 maxlen: 24
143.196.163.0/24 maxlen: 24
143.196.164.0/24 maxlen: 24
143.196.165.0/24 maxlen: 24
143.196.166.0/24 maxlen: 24
143.196.167.0/24 maxlen: 24
143.196.250.0/24 maxlen: 24
143.196.252.0/24 maxlen: 24
143.196.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:fb:b7:12:a6:7d:ad:0d:62:df:20:06:a9:d3:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 19:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bea225439d4800e1891624d23ed1d4ef67efc74f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c8:12:06:48:2e:80:d8:6d:7e:69:3c:d6:7c:
3a:84:ff:6c:c5:91:17:31:2d:1a:83:93:ca:76:da:
3e:57:77:17:62:7b:ca:af:93:1a:29:ab:fb:28:6f:
8a:a6:ac:96:ad:d7:c4:51:a8:9f:ae:b8:36:61:0a:
64:cc:27:17:5b:aa:f0:22:7f:0d:f4:c6:d9:1c:48:
c9:36:a0:0b:30:fa:c1:3c:86:a3:90:58:92:71:d2:
b5:16:a0:69:d3:11:54:21:9b:f9:9a:84:b1:50:01:
12:3c:47:be:a4:21:3a:92:37:8a:da:96:27:64:14:
91:a8:09:3e:40:8f:c9:30:20:7a:fe:b6:e3:58:fa:
48:74:89:de:a4:22:cf:6b:19:ab:f2:f3:f4:6e:82:
0b:86:a3:5c:6f:2e:52:ba:dd:31:99:77:a9:18:1c:
56:d7:9e:eb:e6:8d:c7:75:e3:91:54:1b:ce:27:c7:
51:27:57:91:75:44:10:ae:b2:82:36:5d:3b:20:13:
ee:32:4b:01:d2:0c:7d:cc:36:a5:5b:ec:59:12:2d:
d5:db:82:34:47:63:f2:53:b4:80:97:b9:64:5b:6b:
02:19:d7:06:df:09:64:4d:0b:d3:24:be:62:f3:e3:
8c:91:11:e2:db:6f:df:2e:9a:72:07:fa:55:23:07:
36:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A2:25:43:9D:48:00:E1:89:16:24:D2:3E:D1:D4:EF:67:EF:C7:4F
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/vqIlQ51IAOGJFiTSPtHU72fvx08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.0.0/23
143.196.16.0-143.196.18.255
143.196.20.0/23
143.196.124.0/22
143.196.130.0/24
143.196.143.0-143.196.144.255
143.196.157.0-143.196.167.255
143.196.250.0/24
143.196.252.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:1e:b0:9d:b1:48:84:0b:cd:09:00:74:00:ff:fc:90:57:d9:
79:03:4c:4d:ec:51:e2:19:52:fa:ab:9d:4c:10:eb:72:b9:5b:
54:0d:64:e1:37:c1:01:06:ba:31:49:c1:b5:97:6e:32:64:36:
1c:61:91:85:e9:8f:8d:62:b6:5b:a9:3e:2a:83:79:b6:3a:53:
55:84:f6:df:07:00:9b:f0:90:f2:cc:35:34:31:2a:81:64:07:
fa:60:03:75:d1:60:8f:b2:8a:c9:00:30:82:ac:bb:85:ee:68:
04:38:7d:ad:7a:fd:e6:ec:91:58:b6:32:ba:c7:94:3b:74:61:
7e:d5:a4:c0:b7:2d:f6:65:77:e2:56:76:14:fe:9b:b7:5a:d1:
f9:0d:e9:cc:e7:4a:9d:4b:b7:e9:0d:b2:c4:ab:c7:18:f2:72:
fa:fd:91:f7:79:36:e5:b2:0d:2c:60:66:14:1e:6c:e7:c5:23:
ff:02:10:b0:7e:6d:19:e5:93:28:ab:43:14:b9:56:cd:4c:cc:
38:0d:36:27:6f:44:e2:66:aa:2d:da:08:d8:69:ea:6b:a3:b8:
b7:a1:fe:9e:2d:26:75:f4:51:d5:c6:b9:7f:a1:cd:ad:15:fa:
a4:2e:fa:0a:e9:0d:6e:e2:7f:49:4b:2f:cb:5a:49:90:57:26:
d3:b1:4c:8c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQjaPu3EqZ9rQ1i3yAGqdNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjUwMTAxMTk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWEyMjU0MzlkNDgwMGUxODkxNjI0ZDIzZWQxZDRlZjY3ZWZjNzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28gSBkgugNhtfmk81nw6hP9sxZEX
MS0ag5PKdto+V3cXYnvKr5MaKav7KG+KpqyWrdfEUaifrrg2YQpkzCcXW6rwIn8N
9MbZHEjJNqALMPrBPIajkFiScdK1FqBp0xFUIZv5moSxUAESPEe+pCE6kjeK2pYn
ZBSRqAk+QI/JMCB6/rbjWPpIdInepCLPaxmr8vP0boILhqNcby5Sut0xmXepGBxW
157r5o3HdeORVBvOJ8dRJ1eRdUQQrrKCNl07IBPuMksB0gx9zDalW+xZEi3V24I0
R2PyU7SAl7lkW2sCGdcG3wlkTQvTJL5i8+OMkRHi22/fLppyB/pVIwc2PwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFL6iJUOdSADhiRYk0j7R1O9n78dPMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvdnFJbFE1MUlBT0dKRmlUU1B0SFU3MmZ2eDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBj8QAMAwD
BASPxBADBACPxBIDBAGPxBQDBAKPxHwDBACPxIIwDAMEAI/EjwMEAI/EkDAMAwQA
j8SdAwQDj8SgAwQAj8T6AwQBj8T8MA0GCSqGSIb3DQEBCwUAA4IBAQC1HrCdsUiE
C80JAHQA//yQV9l5A0xN7FHiGVL6q51MEOtyuVtUDWThN8EBBroxScG1l24yZDYc
YZGF6Y+NYrZbqT4qg3m2OlNVhPbfBwCb8JDyzDU0MSqBZAf6YAN10WCPsorJADCC
rLuF7mgEOH2tev3m7JFYtjK6x5Q7dGF+1aTAty32ZXfiVnYU/pu3WtH5DenM50qd
S7fpDbLEq8cY8nL6/ZH3eTblsg0sYGYUHmznxSP/AhCwfm0Z5ZMoq0MUuVbNTMw4
DTYnb0TiZqot2gjYaepro7i3of6eLSZ19FHVxrl/oc2tFfqkLvoK6Q1u4n9JSy/L
WkmQVybTsUyM
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:28:58 2025 by rpki-client