Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/pQKQijoa8QLl8H3UvggEgIJH4JI.roa
File: pQKQijoa8QLl8H3UvggEgIJH4JI.roa (raw, json)
Hash identifier: JjHJzDNM1I3FEnY1/wJ+QeN9KOwj+3VjvvY6xPkS+9k=
Subject key identifier: A5:02:90:8A:3A:1A:F1:02:E5:F0:7D:D4:BE:08:04:80:82:47:E0:92
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 0194228E2F05313A3D2D897F143E283BEC1A
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/pQKQijoa8QLl8H3UvggEgIJH4JI.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64489
IP address blocks: 185.11.68.0/22 maxlen: 22
2a03:9080::/32 maxlen: 32
2a06:e080::/29 maxlen: 29
2a0b:3000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2f:05:31:3a:3d:2d:89:7f:14:3e:28:3b:ec:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a502908a3a1af102e5f07dd4be0804808247e092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:19:af:1d:e4:c4:16:07:c9:34:2c:74:1f:
3c:d6:0a:cb:c6:48:77:e9:36:6e:be:04:aa:c1:ff:
32:b9:60:6e:72:3c:ce:4e:4a:42:04:6f:b8:c7:d0:
c4:1b:9e:7b:92:81:d1:8b:1c:6b:e8:37:ad:fe:8e:
4e:a0:09:be:b1:ce:d9:6a:b2:67:ba:b1:70:c3:e2:
0b:c2:7b:87:55:85:28:33:f0:f6:4a:47:75:ae:4d:
b5:b8:68:aa:1c:56:20:c6:e4:c0:ee:70:c4:34:78:
42:4d:60:1c:4e:72:89:c5:a0:7a:d5:1e:db:84:22:
54:c9:5d:c6:1c:03:8f:ae:7a:2d:64:29:33:a1:9c:
21:18:21:8e:e6:d6:6e:23:63:c8:f9:b0:db:96:f2:
52:fb:e4:e4:7c:66:93:48:9c:73:6f:b4:de:a1:58:
6f:9c:54:62:7d:33:a1:9e:72:58:8c:4d:ae:b6:e7:
db:56:71:d7:4a:50:89:88:c4:0a:e7:1b:39:93:46:
8e:72:3f:79:2f:da:71:e2:10:2f:c3:0c:7f:76:bf:
8f:1a:df:9d:42:8a:70:d6:8e:69:77:18:b3:01:e8:
2d:47:65:bb:37:45:f5:24:bb:b2:99:a9:23:a0:47:
32:75:bf:27:4c:45:f1:4e:df:b9:18:37:fc:d8:5b:
ed:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:90:8A:3A:1A:F1:02:E5:F0:7D:D4:BE:08:04:80:82:47:E0:92
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/pQKQijoa8QLl8H3UvggEgIJH4JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
IPv6:
2a03:9080::/32
2a06:e080::/29
2a0b:3000::/29
Signature Algorithm: sha256WithRSAEncryption
82:52:8a:c7:6b:cc:05:73:8e:f3:78:e0:1e:d3:c0:1f:67:cb:
50:1f:bc:6e:08:f4:a4:64:b9:7d:c3:01:73:98:bd:b2:73:2d:
9a:73:35:14:bc:06:22:77:a4:93:39:75:3f:df:a0:49:95:fc:
c4:08:16:4f:cb:3a:dc:37:ee:53:1c:f0:7b:a3:3e:7b:04:c5:
72:51:b8:3e:80:f0:af:4c:d5:1b:5b:25:8e:2d:7a:78:f9:2f:
86:11:76:82:d6:81:f8:76:c5:7c:13:28:a6:65:c8:b9:cb:1e:
59:84:2d:23:eb:b1:cf:e4:b9:81:b2:c2:92:7a:f2:5b:d6:0a:
72:d4:1e:d3:be:c5:39:fa:5c:81:e5:e4:74:79:4b:36:6d:39:
40:4b:20:38:37:9b:c3:31:a7:7f:1f:60:57:49:fb:a8:77:a4:
40:c5:34:d1:8d:5d:9c:76:d1:03:24:87:bd:c6:cb:48:b5:73:
8a:b8:15:91:27:56:bb:19:69:4c:42:6e:2e:cc:39:37:4c:66:
83:0d:c3:b2:9a:22:62:53:ea:66:17:ca:5d:03:84:8e:58:4f:
88:01:c0:aa:bf:89:7c:d4:2e:6e:0b:7d:81:93:7b:f2:fe:51:
80:39:95:7b:16:c8:f6:c1:5d:34:40:40:df:ce:00:a9:76:c2:
b0:81:4a:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQiji8FMTo9LYl/FD4oO+waMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MTg0Y2U5MTkwMjM2NDBiYjkyNTZjMmQ4ZDFhMDQ5ZmEx
MDI1MjAwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAyOTA4YTNhMWFmMTAyZTVmMDdkZDRiZTA4MDQ4MDgyNDdlMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSIZrx3kxBYHyTQsdB881grLxkh3
6TZuvgSqwf8yuWBucjzOTkpCBG+4x9DEG557koHRixxr6Det/o5OoAm+sc7ZarJn
urFww+ILwnuHVYUoM/D2Skd1rk21uGiqHFYgxuTA7nDENHhCTWAcTnKJxaB61R7b
hCJUyV3GHAOPrnotZCkzoZwhGCGO5tZuI2PI+bDblvJS++TkfGaTSJxzb7TeoVhv
nFRifTOhnnJYjE2utufbVnHXSlCJiMQK5xs5k0aOcj95L9px4hAvwwx/dr+PGt+d
Qopw1o5pdxizAegtR2W7N0X1JLuymakjoEcydb8nTEXxTt+5GDf82FvtZQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKUCkIo6GvEC5fB91L4IBICCR+CSMB8GA1UdIwQY
MBaAFIQYTOkZAjZAu5JWwtjRoEn6ECUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEt
MGE3OWQ1NDk2NWE5LzEvcFFLUWlqb2E4UUxsOEgzVXZnZ0VnSUpINEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEtMGE3OWQ1NDk2NWE5
LzEvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCuQtEMBsE
AgACMBUDBQAqA5CAAwUDKgbggAMFAyoLMAAwDQYJKoZIhvcNAQELBQADggEBAIJS
isdrzAVzjvN44B7TwB9ny1AfvG4I9KRkuX3DAXOYvbJzLZpzNRS8BiJ3pJM5dT/f
oEmV/MQIFk/LOtw37lMc8HujPnsExXJRuD6A8K9M1RtbJY4tenj5L4YRdoLWgfh2
xXwTKKZlyLnLHlmELSPrsc/kuYGywpJ68lvWCnLUHtO+xTn6XIHl5HR5SzZtOUBL
IDg3m8Mxp38fYFdJ+6h3pEDFNNGNXZx20QMkh73Gy0i1c4q4FZEnVrsZaUxCbi7M
OTdMZoMNw7KaImJT6mYXyl0DhI5YT4gBwKq/iXzULm4LfYGTe/L+UYA5lXsWyPbB
XTRAQN/OAKl2wrCBSpw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:45 2025 by rpki-client