Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/qnlY-2XHeoB5T91L-eAv--psw3s.roa
File: qnlY-2XHeoB5T91L-eAv--psw3s.roa (raw, json)
Hash identifier: GlcTsLYuOrrcX+rD96Cshdq9OCpUu7GdPBcBG+rwyLk=
Subject key identifier: AA:79:58:FB:65:C7:7A:80:79:4F:DD:4B:F9:E0:2F:FB:EA:6C:C3:7B
Certificate issuer: /CN=f20bf46303ff54a505f533c554251923e41f5926
Certificate serial: 019424B3C5F6515539D67689D657B0D92185
Authority key identifier: F2:0B:F4:63:03:FF:54:A5:05:F5:33:C5:54:25:19:23:E4:1F:59:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8gv0YwP_VKUF9TPFVCUZI-QfWSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/qnlY-2XHeoB5T91L-eAv--psw3s.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.36.0/23 maxlen: 24
2a13:ac40::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/8gv0YwP_VKUF9TPFVCUZI-QfWSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/8gv0YwP_VKUF9TPFVCUZI-QfWSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8gv0YwP_VKUF9TPFVCUZI-QfWSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c5:f6:51:55:39:d6:76:89:d6:57:b0:d9:21:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f20bf46303ff54a505f533c554251923e41f5926
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa7958fb65c77a80794fdd4bf9e02ffbea6cc37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:88:e8:3e:23:de:5f:cf:13:4a:87:1d:51:30:
79:2c:36:35:f7:4b:49:46:33:d8:9e:bf:f5:30:b6:
ee:d0:33:b5:bf:e0:cf:09:bd:98:c2:aa:b0:54:8a:
39:8e:5b:31:26:e6:e1:65:4a:34:50:98:2f:fc:3e:
62:fa:aa:d3:b0:4d:a4:a0:ce:ce:11:82:bd:f1:84:
f2:a1:e0:a2:9e:2e:cb:9c:91:72:c7:7c:8a:ab:e1:
ac:55:84:6d:d2:06:4e:97:40:ab:e9:90:8e:86:d6:
d1:a1:78:c5:2a:6d:5c:44:bd:9d:11:e6:23:e1:bc:
67:cc:cf:0d:24:7f:57:ca:da:f3:bd:26:c7:2e:79:
c9:5b:ba:fe:43:57:16:7c:ad:bc:87:b8:02:d2:a0:
d8:f1:3f:ea:75:c1:67:a3:6a:c8:03:3a:83:2a:f8:
57:f7:a3:f6:7c:cc:84:5c:e3:d6:9a:e8:dc:74:2b:
8f:13:d8:d9:92:7c:89:fd:b8:db:8f:82:f5:95:88:
b2:1e:02:c9:d8:f4:1d:78:28:35:ed:4f:de:db:0b:
6e:dc:c0:69:95:e9:16:5a:44:32:d8:b7:44:9e:38:
ac:2b:fe:a3:16:e9:54:be:63:30:50:43:a2:5c:7f:
3e:e4:18:fd:86:37:1e:4b:9e:67:bd:76:1a:47:57:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:79:58:FB:65:C7:7A:80:79:4F:DD:4B:F9:E0:2F:FB:EA:6C:C3:7B
X509v3 Authority Key Identifier:
keyid:F2:0B:F4:63:03:FF:54:A5:05:F5:33:C5:54:25:19:23:E4:1F:59:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8gv0YwP_VKUF9TPFVCUZI-QfWSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/qnlY-2XHeoB5T91L-eAv--psw3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/815590-951c-4c1f-8697-c3694088f34a/1/8gv0YwP_VKUF9TPFVCUZI-QfWSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.36.0/23
IPv6:
2a13:ac40::/29
Signature Algorithm: sha256WithRSAEncryption
02:42:fa:f4:4c:53:7a:1e:59:9a:f6:d2:80:11:5c:cd:bc:11:
f3:21:a4:aa:df:b3:bc:ab:83:a9:97:19:cc:9e:79:ea:d6:4c:
bd:9e:99:ed:b9:f2:13:80:78:73:43:03:08:4d:83:f5:20:a9:
38:48:5a:dd:82:d4:a8:28:e1:ad:d3:de:b7:57:22:44:78:a6:
77:41:f3:fe:ed:3d:94:ed:5b:ff:81:bb:de:8c:ba:e7:bd:57:
b0:f5:b2:15:1d:28:95:99:9c:64:bd:c4:08:59:67:17:d1:aa:
24:bd:e2:31:9e:a4:c1:8e:52:1f:a3:20:80:a0:96:09:4b:ca:
2a:ca:97:a7:e2:b9:05:07:0f:68:fd:11:4b:ca:05:5f:a0:61:
3c:01:52:a2:01:c9:d1:32:dc:be:6d:c7:70:f9:2e:11:9d:c0:
4a:a4:f3:ae:c1:5e:16:d3:a7:ca:30:61:ec:24:06:18:f1:7e:
d1:30:e8:5d:5e:fa:8c:64:41:d1:4d:05:0b:0e:47:67:b5:a1:
93:f0:40:1c:28:3f:b4:1d:76:90:a8:2b:b2:e4:cb:34:d9:dc:
9b:5d:6b:4a:61:94:e6:8e:91:2f:c4:57:53:a5:2f:64:da:3c:
88:89:cf:b1:24:85:99:b5:c2:cb:f8:fb:8b:9c:09:1a:45:b3:
59:cc:34:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks8X2UVU51naJ1lew2SGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMGJmNDYzMDNmZjU0YTUwNWY1MzNjNTU0MjUxOTIzZTQx
ZjU5MjYwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc5NThmYjY1Yzc3YTgwNzk0ZmRkNGJmOWUwMmZmYmVhNmNjMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIjoPiPeX88TSocdUTB5LDY190tJ
RjPYnr/1MLbu0DO1v+DPCb2YwqqwVIo5jlsxJubhZUo0UJgv/D5i+qrTsE2koM7O
EYK98YTyoeCini7LnJFyx3yKq+GsVYRt0gZOl0Cr6ZCOhtbRoXjFKm1cRL2dEeYj
4bxnzM8NJH9XytrzvSbHLnnJW7r+Q1cWfK28h7gC0qDY8T/qdcFno2rIAzqDKvhX
96P2fMyEXOPWmujcdCuPE9jZknyJ/bjbj4L1lYiyHgLJ2PQdeCg17U/e2wtu3MBp
lekWWkQy2LdEnjisK/6jFulUvmMwUEOiXH8+5Bj9hjceS55nvXYaR1fMywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKp5WPtlx3qAeU/dS/ngL/vqbMN7MB8GA1UdIwQY
MBaAFPIL9GMD/1SlBfUzxVQlGSPkH1kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGd2MFl3UF9WS1VGOVRQRlZDVVpJLVFmV1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84MTU1OTAtOTUxYy00YzFmLTg2OTct
YzM2OTQwODhmMzRhLzEvcW5sWS0yWEhlb0I1VDkxTC1lQXYtLXBzdzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84MTU1OTAtOTUxYy00YzFmLTg2OTctYzM2OTQwODhmMzRh
LzEvOGd2MFl3UF9WS1VGOVRQRlZDVVpJLVFmV1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBXoskMA0E
AgACMAcDBQMqE6xAMA0GCSqGSIb3DQEBCwUAA4IBAQACQvr0TFN6Hlma9tKAEVzN
vBHzIaSq37O8q4OplxnMnnnq1ky9npntufITgHhzQwMITYP1IKk4SFrdgtSoKOGt
0963VyJEeKZ3QfP+7T2U7Vv/gbvejLrnvVew9bIVHSiVmZxkvcQIWWcX0aokveIx
nqTBjlIfoyCAoJYJS8oqypen4rkFBw9o/RFLygVfoGE8AVKiAcnRMty+bcdw+S4R
ncBKpPOuwV4W06fKMGHsJAYY8X7RMOhdXvqMZEHRTQULDkdntaGT8EAcKD+0HXaQ
qCuy5Ms02dybXWtKYZTmjpEvxFdTpS9k2jyIic+xJIWZtcLL+PuLnAkaRbNZzDSM
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:32:13 2025 by rpki-client