Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QMaJkzW209fi_nsNJ0EO4AU0ziU.roa
File: QMaJkzW209fi_nsNJ0EO4AU0ziU.roa (raw, json)
Hash identifier: YRJtLzVY/sdQOrKWSD2k7QnnOv9r2wUDTIgld4Qgvl4=
Subject key identifier: 40:C6:89:93:35:B6:D3:D7:E2:FE:7B:0D:27:41:0E:E0:05:34:CE:25
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01966745CF3E8CE9237E992BE2AFD74929BB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QMaJkzW209fi_nsNJ0EO4AU0ziU.roa
Signing time: Thu 24 Apr 2025 10:09:10 +0000
ROA not before: Thu 24 Apr 2025 10:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.13.189.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:45:cf:3e:8c:e9:23:7e:99:2b:e2:af:d7:49:29:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 24 10:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40c6899335b6d3d7e2fe7b0d27410ee00534ce25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:27:0e:ea:4d:4c:65:6e:47:7e:9e:da:69:
37:c5:c6:91:42:d6:e5:5e:10:d1:3e:78:37:91:b3:
29:d9:e4:21:bb:ac:37:0c:ba:75:7f:16:68:0e:c1:
7f:ea:21:2c:ec:46:09:3f:3a:b7:74:23:57:4b:e9:
39:1e:a9:41:b0:16:01:e1:92:1e:30:ac:96:47:01:
ef:cb:18:71:0e:77:b0:69:54:81:14:07:aa:e8:78:
09:dd:27:f7:88:26:ea:1f:d5:ce:49:c2:25:7e:79:
b0:3f:94:a1:fc:9b:b5:a7:5d:b9:b6:77:2b:58:e8:
df:77:fc:c7:64:6d:82:3c:b6:ab:f9:83:e5:20:7f:
5d:28:6e:cc:6e:19:a1:c1:33:8f:9e:1e:dc:5a:d3:
7e:fd:c4:0d:43:c8:08:49:e4:a9:33:6b:40:97:3c:
ef:95:e0:62:5c:33:07:f1:fe:44:3a:7d:6f:dd:90:
7a:64:17:76:ad:8d:b0:64:af:c2:99:b2:a6:be:f7:
76:07:42:3e:90:07:ae:03:7b:a2:cf:ac:03:81:98:
26:0b:b4:1a:89:62:d3:ed:e0:14:19:9e:ac:17:8a:
eb:a5:c0:fd:95:5b:7d:47:26:19:47:59:6e:ef:03:
9d:1b:e9:52:28:8d:b5:a8:5f:c1:c2:62:8e:52:50:
b8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C6:89:93:35:B6:D3:D7:E2:FE:7B:0D:27:41:0E:E0:05:34:CE:25
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QMaJkzW209fi_nsNJ0EO4AU0ziU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.189.0/24
195.177.92.0/24
195.177.95.0/24
195.211.189.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c9:86:21:02:a9:4f:83:bf:97:d2:af:cb:b1:c7:2a:42:ff:
9a:fe:8b:96:23:b9:0d:64:48:bc:5a:e5:62:46:8d:11:27:0b:
07:3a:e2:4f:af:46:77:4c:6f:69:5d:39:d2:af:dd:3a:3f:d2:
ca:dd:73:74:53:72:a1:10:cf:28:f8:4d:88:76:8a:75:ab:21:
50:1f:e4:81:40:a6:30:06:0d:ed:9a:f7:86:fe:23:c5:21:03:
5b:8f:1c:1a:31:20:39:39:69:95:2c:63:84:ff:f3:13:f9:6a:
61:53:f5:fd:96:be:e7:38:95:3f:52:24:51:f8:cf:9e:f0:fb:
bc:8f:74:46:6a:1f:ab:a6:ed:27:a3:d6:5e:c9:a6:c0:74:63:
00:31:1f:a5:70:91:87:04:18:7c:80:f2:ca:fc:b7:70:dd:a5:
d5:b5:8a:12:6f:8f:1c:4b:9b:90:07:b5:0a:a4:09:70:42:c9:
8a:aa:f7:7c:7c:3c:e1:a5:5b:18:2c:a5:30:b7:bf:9b:1c:78:
be:f0:78:bd:b1:7d:98:6e:42:0f:ac:31:2e:7e:ec:25:13:ce:
20:60:10:1c:b0:20:c2:ab:ed:99:64:60:dc:58:85:37:2b:5c:
b7:bd:8e:b2:c6:2b:75:52:fa:09:f5:c0:72:4f:dd:21:06:c0:
0f:44:6a:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZnRc8+jOkjfpkr4q/XSSm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNDI0MTAwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM2ODk5MzM1YjZkM2Q3ZTJmZTdiMGQyNzQxMGVlMDA1MzRjZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgonDupNTGVuR36e2mk3xcaRQtbl
XhDRPng3kbMp2eQhu6w3DLp1fxZoDsF/6iEs7EYJPzq3dCNXS+k5HqlBsBYB4ZIe
MKyWRwHvyxhxDnewaVSBFAeq6HgJ3Sf3iCbqH9XOScIlfnmwP5Sh/Ju1p125tncr
WOjfd/zHZG2CPLar+YPlIH9dKG7MbhmhwTOPnh7cWtN+/cQNQ8gISeSpM2tAlzzv
leBiXDMH8f5EOn1v3ZB6ZBd2rY2wZK/CmbKmvvd2B0I+kAeuA3uiz6wDgZgmC7Qa
iWLT7eAUGZ6sF4rrpcD9lVt9RyYZR1lu7wOdG+lSKI21qF/BwmKOUlC4BQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEDGiZM1ttPX4v57DSdBDuAFNM4lMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUU1hSmt6VzIwOWZpX25zTkowRU80QVUwemlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ29AwQA
w7FcAwQAw7FfAwQAw9O9MA0GCSqGSIb3DQEBCwUAA4IBAQBVyYYhAqlPg7+X0q/L
sccqQv+a/ouWI7kNZEi8WuViRo0RJwsHOuJPr0Z3TG9pXTnSr906P9LK3XN0U3Kh
EM8o+E2Idop1qyFQH+SBQKYwBg3tmveG/iPFIQNbjxwaMSA5OWmVLGOE//MT+Wph
U/X9lr7nOJU/UiRR+M+e8Pu8j3RGah+rpu0no9ZeyabAdGMAMR+lcJGHBBh8gPLK
/Ldw3aXVtYoSb48cS5uQB7UKpAlwQsmKqvd8fDzhpVsYLKUwt7+bHHi+8Hi9sX2Y
bkIPrDEufuwlE84gYBAcsCDCq+2ZZGDcWIU3K1y3vY6yxit1UvoJ9cByT90hBsAP
RGqm
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:57:53 2025 by rpki-client