Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/1-QcSYLdpveuStLYqlBunMp4JJ5g.roa
File: 1-QcSYLdpveuStLYqlBunMp4JJ5g.roa (raw, json)
Hash identifier: NQizYlwEjERl0X/bxZE2nkkRnRTSix4QkB1fVvIKAMg=
Subject key identifier: F9:07:12:60:B7:69:BD:EB:92:B4:B6:2A:94:1B:A7:32:9E:09:27:98
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 0194266C3F3D8960A6679D12DA745D0131FE
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/1-QcSYLdpveuStLYqlBunMp4JJ5g.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42905
IP address blocks: 81.163.216.0/21 maxlen: 21
81.163.216.0/22 maxlen: 22
81.163.216.0/24 maxlen: 24
81.163.217.0/24 maxlen: 24
81.163.218.0/24 maxlen: 24
81.163.219.0/24 maxlen: 24
81.163.220.0/24 maxlen: 24
81.163.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3f:3d:89:60:a6:67:9d:12:da:74:5d:01:31:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9071260b769bdeb92b4b62a941ba7329e092798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:05:0a:4a:2e:73:9f:3a:82:ec:1c:5b:d6:b8:
ca:f0:22:2f:35:94:3f:ce:70:a2:84:75:38:41:9d:
44:a6:28:51:68:2e:ef:91:2f:0f:09:3f:62:53:b6:
46:f4:f8:b2:b1:b1:d2:ca:33:eb:f5:4c:8d:9f:a7:
09:ba:0c:4c:ba:8e:d9:cb:f8:42:24:4e:6a:eb:1f:
cb:2b:a3:56:58:5c:cb:41:29:aa:cd:62:a8:19:42:
7d:52:dc:45:b7:ee:0c:39:0a:21:e3:98:16:c4:cc:
43:54:09:45:aa:05:4c:e3:93:72:ba:79:7a:42:24:
aa:1f:69:db:b1:6a:4f:d6:aa:53:6c:b3:4d:2b:5d:
e7:4f:49:25:6a:2f:0b:19:b5:65:73:e5:d0:14:bd:
00:63:14:72:0f:33:eb:54:0c:75:2a:2d:3a:66:ef:
a4:ba:7d:d8:3e:d8:71:19:f8:57:77:0b:6a:8e:7d:
d3:21:d1:3a:d0:ce:90:a7:62:fe:06:c2:52:28:2a:
86:3f:94:02:f2:a5:83:0d:2c:d2:69:95:a0:08:8a:
a6:07:fe:13:82:a0:dc:45:4b:c8:ce:5d:c1:5f:a0:
a9:a7:a8:f4:c1:ed:a4:7e:8e:c4:b5:8d:97:fe:f0:
c5:1e:88:db:2a:1c:6f:65:53:ff:07:63:99:0e:1d:
e1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:07:12:60:B7:69:BD:EB:92:B4:B6:2A:94:1B:A7:32:9E:09:27:98
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/1-QcSYLdpveuStLYqlBunMp4JJ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.216.0/21
Signature Algorithm: sha256WithRSAEncryption
01:b0:83:8e:9b:a2:ac:9c:ed:1f:f8:67:eb:8e:05:a3:aa:f7:
f2:00:09:80:b3:fc:7a:97:1b:45:7f:6c:4f:84:16:5a:a8:20:
3a:01:8e:25:05:1b:e0:59:6b:f0:10:f8:88:bd:02:2f:14:45:
3b:c3:3e:02:7a:a5:9f:b1:d7:5a:09:9b:85:e8:16:46:ba:17:
ce:da:f6:90:5f:61:12:47:66:47:21:61:5c:51:32:e8:ff:9f:
a2:ab:33:d5:78:a8:81:4b:c7:9e:35:f9:36:66:e6:7e:8c:11:
dc:be:5f:3c:6f:7c:7b:05:03:04:a0:e8:1b:9a:e1:4f:70:f8:
ed:14:ad:61:06:f8:1d:22:58:68:76:48:f4:35:4f:63:54:f1:
06:e7:55:d5:d0:15:80:d7:9f:b3:59:a8:d1:f8:41:61:d5:6e:
14:12:ff:34:80:c1:85:f7:0f:03:f1:27:70:5c:9b:8b:0a:5e:
47:fd:f7:15:6a:48:61:36:5c:f4:64:e4:12:eb:15:b4:25:a9:
c8:d7:f7:ce:66:09:d3:e8:06:1a:fd:8c:c2:ad:45:e3:23:43:
a8:e6:98:5a:2a:ec:c7:00:20:dc:99:c8:46:a9:17:94:71:9e:
06:ef:81:29:ec:29:14:9b:48:83:ea:1b:5a:33:8f:22:65:b1:
ad:0c:65:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbD89iWCmZ50S2nRdATH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA3MTI2MGI3NjliZGViOTJiNGI2MmE5NDFiYTczMjllMDkyNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgUKSi5znzqC7Bxb1rjK8CIvNZQ/
znCihHU4QZ1EpihRaC7vkS8PCT9iU7ZG9PiysbHSyjPr9UyNn6cJugxMuo7Zy/hC
JE5q6x/LK6NWWFzLQSmqzWKoGUJ9UtxFt+4MOQoh45gWxMxDVAlFqgVM45Nyunl6
QiSqH2nbsWpP1qpTbLNNK13nT0klai8LGbVlc+XQFL0AYxRyDzPrVAx1Ki06Zu+k
un3YPthxGfhXdwtqjn3TIdE60M6Qp2L+BsJSKCqGP5QC8qWDDSzSaZWgCIqmB/4T
gqDcRUvIzl3BX6Cpp6j0we2kfo7EtY2X/vDFHojbKhxvZVP/B2OZDh3hZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkHEmC3ab3rkrS2KpQbpzKeCSeYMB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvMS1RY1NZTGRwdmV1U3RMWXFsQnVuTXA0Sko1Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmMvMTlmMmU2LTFiZjMtNGY3YS04ODE3LTgwOTVmMzI5NzE3
OS8xL3I3VGdTZzdUUkJFc0dGUEtzSjlTNGMyYXV2SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1Gj2DAN
BgkqhkiG9w0BAQsFAAOCAQEAAbCDjpuirJztH/hn644Fo6r38gAJgLP8epcbRX9s
T4QWWqggOgGOJQUb4Flr8BD4iL0CLxRFO8M+Anqln7HXWgmbhegWRroXztr2kF9h
EkdmRyFhXFEy6P+foqsz1XiogUvHnjX5NmbmfowR3L5fPG98ewUDBKDoG5rhT3D4
7RStYQb4HSJYaHZI9DVPY1TxBudV1dAVgNefs1mo0fhBYdVuFBL/NIDBhfcPA/En
cFybiwpeR/33FWpIYTZc9GTkEusVtCWpyNf3zmYJ0+gGGv2Mwq1F4yNDqOaYWirs
xwAg3JnIRqkXlHGeBu+BKewpFJtIg+obWjOPImWxrQxlNg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:48:47 2025 by rpki-client