Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/qodg_DBnwKRycROmAU-iKcJ4abc.roa
File: qodg_DBnwKRycROmAU-iKcJ4abc.roa (raw, json)
Hash identifier: srDO/uSK7u2lQgddrt4UOUxImFrZqcKNDp2zNmpUe54=
Subject key identifier: AA:87:60:FC:30:67:C0:A4:72:71:13:A6:01:4F:A2:29:C2:78:69:B7
Certificate issuer: /CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Certificate serial: 0194266C107E8CFB0025151F24830BA80CD5
Authority key identifier: FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/qodg_DBnwKRycROmAU-iKcJ4abc.roa
Signing time: Thu 02 Jan 2025 09:50:03 +0000
ROA not before: Thu 02 Jan 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208662
IP address blocks: 45.86.105.0/24 maxlen: 24
45.86.106.0/24 maxlen: 24
45.86.107.0/24 maxlen: 24
2a0f:95c0:4000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:10:7e:8c:fb:00:25:15:1f:24:83:0b:a8:0c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcea08e8421df2f245c7cb333ee76a14a8882d4a
Validity
Not Before: Jan 2 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa8760fc3067c0a4727113a6014fa229c27869b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:76:d1:95:19:49:6e:2c:ca:72:d3:76:0f:6b:
4c:eb:43:6c:80:8b:4c:69:33:83:d9:e7:18:df:fa:
61:b4:db:81:5f:a3:1a:90:d3:43:e7:0f:bf:fa:db:
5e:9c:ee:3d:d1:e4:32:d6:95:38:83:66:da:8f:cc:
b4:56:1c:92:2f:13:87:78:ce:9c:30:e3:c1:69:c2:
f5:69:04:4e:73:ba:b9:4f:d7:f1:68:f8:f2:4e:0e:
af:54:f7:b0:05:cf:e7:1a:fe:6e:6c:61:0b:aa:aa:
f6:1f:b2:8e:89:ae:06:16:62:8a:ce:12:e7:ef:15:
a6:aa:80:18:c3:23:dc:20:5a:33:57:8d:fa:ba:3c:
07:c9:60:a1:24:5c:7d:af:f8:07:69:60:ce:61:f8:
d0:32:51:43:1e:3f:35:79:69:82:4d:ac:d7:d1:14:
b5:1f:b0:b1:a5:3a:4c:53:b6:23:22:4d:6e:d9:20:
98:39:c5:f8:1b:f4:27:91:0b:ce:58:9d:08:24:6b:
7c:8a:3b:e6:35:f0:1a:38:86:43:57:e0:88:33:26:
21:95:2d:99:3f:e9:51:ce:5d:3d:08:da:60:46:d2:
ea:d8:b0:dd:6e:1f:3b:4f:ca:2d:46:15:26:82:61:
3b:80:90:d6:06:8c:b5:22:cc:c2:4d:29:5f:c8:76:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:87:60:FC:30:67:C0:A4:72:71:13:A6:01:4F:A2:29:C2:78:69:B7
X509v3 Authority Key Identifier:
keyid:FC:EA:08:E8:42:1D:F2:F2:45:C7:CB:33:3E:E7:6A:14:A8:88:2D:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OoI6EId8vJFx8szPudqFKiILUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/qodg_DBnwKRycROmAU-iKcJ4abc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/ea7e61-98b3-4120-83ce-c077e1702bc7/1/_OoI6EId8vJFx8szPudqFKiILUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.105.0-45.86.107.255
IPv6:
2a0f:95c0:4000::/34
Signature Algorithm: sha256WithRSAEncryption
b4:f0:66:26:16:b9:1c:cf:29:ab:0c:b9:7c:d0:d1:da:97:8a:
9e:69:fd:e9:0e:dd:1f:7c:eb:1d:32:2b:da:88:23:2f:19:a2:
7e:f5:19:38:7e:84:db:3a:6d:ed:71:00:03:bf:7c:36:8f:5d:
19:e1:fa:d5:41:5b:22:ba:7b:22:ed:91:7d:b5:4e:b6:ac:d1:
67:54:57:de:04:d0:4a:10:3b:94:2d:82:e7:5d:0a:bc:4e:d7:
68:ef:7b:24:05:1c:ac:37:5e:38:fb:46:80:55:14:99:dd:03:
28:46:55:b7:94:b1:f2:83:76:9e:be:b5:fb:bb:32:8f:17:9d:
57:ee:ec:b4:82:7c:6e:df:57:35:7c:9a:06:d9:07:4b:03:b1:
8d:95:e3:17:c2:1b:d3:80:cb:d1:af:d9:6f:c3:1d:c2:7f:58:
8f:96:d3:2e:57:08:a1:30:88:8b:66:2f:57:f5:a0:d0:0d:c1:
f7:59:ac:af:7a:dd:ed:70:5b:48:e5:bc:aa:e8:e2:58:06:f7:
b4:f5:d2:d3:2f:32:70:c4:73:03:68:15:2a:18:65:f0:92:0a:
f2:89:75:5e:3b:9a:fe:7e:31:99:53:43:3f:4c:be:26:e5:ef:
8a:ca:01:37:49:b0:75:b3:9e:b6:58:a5:4a:61:96:98:c3:ac:
9a:6c:50:e6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbBB+jPsAJRUfJIMLqAzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZWEwOGU4NDIxZGYyZjI0NWM3Y2IzMzNlZTc2YTE0YTg4
ODJkNGEwHhcNMjUwMTAyMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg3NjBmYzMwNjdjMGE0NzI3MTEzYTYwMTRmYTIyOWMyNzg2OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnbRlRlJbizKctN2D2tM60NsgItM
aTOD2ecY3/phtNuBX6MakNND5w+/+ttenO490eQy1pU4g2baj8y0VhySLxOHeM6c
MOPBacL1aQROc7q5T9fxaPjyTg6vVPewBc/nGv5ubGELqqr2H7KOia4GFmKKzhLn
7xWmqoAYwyPcIFozV436ujwHyWChJFx9r/gHaWDOYfjQMlFDHj81eWmCTazX0RS1
H7CxpTpMU7YjIk1u2SCYOcX4G/QnkQvOWJ0IJGt8ijvmNfAaOIZDV+CIMyYhlS2Z
P+lRzl09CNpgRtLq2LDdbh87T8otRhUmgmE7gJDWBoy1IszCTSlfyHYDAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKqHYPwwZ8CkcnETpgFPoinCeGm3MB8GA1UdIwQY
MBaAFPzqCOhCHfLyRcfLMz7nahSoiC1KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2Ut
YzA3N2UxNzAyYmM3LzEvcW9kZ19EQm53S1J5Y1JPbUFVLWlLY0o0YWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lYTdlNjEtOThiMy00MTIwLTgzY2UtYzA3N2UxNzAyYmM3
LzEvX09vSTZFSWQ4dkpGeDhzelB1ZHFGS2lJTFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAAtVmkD
BAItVmgwDgQCAAIwCAMGBioPlcBAMA0GCSqGSIb3DQEBCwUAA4IBAQC08GYmFrkc
zymrDLl80NHal4qeaf3pDt0ffOsdMivaiCMvGaJ+9Rk4foTbOm3tcQADv3w2j10Z
4frVQVsiunsi7ZF9tU62rNFnVFfeBNBKEDuULYLnXQq8Ttdo73skBRysN144+0aA
VRSZ3QMoRlW3lLHyg3aevrX7uzKPF51X7uy0gnxu31c1fJoG2QdLA7GNleMXwhvT
gMvRr9lvwx3Cf1iPltMuVwihMIiLZi9X9aDQDcH3Wayvet3tcFtI5byq6OJYBve0
9dLTLzJwxHMDaBUqGGXwkgryiXVeO5r+fjGZU0M/TL4m5e+KygE3SbB1s562WKVK
YZaYw6yabFDm
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:58 2025 by rpki-client