Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q7RIT8kGztAdZ2808UxWhsrrNBY.roa
File: q7RIT8kGztAdZ2808UxWhsrrNBY.roa (raw, json)
Hash identifier: Uki20IToyXuqXwbWOezHrLGOF5YYmBUr4udIFFcEyQQ=
Subject key identifier: AB:B4:48:4F:C9:06:CE:D0:1D:67:6F:34:F1:4C:56:86:CA:EB:34:16
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBD73E1A1B225A0A7A21B317BAEB28
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q7RIT8kGztAdZ2808UxWhsrrNBY.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396612
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d7:3e:1a:1b:22:5a:0a:7a:21:b3:17:ba:eb:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abb4484fc906ced01d676f34f14c5686caeb3416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f3:d9:ba:d0:60:64:d6:37:11:11:d8:3f:88:
89:32:9e:48:34:32:cd:3d:cf:c5:54:8d:fc:fb:40:
4b:9b:c3:79:c9:31:54:87:b8:06:ba:f1:3f:2d:b6:
fa:08:a2:e8:28:74:24:53:ad:ba:02:6e:7d:e7:19:
09:90:fe:01:aa:90:10:70:93:b9:87:77:c8:98:95:
9f:63:93:c1:1e:a0:b5:ab:aa:0b:37:ea:da:72:c9:
03:e1:36:67:18:8f:f8:9a:ee:b7:94:1d:72:f8:1e:
22:85:50:c0:d5:63:b7:6c:a4:73:6b:01:db:f0:37:
de:29:cc:f6:f2:9a:5e:8f:79:3a:33:11:5d:fc:9b:
7c:18:a0:e2:9d:46:9d:dd:f3:5a:03:f9:e7:69:47:
29:8a:b2:a3:6a:f2:1c:c6:f6:d5:ab:a9:1f:6a:e4:
ff:fa:f3:0b:96:05:52:93:0e:92:5b:2b:8b:aa:74:
ce:10:7e:d9:45:cc:67:5c:ed:fc:9c:95:80:ce:61:
ee:cc:dc:ce:5b:4c:df:2f:d0:d7:98:2c:fb:9c:56:
06:fd:e8:4a:56:8b:8e:65:96:d7:f4:d0:60:59:ba:
d2:a8:58:69:07:61:32:ab:01:01:a0:c1:53:6f:37:
54:2a:ec:6e:90:ba:81:5d:a7:57:ed:23:97:99:75:
c2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B4:48:4F:C9:06:CE:D0:1D:67:6F:34:F1:4C:56:86:CA:EB:34:16
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q7RIT8kGztAdZ2808UxWhsrrNBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
bd:23:83:fb:83:01:0c:b0:a2:9b:a6:ed:4c:c4:d4:06:b6:07:
e9:fe:97:9c:fd:9b:51:67:ed:7b:60:9a:75:f4:65:b7:82:18:
86:07:d1:2e:51:75:b4:b7:77:35:df:93:1e:9b:7a:c2:6f:cc:
87:55:73:08:1b:f0:49:d0:7f:f4:0f:79:23:58:6d:4e:d8:ae:
c1:f2:3e:e1:e4:7a:28:27:28:8a:2c:cc:26:9c:12:d6:b9:b2:
2f:63:f6:5e:b9:a7:3a:76:eb:91:81:a1:1c:1a:bc:b8:41:50:
8c:f5:c3:e9:b4:e6:4a:7d:8c:63:fc:1f:36:1c:f0:d1:be:fe:
2a:d5:27:8b:b6:65:8c:64:2c:6c:02:1d:f3:da:a0:25:8b:fc:
be:e5:39:bd:aa:37:53:77:98:8b:ed:ce:70:e3:94:09:e7:af:
3b:a7:2c:32:99:1e:e3:dc:7c:7e:06:c7:78:27:20:13:8b:d5:
09:8e:bb:43:61:c6:14:bc:ed:30:e5:83:5c:7e:a1:fd:6a:30:
ab:78:9d:74:51:a7:24:a6:24:a6:3d:5b:e8:97:9b:fc:a3:d0:
8c:ad:94:c3:a0:c6:32:57:f5:08:1e:f3:68:25:ff:50:c0:70:
f6:bc:89:72:aa:b5:b2:96:21:02:2f:42:87:9a:b1:96:11:97:
78:a9:44:fa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+9c+GhsiWgp6IbMXuusoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI0NDg0ZmM5MDZjZWQwMWQ2NzZmMzRmMTRjNTY4NmNhZWIzNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvPZutBgZNY3ERHYP4iJMp5INDLN
Pc/FVI38+0BLm8N5yTFUh7gGuvE/Lbb6CKLoKHQkU626Am595xkJkP4BqpAQcJO5
h3fImJWfY5PBHqC1q6oLN+racskD4TZnGI/4mu63lB1y+B4ihVDA1WO3bKRzawHb
8DfeKcz28ppej3k6MxFd/Jt8GKDinUad3fNaA/nnaUcpirKjavIcxvbVq6kfauT/
+vMLlgVSkw6SWyuLqnTOEH7ZRcxnXO38nJWAzmHuzNzOW0zfL9DXmCz7nFYG/ehK
VouOZZbX9NBgWbrSqFhpB2EyqwEBoMFTbzdUKuxukLqBXadX7SOXmXXCUQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKu0SE/JBs7QHWdvNPFMVobK6zQWMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcTdSSVQ4a0d6dEFkWjI4MDhVeFdoc3JyTkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAL0jg/uDAQywopum7UzE1Aa2B+n+l5z9
m1Fn7XtgmnX0ZbeCGIYH0S5RdbS3dzXfkx6besJvzIdVcwgb8EnQf/QPeSNYbU7Y
rsHyPuHkeignKIoszCacEta5si9j9l65pzp265GBoRwavLhBUIz1w+m05kp9jGP8
HzYc8NG+/irVJ4u2ZYxkLGwCHfPaoCWL/L7lOb2qN1N3mIvtznDjlAnnrzunLDKZ
HuPcfH4Gx3gnIBOL1QmOu0NhxhS87TDlg1x+of1qMKt4nXRRpySmJKY9W+iXm/yj
0IytlMOgxjJX9Qge82gl/1DAcPa8iXKqtbKWIQIvQoeasZYRl3ipRPo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:27 2025 by rpki-client