Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/QraTR7yNyQc7QzyGCXFcoCp6_UE.roa
File: QraTR7yNyQc7QzyGCXFcoCp6_UE.roa (raw, json)
Hash identifier: h6vJiae6wz8ey2eXD7UvaxJ1x0GaKZTR4XXtKIGevoo=
Subject key identifier: 42:B6:93:47:BC:8D:C9:07:3B:43:3C:86:09:71:5C:A0:2A:7A:FD:41
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 0194274828FC9E9CDB3F276B13F17E56CAA8
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/QraTR7yNyQc7QzyGCXFcoCp6_UE.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39246
IP address blocks: 31.193.189.0/24 maxlen: 24
62.192.132.0/24 maxlen: 24
62.192.133.0/24 maxlen: 24
77.78.128.0/24 maxlen: 24
77.78.129.0/24 maxlen: 24
77.78.130.0/24 maxlen: 24
77.78.131.0/24 maxlen: 24
77.78.132.0/24 maxlen: 24
77.78.133.0/24 maxlen: 24
77.78.134.0/24 maxlen: 24
77.78.135.0/24 maxlen: 24
77.78.136.0/24 maxlen: 24
77.78.137.0/24 maxlen: 24
77.78.138.0/24 maxlen: 24
77.78.139.0/24 maxlen: 24
77.78.140.0/24 maxlen: 24
77.78.141.0/24 maxlen: 24
77.78.142.0/24 maxlen: 24
77.78.143.0/24 maxlen: 24
77.78.144.0/24 maxlen: 24
109.121.129.0/24 maxlen: 24
109.121.130.0/24 maxlen: 24
109.121.131.0/24 maxlen: 24
109.121.132.0/24 maxlen: 24
109.121.148.0/24 maxlen: 24
109.121.149.0/24 maxlen: 24
109.121.150.0/24 maxlen: 24
109.121.151.0/24 maxlen: 24
109.121.154.0/24 maxlen: 24
109.121.155.0/24 maxlen: 24
109.121.156.0/24 maxlen: 24
109.121.157.0/24 maxlen: 24
109.121.158.0/24 maxlen: 24
109.121.164.0/24 maxlen: 24
109.121.165.0/24 maxlen: 24
109.121.167.0/24 maxlen: 24
109.121.168.0/24 maxlen: 24
109.121.169.0/24 maxlen: 24
109.121.170.0/24 maxlen: 24
109.121.171.0/24 maxlen: 24
109.121.176.0/24 maxlen: 24
109.121.177.0/24 maxlen: 24
109.121.178.0/24 maxlen: 24
109.121.179.0/24 maxlen: 24
109.121.184.0/24 maxlen: 24
109.121.185.0/24 maxlen: 24
109.121.186.0/24 maxlen: 24
109.121.187.0/24 maxlen: 24
109.121.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:28:fc:9e:9c:db:3f:27:6b:13:f1:7e:56:ca:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b69347bc8dc9073b433c8609715ca02a7afd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a5:34:7e:0f:60:be:ab:55:6f:26:6c:cd:4b:
94:93:85:10:4c:99:1e:b8:6a:fb:69:da:1a:00:7c:
5e:81:dd:c7:29:75:bd:25:dc:eb:2b:8f:24:98:96:
20:c0:64:98:e0:b5:a9:9a:b5:83:26:c7:8d:8a:8c:
a0:3d:95:c1:87:75:c1:d8:28:a5:ac:3a:3e:25:36:
51:f5:28:38:9e:ee:5a:f4:ce:7f:10:d5:32:38:ed:
45:e3:0c:b3:85:66:e2:ca:24:25:17:e8:1a:97:52:
05:40:28:97:a1:a9:2b:20:3e:ea:55:91:82:9e:66:
a6:f3:97:d5:1b:2a:3c:c4:e7:01:0b:f2:cc:66:25:
a7:10:67:1a:3d:fa:76:09:39:b3:72:80:ab:c9:22:
9e:2c:02:de:a7:91:fb:d5:f5:1d:a7:81:1f:ac:11:
e9:3a:63:e5:4a:0c:89:ff:77:5d:f6:a1:b1:08:79:
4d:0c:7b:19:43:81:78:cd:58:63:82:b6:d7:58:80:
9e:54:9d:0d:c2:5a:e8:f9:04:d4:fa:d2:02:47:bc:
de:bd:6c:bc:73:18:45:5f:d8:f8:d2:ba:da:65:cf:
48:31:f5:aa:b9:03:0b:83:1c:bf:f7:69:6f:e2:47:
27:fe:7d:d5:d2:cd:68:07:0c:08:09:89:69:0f:04:
3e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B6:93:47:BC:8D:C9:07:3B:43:3C:86:09:71:5C:A0:2A:7A:FD:41
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/QraTR7yNyQc7QzyGCXFcoCp6_UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.189.0/24
62.192.132.0/23
77.78.128.0-77.78.144.255
109.121.129.0-109.121.132.255
109.121.148.0/22
109.121.154.0-109.121.158.255
109.121.164.0/23
109.121.167.0-109.121.171.255
109.121.176.0/22
109.121.184.0-109.121.188.255
Signature Algorithm: sha256WithRSAEncryption
0f:b6:32:4e:9b:f7:45:55:54:88:6e:3a:54:c6:15:6d:73:46:
42:b2:39:91:97:fe:ad:7e:a2:fa:aa:ee:bc:2c:7b:be:c6:c1:
2d:b5:ab:89:f4:7f:97:36:15:b9:f8:27:ac:af:90:5f:22:9c:
d5:45:51:de:32:27:93:d1:a2:b2:fa:be:f8:33:32:f1:cc:af:
9a:dc:53:03:f7:05:ec:6d:b2:c9:20:00:d6:d2:31:6c:6e:92:
5f:80:d5:37:af:28:ee:94:ec:03:2f:66:e3:52:12:69:5d:8d:
80:c2:c3:e2:62:36:dc:2a:fc:80:2e:15:b8:ac:5e:d5:65:60:
77:1e:1b:95:40:8c:68:94:86:42:db:44:98:7a:b2:9b:73:c0:
96:87:0e:2b:ac:24:8a:dd:3f:8f:1e:cd:30:ed:6e:00:26:fe:
c2:da:58:ec:a9:f1:02:66:8d:18:8d:bd:92:2d:1d:1f:06:1e:
21:15:90:fe:37:61:bc:f4:ee:14:ab:51:5e:d2:ee:e5:c8:a1:
08:f1:0e:9f:aa:fc:7b:03:e1:d7:d3:e3:b7:65:1f:7e:b8:5f:
5d:97:e5:bb:14:99:64:88:6c:b8:14:fb:27:9d:06:6e:30:0c:
99:86:5d:54:31:0f:6a:00:f5:2f:10:a4:14:5e:d0:36:4a:6e:
5a:4e:85:ae
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQnSCj8npzbPydrE/F+VsqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI2OTM0N2JjOGRjOTA3M2I0MzNjODYwOTcxNWNhMDJhN2FmZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaU0fg9gvqtVbyZszUuUk4UQTJke
uGr7adoaAHxegd3HKXW9JdzrK48kmJYgwGSY4LWpmrWDJseNioygPZXBh3XB2Cil
rDo+JTZR9Sg4nu5a9M5/ENUyOO1F4wyzhWbiyiQlF+gal1IFQCiXoakrID7qVZGC
nmam85fVGyo8xOcBC/LMZiWnEGcaPfp2CTmzcoCrySKeLALep5H71fUdp4EfrBHp
OmPlSgyJ/3dd9qGxCHlNDHsZQ4F4zVhjgrbXWICeVJ0Nwlro+QTU+tICR7zevWy8
cxhFX9j40rraZc9IMfWquQMLgxy/92lv4kcn/n3V0s1oBwwICYlpDwQ+ZQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEK2k0e8jckHO0M8hglxXKAqev1BMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvUXJhVFI3eU55UWM3UXp5R0NYRmNvQ3A2X1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAH8G9AwQB
PsCEMAwDBAdNToADBABNTpAwDAMEAG15gQMEAG15hAMEAm15lDAMAwQBbXmaAwQA
bXmeAwQBbXmkMAwDBABteacDBAJteagDBAJtebAwDAMEA215uAMEAG15vDANBgkq
hkiG9w0BAQsFAAOCAQEAD7YyTpv3RVVUiG46VMYVbXNGQrI5kZf+rX6i+qruvCx7
vsbBLbWrifR/lzYVufgnrK+QXyKc1UVR3jInk9Gisvq++DMy8cyvmtxTA/cF7G2y
ySAA1tIxbG6SX4DVN68o7pTsAy9m41ISaV2NgMLD4mI23Cr8gC4VuKxe1WVgdx4b
lUCMaJSGQttEmHqym3PAlocOK6wkit0/jx7NMO1uACb+wtpY7KnxAmaNGI29ki0d
HwYeIRWQ/jdhvPTuFKtRXtLu5cihCPEOn6r8ewPh19Pjt2UffrhfXZfluxSZZIhs
uBT7J50GbjAMmYZdVDEPagD1LxCkFF7QNkpuWk6Frg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:59:41 2025 by rpki-client