Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TQH-UqpdFcQPQJ_O-mPcMaxRh5Y.roa
File: TQH-UqpdFcQPQJ_O-mPcMaxRh5Y.roa (raw, json)
Hash identifier: 5UUSbkoNXYWS7SIZNqMfY5y6jLKaLP3pTD8kSnX3ZQY=
Subject key identifier: 4D:01:FE:52:AA:5D:15:C4:0F:40:9F:CE:FA:63:DC:31:AC:51:87:96
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 0194228DAFD115B8ABF52282096E95DF2362
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TQH-UqpdFcQPQJ_O-mPcMaxRh5Y.roa
Signing time: Wed 01 Jan 2025 15:48:18 +0000
ROA not before: Wed 01 Jan 2025 15:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 85.198.32.0/24 maxlen: 24
85.198.33.0/24 maxlen: 24
85.198.37.0/24 maxlen: 24
85.198.40.0/24 maxlen: 24
85.198.44.0/24 maxlen: 24
85.198.45.0/24 maxlen: 24
85.198.47.0/24 maxlen: 24
91.123.8.0/24 maxlen: 24
91.123.10.0/24 maxlen: 24
91.123.11.0/24 maxlen: 24
190.106.183.0/24 maxlen: 24
206.195.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:af:d1:15:b8:ab:f5:22:82:09:6e:95:df:23:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 1 15:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d01fe52aa5d15c40f409fcefa63dc31ac518796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:33:0a:dc:d0:81:c5:81:47:66:33:8c:f8:0b:
b1:e3:72:ce:ff:0a:b1:e4:8e:cc:ad:61:94:87:68:
5a:7e:ca:ad:bb:68:bf:fa:a4:09:46:91:d0:d4:5a:
1d:45:83:57:1f:75:0f:41:03:26:cd:36:35:7c:63:
a9:60:06:7f:25:36:97:e8:0c:7a:ae:25:f8:a6:4c:
03:cc:15:61:21:2a:bf:45:31:a3:06:22:f8:6f:bb:
90:8d:ad:e6:56:0c:f9:de:04:6d:98:7c:8d:f6:5d:
04:42:de:1f:a7:67:3a:80:d6:d6:b4:8c:6f:16:d9:
4f:67:bf:af:5f:f4:33:c9:4b:ef:15:60:d1:99:1c:
4b:a7:64:ff:70:56:ca:2c:39:cc:60:e8:29:66:84:
68:04:08:1f:b5:69:76:f5:e3:65:f7:d9:a1:b2:8e:
cf:05:2a:66:25:a8:82:1f:2f:56:49:d0:92:80:64:
83:9d:a1:10:ea:6e:27:24:ca:be:52:8d:e8:69:df:
33:ff:31:23:1e:b1:e0:28:e3:02:54:ea:00:c5:b4:
3c:7f:92:c0:d9:66:6b:04:4e:16:48:50:d3:a9:28:
c7:c3:dd:28:79:cc:75:5f:c8:b6:60:dd:6d:8d:21:
20:8e:7a:f7:d5:5e:de:bf:00:31:be:8d:75:bb:69:
4b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:FE:52:AA:5D:15:C4:0F:40:9F:CE:FA:63:DC:31:AC:51:87:96
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TQH-UqpdFcQPQJ_O-mPcMaxRh5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.32.0/23
85.198.37.0/24
85.198.40.0/24
85.198.44.0/23
85.198.47.0/24
91.123.8.0/24
91.123.10.0/23
190.106.183.0/24
206.195.140.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:9d:2b:75:32:52:0c:22:91:d6:7f:16:73:df:77:15:84:9c:
57:2b:24:e2:cf:b1:fa:90:b0:29:59:b7:db:59:49:f3:5e:cf:
d0:95:f3:26:02:b2:9c:b9:7c:ec:af:e5:f5:bb:ad:56:82:fd:
a6:86:66:c2:98:32:ef:80:1e:f0:b6:d3:ac:88:28:af:f9:74:
92:88:0f:0a:17:72:1b:83:25:96:d7:54:4a:f5:f4:ca:d9:ad:
38:d8:07:4a:43:dc:e6:37:0e:9a:52:47:98:27:ce:51:d4:39:
4d:8f:68:f6:d3:45:76:dd:6b:ab:e3:47:55:bc:f7:bd:93:91:
e6:85:6f:60:ae:b5:d8:4e:a4:9f:fc:51:32:0a:9e:6e:09:85:
26:d1:13:c8:2d:b6:73:dd:cc:47:ce:7d:a1:b6:f6:19:6a:f1:
3e:18:6c:67:a7:b8:db:70:6e:d4:8c:e4:33:90:ea:b8:f9:d5:
ee:b0:06:c5:bd:2c:06:67:86:39:6a:cd:e9:80:1c:81:90:af:
2f:9e:65:12:09:e0:ce:74:d3:80:74:e1:6e:ca:5f:d2:d0:33:
d6:99:3a:21:93:90:dc:d9:9d:1f:8b:8b:29:b9:e9:3d:b7:10:
10:47:fb:29:b4:c4:01:3d:a8:44:a1:df:1e:f9:3f:f8:66:73:
0d:15:2f:13
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQija/RFbir9SKCCW6V3yNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjUwMTAxMTU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAxZmU1MmFhNWQxNWM0MGY0MDlmY2VmYTYzZGMzMWFjNTE4Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjMK3NCBxYFHZjOM+Aux43LO/wqx
5I7MrWGUh2hafsqtu2i/+qQJRpHQ1FodRYNXH3UPQQMmzTY1fGOpYAZ/JTaX6Ax6
riX4pkwDzBVhISq/RTGjBiL4b7uQja3mVgz53gRtmHyN9l0EQt4fp2c6gNbWtIxv
FtlPZ7+vX/QzyUvvFWDRmRxLp2T/cFbKLDnMYOgpZoRoBAgftWl29eNl99mhso7P
BSpmJaiCHy9WSdCSgGSDnaEQ6m4nJMq+Uo3oad8z/zEjHrHgKOMCVOoAxbQ8f5LA
2WZrBE4WSFDTqSjHw90oecx1X8i2YN1tjSEgjnr31V7evwAxvo11u2lLRQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE0B/lKqXRXED0Cfzvpj3DGsUYeWMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvVFFILVVxcGRGY1FQUUpfTy1tUGNNYXhSaDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBVcYgAwQA
VcYlAwQAVcYoAwQBVcYsAwQAVcYvAwQAW3sIAwQBW3sKAwQAvmq3AwQAzsOMMA0G
CSqGSIb3DQEBCwUAA4IBAQB/nSt1MlIMIpHWfxZz33cVhJxXKyTiz7H6kLApWbfb
WUnzXs/QlfMmArKcuXzsr+X1u61Wgv2mhmbCmDLvgB7wttOsiCiv+XSSiA8KF3Ib
gyWW11RK9fTK2a042AdKQ9zmNw6aUkeYJ85R1DlNj2j200V23Wur40dVvPe9k5Hm
hW9grrXYTqSf/FEyCp5uCYUm0RPILbZz3cxHzn2htvYZavE+GGxnp7jbcG7UjOQz
kOq4+dXusAbFvSwGZ4Y5as3pgByBkK8vnmUSCeDOdNOAdOFuyl/S0DPWmTohk5Dc
2Z0fi4spuek9txAQR/sptMQBPahEod8e+T/4ZnMNFS8T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:05 2025 by rpki-client