Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qLwaQHbpLKR-VOFMsqI1Dr-brZQ.roa
File: qLwaQHbpLKR-VOFMsqI1Dr-brZQ.roa (raw, json)
Hash identifier: zu206w/6uZIZGZL13CES5xmLYzoUTsD6JgpbCtCYgq4=
Subject key identifier: A8:BC:1A:40:76:E9:2C:A4:7E:54:E1:4C:B2:A2:35:0E:BF:9B:AD:94
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0194221FA5D8D2545638351D27B415ACB6E7
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qLwaQHbpLKR-VOFMsqI1Dr-brZQ.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197927
IP address blocks: 130.255.174.0/24 maxlen: 24
146.19.85.0/24 maxlen: 24
193.42.214.0/24 maxlen: 24
193.42.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a5:d8:d2:54:56:38:35:1d:27:b4:15:ac:b6:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8bc1a4076e92ca47e54e14cb2a2350ebf9bad94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c3:3f:fd:af:0e:d3:8f:5b:5d:37:b0:9c:1f:
39:0a:b1:60:74:2e:8e:71:26:e4:a6:33:09:33:48:
a0:86:2d:ae:08:24:0a:ad:fa:96:14:33:ed:c1:4d:
2e:42:51:0e:c0:12:78:a7:f4:28:a6:d3:ca:37:4b:
90:81:d9:88:ce:a9:e8:70:6b:44:99:d8:ad:f3:53:
f2:23:3f:0e:a1:6d:02:13:f9:83:bd:80:8e:bf:a0:
47:5b:c8:da:18:6a:28:a1:ae:36:8d:39:36:0e:38:
7d:8b:56:20:77:e2:54:d6:b5:c6:14:9e:80:9c:96:
09:80:14:dc:79:f2:3b:42:61:cd:0e:d1:75:77:9e:
d1:87:4a:cf:bf:c1:b4:6a:a1:3a:62:fe:2f:7f:89:
d2:95:f7:19:b0:46:b4:a7:ee:21:e2:93:ad:69:8c:
8f:86:3f:b1:c3:91:f6:98:76:fb:58:74:ab:63:27:
6a:b5:49:a6:e3:5a:d6:e0:9d:84:42:83:36:12:27:
11:d2:33:58:20:a7:26:92:b9:f1:11:ed:0f:69:93:
95:f7:fb:4e:82:92:32:8b:05:10:45:86:47:10:e4:
c2:5a:de:c9:ae:a4:81:17:d4:5e:a1:71:67:02:dd:
bb:0d:92:1f:2e:fc:b6:7b:5b:5a:9e:be:34:b5:fe:
00:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BC:1A:40:76:E9:2C:A4:7E:54:E1:4C:B2:A2:35:0E:BF:9B:AD:94
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qLwaQHbpLKR-VOFMsqI1Dr-brZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
193.42.214.0/24
193.42.217.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:95:ea:83:2f:01:98:77:ba:5e:87:21:1d:c0:64:5c:19:c4:
86:3b:26:1b:2c:50:ec:b8:4b:ed:8f:c5:1a:c2:a7:0c:06:84:
af:fb:36:64:78:99:75:e0:8f:20:ba:4d:56:22:4b:8c:a6:e0:
a7:69:0c:e8:31:e6:94:c3:d6:05:ad:5c:f1:8f:53:d4:3e:c5:
a1:e4:1a:51:43:41:29:79:73:66:7b:08:30:0f:5e:53:af:54:
af:d7:c9:b1:50:45:98:64:62:16:36:61:ed:89:03:c5:d4:23:
0a:e0:58:cf:43:5a:e6:ac:54:99:55:8e:70:99:e1:8a:76:c6:
48:62:50:76:f4:2a:65:10:e5:65:e7:20:7a:7d:48:8c:15:f5:
c6:5a:c8:b1:9c:ee:3c:cb:89:00:69:50:1b:ec:17:97:c0:55:
52:91:3a:f2:e5:28:45:55:73:7f:83:df:8e:1b:65:a4:5c:33:
92:84:e4:84:e9:93:22:18:12:df:b7:94:05:81:bd:34:ba:e8:
46:e5:35:e3:84:9d:4d:6a:fe:98:8e:46:1b:c3:31:a4:14:4f:
b8:58:3a:bf:6d:66:5d:3f:8c:45:e6:d8:df:06:40:a7:74:4a:
28:b2:b2:2f:c9:51:ca:d9:60:76:3e:7b:70:32:e3:0b:65:bf:
d9:54:b4:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH6XY0lRWODUdJ7QVrLbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJjMWE0MDc2ZTkyY2E0N2U1NGUxNGNiMmEyMzUwZWJmOWJhZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcM//a8O049bXTewnB85CrFgdC6O
cSbkpjMJM0ighi2uCCQKrfqWFDPtwU0uQlEOwBJ4p/QoptPKN0uQgdmIzqnocGtE
mdit81PyIz8OoW0CE/mDvYCOv6BHW8jaGGoooa42jTk2Djh9i1Ygd+JU1rXGFJ6A
nJYJgBTcefI7QmHNDtF1d57Rh0rPv8G0aqE6Yv4vf4nSlfcZsEa0p+4h4pOtaYyP
hj+xw5H2mHb7WHSrYydqtUmm41rW4J2EQoM2EicR0jNYIKcmkrnxEe0PaZOV9/tO
gpIyiwUQRYZHEOTCWt7JrqSBF9ReoXFnAt27DZIfLvy2e1tanr40tf4AFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKi8GkB26SykflThTLKiNQ6/m62UMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvcUx3YVFIYnBMS1ItVk9GTXNxSTFEci1iclpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAgv+uAwQA
khNVAwQAwSrWAwQAwSrZMA0GCSqGSIb3DQEBCwUAA4IBAQBeleqDLwGYd7pehyEd
wGRcGcSGOyYbLFDsuEvtj8UawqcMBoSv+zZkeJl14I8guk1WIkuMpuCnaQzoMeaU
w9YFrVzxj1PUPsWh5BpRQ0EpeXNmewgwD15Tr1Sv18mxUEWYZGIWNmHtiQPF1CMK
4FjPQ1rmrFSZVY5wmeGKdsZIYlB29CplEOVl5yB6fUiMFfXGWsixnO48y4kAaVAb
7BeXwFVSkTry5ShFVXN/g9+OG2WkXDOShOSE6ZMiGBLft5QFgb00uuhG5TXjhJ1N
av6YjkYbwzGkFE+4WDq/bWZdP4xF5tjfBkCndEoosrIvyVHK2WB2PntwMuMLZb/Z
VLSa
-----END CERTIFICATE-----
Generated at Sun Apr 13 18:25:09 2025 by rpki-client