Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/qL1excp8Az_0o7x1vHRMJ6uUBq8.roa
File: qL1excp8Az_0o7x1vHRMJ6uUBq8.roa (raw, json)
Hash identifier: etXW7FKK/vCX8HY/wRSJVfpHZyWVeKG9hX8M0M6D1Cw=
Subject key identifier: A8:BD:5E:C5:CA:7C:03:3F:F4:A3:BC:75:BC:74:4C:27:AB:94:06:AF
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 019427B4B6E3BB3002E8F18573F04AE547A8
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/qL1excp8Az_0o7x1vHRMJ6uUBq8.roa
Signing time: Thu 02 Jan 2025 15:49:02 +0000
ROA not before: Thu 02 Jan 2025 15:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24611
IP address blocks: 31.216.144.0/21 maxlen: 24
80.92.64.0/19 maxlen: 24
89.37.200.0/21 maxlen: 24
89.41.248.0/21 maxlen: 24
94.177.88.0/21 maxlen: 24
2001:b20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:b6:e3:bb:30:02:e8:f1:85:73:f0:4a:e5:47:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jan 2 15:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8bd5ec5ca7c033ff4a3bc75bc744c27ab9406af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:f1:c3:f0:f7:ba:b2:28:ce:5e:43:40:aa:
a2:a0:46:34:40:81:f4:84:21:c4:cc:9f:f7:41:cc:
3b:0e:e3:48:b0:ed:8c:3c:48:00:34:07:ac:e0:a3:
c8:53:64:fb:d0:9c:89:28:71:78:24:93:6e:79:79:
4a:7d:94:53:68:d9:f4:cf:69:12:98:bd:84:e7:9e:
22:84:93:5b:24:c3:15:7a:30:b8:c0:df:18:c3:d0:
6a:bc:74:79:e8:25:2b:03:f3:6f:ca:92:5c:ae:f8:
ec:25:42:0b:73:74:9f:aa:be:b2:79:78:54:2d:57:
4f:79:61:5c:48:e4:8f:c1:dd:7c:80:f6:03:0a:29:
0b:cf:3d:dd:df:e7:86:e0:29:80:5a:4e:d4:58:9b:
d4:2e:75:d4:72:4b:a4:60:fd:f9:ab:6b:b2:38:d3:
9c:9a:59:72:69:f0:ec:be:43:ba:15:c8:f2:b6:5b:
32:be:d3:a9:90:7f:f3:d7:55:1a:95:48:6b:9c:ad:
ac:a5:54:58:1e:fc:3a:dd:99:b7:28:2b:d4:dc:3b:
d8:e6:d2:7a:5b:74:51:a8:74:d2:29:5c:9c:e5:96:
9f:a8:30:12:9d:e6:98:5c:42:45:40:79:89:e3:b5:
95:68:6a:56:54:0a:9c:47:7c:62:16:2c:45:1a:43:
51:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BD:5E:C5:CA:7C:03:3F:F4:A3:BC:75:BC:74:4C:27:AB:94:06:AF
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/qL1excp8Az_0o7x1vHRMJ6uUBq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
80.92.64.0/19
89.37.200.0/21
89.41.248.0/21
94.177.88.0/21
IPv6:
2001:b20::/29
Signature Algorithm: sha256WithRSAEncryption
70:50:46:f7:cc:d0:40:de:9e:ff:e6:54:47:6b:7b:87:f4:ed:
31:03:52:68:a6:9e:70:89:03:72:ee:6e:15:40:c4:c4:dc:68:
ba:45:56:d8:e9:f9:b1:ed:fe:20:9e:68:5c:ce:88:65:1e:0a:
15:06:7e:1c:d9:84:f1:3b:f7:d9:7a:23:b4:f8:94:c7:9c:f6:
92:c9:0d:c2:02:a4:8b:fd:89:3f:9a:68:e8:69:e2:71:d4:4b:
4d:83:b9:4a:d0:71:c3:6e:dc:77:9a:f3:00:fb:58:5a:b3:3b:
87:0f:dd:2e:65:2c:36:69:81:9b:32:c5:ed:da:9e:93:93:8f:
1c:f9:0f:6d:16:fa:e2:8e:fe:6e:84:fa:17:e9:44:8e:63:c1:
05:4e:f4:ac:98:8b:1c:1d:14:26:1c:7f:dc:28:ba:34:8b:6d:
f8:e0:81:76:aa:c9:eb:d4:8b:51:04:89:ca:8a:94:c7:59:3b:
32:e0:83:df:e2:01:e8:a7:31:a6:aa:3a:99:0e:4f:e0:72:80:
7e:36:95:e8:d4:96:62:c5:26:f1:f1:87:2c:40:c4:64:7a:0a:
2b:9c:ba:42:ac:c4:ba:03:a0:f5:af:f0:a1:c6:15:11:24:c2:
8f:3a:49:eb:fc:74:4c:69:d1:cb:cb:7a:00:10:9e:ef:65:0d:
de:37:54:24
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQntLbjuzAC6PGFc/BK5UeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDEwZGEzNTc2MjQyMzI0Y2VmYjJjODFjMTMzOWE2YzBl
M2I0MDMwHhcNMjUwMTAyMTU0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJkNWVjNWNhN2MwMzNmZjRhM2JjNzViYzc0NGMyN2FiOTQwNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzanxw/D3urIozl5DQKqioEY0QIH0
hCHEzJ/3Qcw7DuNIsO2MPEgANAes4KPIU2T70JyJKHF4JJNueXlKfZRTaNn0z2kS
mL2E554ihJNbJMMVejC4wN8Yw9BqvHR56CUrA/NvypJcrvjsJUILc3Sfqr6yeXhU
LVdPeWFcSOSPwd18gPYDCikLzz3d3+eG4CmAWk7UWJvULnXUckukYP35q2uyONOc
mllyafDsvkO6FcjytlsyvtOpkH/z11UalUhrnK2spVRYHvw63Zm3KCvU3DvY5tJ6
W3RRqHTSKVyc5ZafqDASneaYXEJFQHmJ47WVaGpWVAqcR3xiFixFGkNRawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKi9XsXKfAM/9KO8dbx0TCerlAavMB8GA1UdIwQY
MBaAFNEBDaNXYkIyTO+yyBwTOabA47QDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAt
YTcwNDEyZmJjODMyLzEvcUwxZXhjcDhBel8wbzd4MXZIUk1KNnVVQnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAtYTcwNDEyZmJjODMy
LzEvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDH9iQAwQF
UFxAAwQDWSXIAwQDWSn4AwQDXrFYMA0EAgACMAcDBQMgAQsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBwUEb3zNBA3p7/5lRHa3uH9O0xA1Jopp5wiQNy7m4VQMTE3Gi6RVbY
6fmx7f4gnmhczohlHgoVBn4c2YTxO/fZeiO0+JTHnPaSyQ3CAqSL/Yk/mmjoaeJx
1EtNg7lK0HHDbtx3mvMA+1haszuHD90uZSw2aYGbMsXt2p6Tk48c+Q9tFvrijv5u
hPoX6USOY8EFTvSsmIscHRQmHH/cKLo0i2344IF2qsnr1ItRBInKipTHWTsy4IPf
4gHopzGmqjqZDk/gcoB+NpXo1JZixSbx8YcsQMRkegornLpCrMS6A6D1r/ChxhUR
JMKPOknr/HRMadHLy3oAEJ7vZQ3eN1Qk
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:41:55 2025 by rpki-client