Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/TQC_J_n_-TEcjtQ--Snxo_Bz6IQ.roa
File: TQC_J_n_-TEcjtQ--Snxo_Bz6IQ.roa (raw, json)
Hash identifier: OYVJWqinUu1yhTH3sZjKq6EGQxrkbvI8drSvSE0FOvI=
Subject key identifier: 4D:00:BF:27:F9:FF:F9:31:1C:8E:D4:3E:F9:29:F1:A3:F0:73:E8:84
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 01942444EF0B76E69B45EF01EA433A541342
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/TQC_J_n_-TEcjtQ--Snxo_Bz6IQ.roa
Signing time: Wed 01 Jan 2025 23:48:04 +0000
ROA not before: Wed 01 Jan 2025 23:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56643
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
185.241.138.0/24 maxlen: 24
185.241.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ef:0b:76:e6:9b:45:ef:01:ea:43:3a:54:13:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d00bf27f9fff9311c8ed43ef929f1a3f073e884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:08:aa:67:a7:8c:9c:fa:5f:fd:2b:31:f6:
60:3e:ff:71:63:9c:9b:65:85:c0:99:1e:c8:7f:16:
47:dd:42:5e:d1:37:fe:62:c2:fc:d9:ca:7d:ad:0b:
29:4e:56:da:aa:9f:c3:57:f9:4f:e4:ad:01:92:19:
10:37:3c:86:04:66:ae:47:03:3c:61:ce:31:58:88:
76:60:02:8e:f3:51:7b:55:f1:f0:e1:6e:fd:ff:8b:
e3:a1:6d:59:2b:64:e7:12:f5:44:df:84:a8:59:05:
aa:ee:4b:d8:99:27:a3:24:48:56:44:28:cd:6a:55:
2b:7d:c4:6a:bf:f2:ed:67:88:f6:d9:1d:7f:24:46:
e6:4c:4f:b2:d5:55:5c:83:ec:82:c2:c8:87:a4:58:
9d:d7:59:11:93:8e:30:84:12:42:0e:81:4a:41:d3:
04:42:2b:41:35:1c:18:ff:d8:26:2c:64:a0:cb:d8:
2c:25:65:59:98:5a:2e:04:2d:2d:7a:4f:ec:9d:6d:
c6:34:c6:49:f6:7a:d8:6f:97:4d:8d:da:4f:3b:48:
64:74:b2:3b:b8:62:82:f7:57:cd:69:a3:f0:eb:8d:
fa:3a:35:20:61:bf:86:20:69:d7:56:6f:0b:0f:a0:
03:23:31:d4:a7:8a:e5:3c:68:5a:7b:52:70:f3:bc:
c0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:00:BF:27:F9:FF:F9:31:1C:8E:D4:3E:F9:29:F1:A3:F0:73:E8:84
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/TQC_J_n_-TEcjtQ--Snxo_Bz6IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/22
Signature Algorithm: sha256WithRSAEncryption
86:a4:69:f2:81:44:ca:aa:1d:9b:05:98:cb:2d:c1:de:35:13:
2c:12:d1:f5:c1:52:84:cc:41:10:23:3b:2e:c9:f9:79:89:d6:
c7:c5:42:e5:ab:bc:53:30:3a:96:1d:76:45:bc:e5:88:4a:c0:
15:99:37:15:8c:72:ad:ab:b9:0a:e1:47:2e:c8:3d:2a:0c:20:
c1:f4:7d:9a:d6:ba:64:65:bf:b6:e8:4b:3d:3f:a2:8f:ac:5d:
cd:48:67:56:6e:b8:9e:6c:06:e7:43:c9:ce:81:f0:e2:67:0f:
6a:10:8a:02:c5:f2:7f:5e:34:2a:4f:5e:b1:a2:f4:1e:5e:2c:
31:1c:f5:9a:7e:ef:42:1f:4c:f9:45:bd:78:78:3a:99:af:e0:
33:3d:c7:e9:15:b0:09:0b:e5:44:d0:52:0a:77:5c:b9:9a:c5:
2b:27:e9:86:4a:4c:6f:fe:95:7a:c7:c6:3f:0c:bb:9f:2b:1f:
f8:7e:d7:84:7c:1f:63:62:d8:45:2c:ba:5a:61:58:29:54:ef:
49:aa:d9:14:49:1e:00:45:a7:cb:1c:5b:81:41:d2:2a:f8:be:
d1:56:55:77:a4:41:7c:03:fc:40:98:cd:56:26:5d:bd:7e:40:
35:38:14:61:77:5c:2e:b3:1e:6b:1d:da:87:a0:0c:2c:24:7f:
2e:53:2c:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRO8LduabRe8B6kM6VBNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAwYmYyN2Y5ZmZmOTMxMWM4ZWQ0M2VmOTI5ZjFhM2YwNzNlODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM4IqmenjJz6X/0rMfZgPv9xY5yb
ZYXAmR7IfxZH3UJe0Tf+YsL82cp9rQspTlbaqp/DV/lP5K0BkhkQNzyGBGauRwM8
Yc4xWIh2YAKO81F7VfHw4W79/4vjoW1ZK2TnEvVE34SoWQWq7kvYmSejJEhWRCjN
alUrfcRqv/LtZ4j22R1/JEbmTE+y1VVcg+yCwsiHpFid11kRk44whBJCDoFKQdME
QitBNRwY/9gmLGSgy9gsJWVZmFouBC0tek/snW3GNMZJ9nrYb5dNjdpPO0hkdLI7
uGKC91fNaaPw6436OjUgYb+GIGnXVm8LD6ADIzHUp4rlPGhae1Jw87zABwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE0Avyf5//kxHI7UPvkp8aPwc+iEMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvVFFDX0pfbl8tVEVjanRRLS1TbnhvX0J6NklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQC
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQCGpGnygUTKqh2bBZjLLcHeNRMsEtH1wVKE
zEEQIzsuyfl5idbHxULlq7xTMDqWHXZFvOWISsAVmTcVjHKtq7kK4UcuyD0qDCDB
9H2a1rpkZb+26Es9P6KPrF3NSGdWbriebAbnQ8nOgfDiZw9qEIoCxfJ/XjQqT16x
ovQeXiwxHPWafu9CH0z5Rb14eDqZr+AzPcfpFbAJC+VE0FIKd1y5msUrJ+mGSkxv
/pV6x8Y/DLufKx/4fteEfB9jYthFLLpaYVgpVO9JqtkUSR4ARafLHFuBQdIq+L7R
VlV3pEF8A/xAmM1WJl29fkA1OBRhd1wusx5rHdqHoAwsJH8uUyyX
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:03:48 2025 by rpki-client