Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/QbMBVnYbFFojOFc196F2jGwUv80.roa
File: QbMBVnYbFFojOFc196F2jGwUv80.roa (raw, json)
Hash identifier: PfefSPZEQEk15+9V5/IwtgSWUTKXs+bmANRjvJwpNgo=
Subject key identifier: 41:B3:01:56:76:1B:14:5A:23:38:57:35:F7:A1:76:8C:6C:14:BF:CD
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 019427B561720634C1522CF0D7383A106CF3
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/QbMBVnYbFFojOFc196F2jGwUv80.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 212.64.222.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:61:72:06:34:c1:52:2c:f0:d7:38:3a:10:6c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41b30156761b145a23385735f7a1768c6c14bfcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:13:56:a9:f8:03:98:81:46:fe:f2:53:72:
3f:2e:2a:12:83:52:1b:6f:2d:f9:b5:b6:e5:21:d8:
93:c4:cb:25:fb:26:85:d4:f1:b4:26:ff:25:37:2e:
8e:0c:db:1a:c1:ea:71:9b:98:5c:52:dc:a4:1c:27:
63:1e:48:cd:15:29:31:f4:7e:9a:d1:bd:be:be:fc:
b4:f2:a0:ee:7e:46:35:69:79:0f:97:4a:1f:13:84:
40:12:96:b2:94:61:29:ff:63:e0:18:7e:0f:ed:09:
6e:a3:aa:9d:05:7d:2c:97:80:c5:c5:88:b3:a8:19:
37:0e:d9:ec:c6:26:17:92:98:ab:fc:57:3b:a9:94:
e5:16:34:b4:d7:57:e6:af:4a:f8:d6:3e:ee:12:10:
c8:a4:b7:54:cc:11:d4:92:04:6f:87:a9:d4:99:62:
d8:ca:fe:fe:d3:16:25:d0:cc:3f:52:ff:ef:15:1b:
08:54:db:0c:81:a0:5b:3c:2d:1a:b0:72:de:4b:6b:
97:1a:b4:04:e0:52:75:f0:10:24:af:59:36:bf:85:
ab:87:ac:c2:ba:0c:87:73:54:50:ed:12:dd:76:29:
1f:c3:6f:c8:1c:69:1b:4e:6d:bb:d2:d2:bb:d5:98:
dc:49:38:83:e3:47:8e:b4:c5:d3:4d:ed:58:44:03:
69:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B3:01:56:76:1B:14:5A:23:38:57:35:F7:A1:76:8C:6C:14:BF:CD
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/QbMBVnYbFFojOFc196F2jGwUv80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:cf:82:7d:62:24:62:8a:44:41:60:fc:58:4f:cb:e2:7d:e7:
d4:9d:70:f6:6b:61:5f:29:37:c8:db:cf:53:68:52:9b:e4:67:
0e:a1:b4:36:ff:74:61:f6:06:d9:81:04:92:d7:e8:d7:ab:e9:
51:e8:df:d9:61:74:3d:57:33:50:23:6d:20:de:01:36:20:d9:
6e:2b:fc:af:52:40:94:d8:72:c0:b3:dc:e2:9c:9f:94:96:3e:
90:af:81:2c:53:83:64:85:41:5d:18:76:9d:13:04:df:fb:c9:
52:63:f3:fe:d7:6f:25:20:82:d7:54:57:4d:95:24:87:f8:23:
05:e3:22:17:14:be:c8:3b:70:47:37:91:1b:c3:21:e3:5f:74:
c8:59:3e:99:2b:7a:b6:1b:a4:79:8e:55:8e:b1:80:82:99:1b:
44:d9:ca:ba:e0:36:ab:e7:a4:92:21:3d:42:2a:84:f8:19:64:
ae:fd:a8:0a:3b:fe:69:79:e7:a9:bd:a3:c6:2f:30:f0:82:19:
75:1a:b3:8f:78:c8:cc:68:51:35:51:ee:fc:0a:7a:a4:82:8e:
de:28:14:2f:37:d2:1e:ca:22:f7:33:0f:29:ca:82:2a:90:14:
ec:91:25:d4:7f:57:33:29:9c:1c:d5:3f:0b:f0:bc:ee:f7:f3:
7f:6f:d3:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWFyBjTBUizw1zg6EGzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIzMDE1Njc2MWIxNDVhMjMzODU3MzVmN2ExNzY4YzZjMTRiZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXcTVqn4A5iBRv7yU3I/LioSg1Ib
by35tbblIdiTxMsl+yaF1PG0Jv8lNy6ODNsawepxm5hcUtykHCdjHkjNFSkx9H6a
0b2+vvy08qDufkY1aXkPl0ofE4RAEpaylGEp/2PgGH4P7Qluo6qdBX0sl4DFxYiz
qBk3DtnsxiYXkpir/Fc7qZTlFjS011fmr0r41j7uEhDIpLdUzBHUkgRvh6nUmWLY
yv7+0xYl0Mw/Uv/vFRsIVNsMgaBbPC0asHLeS2uXGrQE4FJ18BAkr1k2v4Wrh6zC
ugyHc1RQ7RLddikfw2/IHGkbTm270tK71ZjcSTiD40eOtMXTTe1YRANpewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGzAVZ2GxRaIzhXNfehdoxsFL/NMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvUWJNQlZuWWJGRm9qT0ZjMTk2RjJqR3dVdjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1EDeMA0G
CSqGSIb3DQEBCwUAA4IBAQBqz4J9YiRiikRBYPxYT8vifefUnXD2a2FfKTfI289T
aFKb5GcOobQ2/3Rh9gbZgQSS1+jXq+lR6N/ZYXQ9VzNQI20g3gE2INluK/yvUkCU
2HLAs9zinJ+Ulj6Qr4EsU4NkhUFdGHadEwTf+8lSY/P+128lIILXVFdNlSSH+CMF
4yIXFL7IO3BHN5EbwyHjX3TIWT6ZK3q2G6R5jlWOsYCCmRtE2cq64Dar56SSIT1C
KoT4GWSu/agKO/5peeepvaPGLzDwghl1GrOPeMjMaFE1Ue78Cnqkgo7eKBQvN9Ie
yiL3Mw8pyoIqkBTskSXUf1czKZwc1T8L8Lzu9/N/b9NT
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:02:52 2025 by rpki-client